Decrypting files using GnuPG (GPG) via PHP

By: Darrell Brogdon Printer Friendly Format

Decrypting an encrypted file with PHP and GnuPG can be a bit more complex than encrypting, since you are required to provide a GnuPG passphrase. The solution to having to type the passphrase every time the script is run lies in a handy little gpg switch called --passphrase-fd. This switch tells GnuPG to accept the passphrase from a file descriptor, which means that you can echo the passphrase and pipe the output to gpg, as seen in the following example.

<?php 

    $gpg = '/usr/bin/gpg'; 

    $passphrase = 'My secret pass phrase.'; 

    $encrypted_file = 'foo.gpg'; 

    $unencrypted_file = 'foo.txt'; 



    echo shell_exec("echo $passphrase | $gpg --passphrase-fd 0 -o $unencrypted_file -d $encrypted_file"); 

?>

This script tells gpg to accept the passphrase from STDIN (indicated by the 0 following the switch) and decrypt the information into a file named "foo.txt".

As with encrypting information, you can leave off the -oswitch to gpg and let the decrypted data be captured inside a variable.

It should be noted that the -o switch should always come before the -d switch.

Most Viewed Articles (in PHP )

The new keyword and constructors in PHP

Using Codeigniter for PHP application development

PHP pages does not display in IIS 6 with Windows 2003

Function to return number of digits of an integer in PHP

The Object (compound) Type in PHP

History and origin of PHP

Getting Started with PHP

.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable

Different versions of PHP - History and evolution of PHP

Variables in PHP

isset() function in PHP