signing files from php script
Derek Vokey
turfdog@planetturf.ca
Mon, 22 Jan 2001 08:01:42 -0800
try
$pipe = "/usr/bin/gpg -o output_file --homedir path/to/gnupg";
$fd=popen($pipe,"w");
fwrite($fd,$msg);
fclose($fd);
----- Original Message -----
From: "Juan Antonio Martinez" <jantonio@dit.upm.es>
To: <gnupg-users@gnupg.org>
Sent: Monday, January 22, 2001 4:24 AM
Subject: signing files from php script
> I'm trying to auto signing mail messages from a cgi-php3 script.
> My function seems like this one:
>
> ----------------------------
> function gnupg_sign($msg) {
> $fromfile=tempnam( $GLOBALS["TMPDIR"], "gpg" );
> $tofile=tempnam( $GLOBALS["TMPDIR"], "gpg" );
> $fd=fopen($fromfile,"w+");
> fwrite($fd,$msg);
> fclose($fd);
> $com=sprintf("echo %s | /usr/bin/gpg --homedir %s/gnupg
> --passphrase-fd 0 --default-key %s -q -o %s --clearsign
>
%s",getenv("PGP_PASSWD"),$GLOBALS["LOGDIR"],$GLOBALS["ADMIN_EMAIL"],$tofile,
$fromfile);
> system($com);
> $fd=fopen( $tofile , "r" );
> $msg=fread($fd,filesize($tofile));
> fclose($fd);
> // unlink($tofile);
> // unlink($fromfile);
> return $msg;
> }
>
> -------------------------------
>
> Problem: PHP3 strips "|" on system command to avoid attacks
> - Anybody knows the correct way to do this ?
> - Perhaps some hide method of passing passphrase to pgp?.
> If i use popen(), how can I specify the passphrase-fd "n" descriptor?
> Remember that I cannot use "0" as file descriptor number from an apache
> script, since gpg tries to open() /dev/tty that is not available
> - Any environment variable?
> - Any way to instruct gpg to auto-sign without prompting for a
> passphrase
>
> Thanks in advance
>
> Juan Antonio \|||/
> / _ _ \
> \ o o /
>
=========================o00o===U===o00o====================================
==
> Juan Antonio Martinez Universidad Politecnica de Madrid
> email: jantonio@dit.upm.es E.T.S.I Telecomunicacion
> http://www.dit.upm.es/~jantonio Ciudad Universitaria s/n
> Tel: 34-1-3367366 ext 416 Laboratorio de Programación. Desp
> A-127-2
> Fax: 34-1-3367333 28040 Madrid, Spain
>
============================================================================
==
> In the beginning.... was the command line
> - Neal Stephenson
>
> --
> Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
> with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
>
--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org