Decrypting files using GnuPG (GPG) via PHP

By: Darrell Brogdon Printer Friendly Format

Decrypting an encrypted file with PHP and GnuPG can be a bit more complex than encrypting, since you are required to provide a GnuPG passphrase. The solution to having to type the passphrase every time the script is run lies in a handy little gpg switch called --passphrase-fd. This switch tells GnuPG to accept the passphrase from a file descriptor, which means that you can echo the passphrase and pipe the output to gpg, as seen in the following example.

<?php 

    $gpg = '/usr/bin/gpg'; 

    $passphrase = 'My secret pass phrase.'; 

    $encrypted_file = 'foo.gpg'; 

    $unencrypted_file = 'foo.txt'; 



    echo shell_exec("echo $passphrase | $gpg --passphrase-fd 0 -o $unencrypted_file -d $encrypted_file"); 

?>

This script tells gpg to accept the passphrase from STDIN (indicated by the 0 following the switch) and decrypt the information into a file named "foo.txt".

As with encrypting information, you can leave off the -oswitch to gpg and let the decrypted data be captured inside a variable.

It should be noted that the -o switch should always come before the -d switch.

Most Viewed Articles (in PHP )

Parent: child process exited with status 3221225477 -- Restarting

Different versions of PHP - History and evolution of PHP

extract() in PHP

GDBM, NDBM, DB2, DB3, DBM, and CDB Databases in PHP

Convert a hex string into a 32-bit IEEE 754 float number in PHP

The new keyword and constructors in PHP

Using Text file as database in PHP

.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable

Counting Lines, Paragraphs, or Records in a File using pc_split_paragraphs() in PHP

Reading and Writing .gz files in PHP

Decrypting files using GnuPG (GPG) via PHP