<?
$command = "/usr/bin/gpg --homedir=/path/to/homedir/.gnupg --no-secmem-warning --passphrase-fd 0 --always-trust --yes --output /path/to/homedir/.gpgkeys/temp/output.txt --decrypt /path/to/homedir/.gpgkeys/temp/testtext.asc";
$passphrase = 'MY_PASSPHRASE'."\n";
$fp = popen($command, 'w+'); fputs($fp, $passphrase); fputs($fp, $passphrase); pclose($fp);
print "Done"; exit; ?>
Regards,
Pierre-Luc
Evan Nemerson wrote:
Are you appending a newline to your passphrase?
$passphrase = "my gnupg passphrase\n";
On Thursday 29 May 2003 06:56 am, you wrote:
From the GnuPG docs:
--passphrase-fd n
Read the passphrase from file descriptor n. If you use 0 for n, the passphrase will be read from stdin. This can only be used if only one passphrase is supplied. Don't use this option if you can avoid it.
I added --passphrase-fd 0 to my command so the passphrase should normally be read from stdin (according to the docs), but it still does not work. Any idea? I am unfortunately not familiar with C code, so I can difficultly find solutions to my problems by reading the GnuPG source.
Thanks!
Pierre-Luc
Evan Nemerson wrote:
GnuPG doesn't use stdin to read the password, which is where you're sending it. It uses a more low-level interface (check out the below link if you're interested) where they interact directly with the virtual console.
Try piping to your command- that won't work either
echo $PASSPHRASE | \ /usr/bin/gpg \ --homedir=/path/to/.gnupg \ --no-secmem-warning \ --always-trust \ --yes \ --output /path/to/output.txt \ --decrypt /path/to/testtext.asc
GnuPG source code for TTY I/O: http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/*checkout*/gnupg/util/ttyio.c?re v=1.28&content-type=text/plain
On Wed, 2003-05-28 at 16:14, Pierre-Luc Soucy wrote:
Hi,
I would like to decrypt data encoded with GnuPG without including the private key passphrase in the command to prevent people from viewing it with "ps".
Here is the code I wrote:
==== $command = "/usr/bin/gpg --homedir=/path/to/.gnupg --no-secmem-warning --always-trust --yes --output /path/to/output.txt --decrypt /path/to/testtext.asc"; $passphrase = '***********';
$fp = popen($command, 'w+'); fputs($fp, $passphrase); pclose($fp);
print "Done"; exit; ======
I assumed that the fputs() function would write the passphrase at the prompt, but that doesn't seem to be the case - the command does not create the output.txt file when ran by the PHP program (which is running as a CGI under my user BTW) while it works when ran from the shell.
Any idea why?
Thanks!
Pierre-Luc Soucy
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
