gnupg Functions
Introduction
This module allows you to interact with » gnupg.
Requirements
The gnupg extension requires PHP 4.3. To use this extension in an OO style, PHP 5 is required.
This extension requires the » gpgme library
Installation
The gnupg-extension is not bundled with PHP. It is a » PECL extension and can be located here: » https://pecl.php.net/package/gnupg.
Predefined Constants
- GNUPG_SIG_MODE_NORMAL (integer)
- GNUPG_SIG_MODE_DETACH (integer)
- GNUPG_SIG_MODE_CLEAR (integer)
- GNUPG_VALIDITY_UNKNOWN (integer)
- GNUPG_VALIDITY_UNDEFINED (integer)
- GNUPG_VALIDITY_NEVER (integer)
- GNUPG_VALIDITY_MARGINAL (integer)
- GNUPG_VALIDITY_FULL (integer)
- GNUPG_VALIDITY_ULTIMATE (integer)
- GNUPG_PROTOCOL_OpenPGP (integer)
- GNUPG_PROTOCOL_CMS (integer)
- GNUPG_SIGSUM_VALID (integer)
- GNUPG_SIGSUM_GREEN (integer)
- GNUPG_SIGSUM_RED (integer)
- GNUPG_SIGSUM_KEY_REVOKED (integer)
- GNUPG_SIGSUM_KEY_EXPIRED (integer)
- GNUPG_SIGSUM_KEY_MISSING (integer)
- GNUPG_SIGSUM_SIG_EXPIRED (integer)
- GNUPG_SIGSUM_CRL_MISSING (integer)
- GNUPG_SIGSUM_CRL_TOO_OLD (integer)
- GNUPG_SIGSUM_BAD_POLICY (integer)
- GNUPG_SIGSUM_SYS_ERROR (integer)
- GNUPG_ERROR_WARNING (integer)
- GNUPG_ERROR_EXCEPTION (integer)
- GNUPG_ERROR_SILENT (integer)
Notes
This extension makes use of the keyring of the current user. This keyring is normally located in ~./.gnupg/. To specify a custom location, store the path to the keyring in the environment variable GNUPGHOME. See putenv for more information how to do this.
Some functions require the specification of a key. This specification can be anything that refers to an unique key (userid, key-id, fingerprint, ...). This documentation uses the fingerprint in all examples.
keylistiterator
This extension also comes with an Iterator for your keyring.
<?php
// create a new iterator for listing all public keys that matches 'example'
$iterator = new gnupg_keylistiterator("example");
foreach($iterator as $fingerprint => $userid){
echo $fingerprint." -> ".$userid."\n";
}
?>
Examples
This example will clearsign a given text.
Example#1 gnupg clearsign example (procedural)
<?php
// init gnupg
$res = gnupg_init();
// not really needed. Clearsign is default
gnupg_setsignmode($res,GNUPG_SIG_MODE_CLEAR);
// add key with passphrase 'test' for signing
gnupg_addsignkey($res,"8660281B6051D071D94B5B230549F9DC851566DC","test");
// sign
$signed = gnupg_sign($res,"just a test");
echo $signed;
?>
Example#2 gnupg clearsign example (OO)
<?php
// new class
$gnupg = new gnupg();
// not really needed. Clearsign is default
$gnupg->setsignmode(gnupg::SIG_MODE_CLEAR);
// add key with passphrase 'test' for signing
$gnupg->addsignkey("8660281B6051D071D94B5B230549F9DC851566DC","test");
// sign
$signed = $gnupg->sign("just a test");
echo $signed;
?>
Table of Contents
- gnupg_adddecryptkey — Add a key for decryption
- gnupg_addencryptkey — Add a key for encryption
- gnupg_addsignkey — Add a key for signing
- gnupg_cleardecryptkeys — Removes all keys which were set for decryption before
- gnupg_clearencryptkeys — Removes all keys which were set for encryption before
- gnupg_clearsignkeys — Removes all keys which were set for signing before
- gnupg_decrypt — Decrypts a given text
- gnupg_decryptverify — Decrypts and verifies a given text
- gnupg_encrypt — Encrypts a given text
- gnupg_encryptsign — Encrypts and signs a given text
- gnupg_export — Exports a key
- gnupg_geterror — Returns the errortext, if a function fails
- gnupg_getprotocol — Returns the currently active protocol for all operations
- gnupg_import — Imports a key
- gnupg_keyinfo — Returns an array with information about all keys that matches the given pattern
- gnupg_setarmor — Toggle armored output
- gnupg_seterrormode — Sets the mode for error_reporting
- gnupg_setsignmode — Sets the mode for signing
- gnupg_sign — Signs a given text
- gnupg_verify — Verifies a signed text