Decrypting files using GnuPG (GPG) via PHP

By: Darrell Brogdon

Decrypting an encrypted file with PHP and GnuPG can be a bit more complex than encrypting, since you are required to provide a GnuPG passphrase. The solution to having to type the passphrase every time the script is run lies in a handy little gpg switch called --passphrase-fd. This switch tells GnuPG to accept the passphrase from a file descriptor, which means that you can echo the passphrase and pipe the output to gpg, as seen in the following example.

<?php 

    $gpg = '/usr/bin/gpg'; 

    $passphrase = 'My secret pass phrase.'; 

    $encrypted_file = 'foo.gpg'; 

    $unencrypted_file = 'foo.txt'; 



    echo shell_exec("echo $passphrase | $gpg --passphrase-fd 0 -o $unencrypted_file -d $encrypted_file"); 

?>

This script tells gpg to accept the passphrase from STDIN (indicated by the 0 following the switch) and decrypt the information into a file named "foo.txt".

As with encrypting information, you can leave off the -oswitch to gpg and let the decrypted data be captured inside a variable.

It should be noted that the -o switch should always come before the -d switch.

Most Viewed Articles (in PHP )

Different versions of PHP - History and evolution of PHP

use() in PHP

Using PEAR::Crypt_HMAC in PHP

Find Difference between two dates in PHP

Anonymous functions as properties in Classes in PHP

HTML table output using Nested for loops in PHP

Here-docs (<<<) in PHP

PHP file upload prompts authentication for anonymous users

Cannot load /usr/local/apache/libexec/libphp4.so into server: ld.so.1:......

Building a Video Sharing Site using PHP in AWS

PHP 5.1.4 INSTALLATION on Solaris 9 (Sparc)