InfinityQuest - Programming Code Tutorials and Examples with Python, C++, Java, PHP, C#, JavaScript, Swift and more

Menu
  • Home
  • Sitemap

Python Programming Language Best Tutorials and Code Examples

Learn Python Right Now!
Home
PHP
Encrypting Email with GPG in PHP
PHP

Encrypting Email with GPG in PHP

InfinityCoder December 21, 2016

You want to send encrypted email messages. For example, you take orders on your website and need to send an email to your factory with order details for processing.

By encrypting the email message, you prevent sensitive data such as credit card numbers from passing over the network in the clear.

Use the functions provided by the gnupg extension to encrypt the body of the email message with GNU Privacy Guard (GPG) before sending it:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
$plaintext_body = 'Some sensitive order data';
$recipient = 'ordertaker@example.com';
 
$g = gnupg_init();
gnupg_seterrormode($g, GNUPG_ERROR_WARNING);
// Fingerprint of the recipient's key
$a = gnupg_addencryptkey($g, "5495F0CA9C8F30A9274C2259D7EBE8584CEF302B");
// Fingerprint of the sender's key
$b = gnupg_addsignkey($g, "520D5FC5C85EF4F4F9D94E1C1AF1F7C5916FC221",
                "passphrase");
 
$encrypted_body = gnupg_encryptsign($g, $plaintext_body);
 
mail($recipient, 'Web Site Order', $encrypted_body);

The email message can be decrypted by GPG, Pretty Good Privacy (PGP), or an email client plug-in that supports either program.

The code in the Solution uses PHP’s gnupg extension, which, in turn, relies on the GPGME library, in order to perform OpenPGP-standard operations to encrypt and sign a message.
The resource returned by gnupg_init() is used in the rest of the function calls as a container for the specific settings related to the encryption we’re doing.

Next, gnupg_seterrormode($g, GNUPG_ERROR_WARNING) ensures that we’ll get some PHP warnings
generated if there are problems with any GnuPG operations.
This example encrypts and signs a message. The encryption ensures that only the desired recipient can decrypt and read the message. The signature lets the recipient be sure that this sender sent the message.
The key fingerprint passed to gnupg_addencryptkey() specifies which key should be used to encrypt the message.

Only someone with access to the private key associated with this fingerprint will be able to decrypt the message.
The key fingerprint passed to gnupg_addsignkey() specifies which key should be used to sign the message. The third argument to gnupg_addsignkey() is the passphrase associated with this private key.
The functions in the gnupg extension look for keys in the same place that the commandline gpg executable does: a directory named .gnupg under your home directory (or under the home directory of the user that PHP is running as).

To tell PHP to look in a different place for keys, set the GNUPGHOME environment variable to the desired directory.
After the keys have been set on the gnupg resource, the call to gnupg_encryptsign() produces the encrypted, signed message. By default, this value is “armored” as plain ASCII.
If you need to identify the correct fingerprint to pass to gnupg_addencryptkey() or gnupg_addsignkey(), use gnupg_keyinfo(), as shown here:

1
2
3
4
5
6
7
8
9
10
11
12
$email = 'friend@example.com';
 
$g = gnupg_init();
$keys = gnupg_keyinfo($g, $email);
if (count($keys) == 1) {
   $fingerprint = $keys[0]['subkeys'][0]['fingerprint'];
   print "Fingerprint for $email is $fingerprint";
}
else {
   print "Expected 1, found " . count($keys) .
       " keys for $email";
}

Given a gnupg resource and a search string, gnupg_keyinfo() returns an array containing information about each key in the keyring whose UID (or part of a UID) matches the search string.

Each element in that returned array is itself an array composed of many elements and subarrays describing lots of per-key information.

The finger print key of the first element of the subkeys array gives us the appropriate value to pass to other gnupg functions.

Share
Tweet
Email
Prev Article
Next Article

Related Articles

Exposing Clean Resource Paths in PHP
You want your URLs to look clean and not include …

Exposing Clean Resource Paths in PHP

Program: HTTP Range in PHP
The program in Example 8-22 implements the HTTP Range feature, …

Program: HTTP Range in PHP

About The Author

InfinityCoder
InfinityCoder

Leave a Reply

Cancel reply

Recent Tutorials InfinityQuest

  • Adding New Features to bash Using Loadable Built-ins in bash
    Adding New Features to bash Using Loadable …
    June 27, 2017 0
  • Getting to the Bottom of Things in bash
    Getting to the Bottom of Things in …
    June 27, 2017 0

Recent Comments

  • fer on Turning a Dictionary into XML in Python
  • mahesh on Turning a Dictionary into XML in Python

Categories

  • Bash
  • PHP
  • Python
  • Uncategorized

InfinityQuest - Programming Code Tutorials and Examples with Python, C++, Java, PHP, C#, JavaScript, Swift and more

About Us

Start learning your desired programming language with InfinityQuest.com.

On our website you can access any tutorial that you want with video and code examples.

We are very happy and honored that InfinityQuest.com has been listed as a recommended learning website for students.

Popular Tags

binary data python CIDR convert string into datetime python create xml from dict python dictionary into xml python how to create xml with dict in Python how to write binary data in Python IP Address read binary data python tutorial string as date object python string to datetime python

Archives

  • June 2017
  • April 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
Copyright © 2021 InfinityQuest - Programming Code Tutorials and Examples with Python, C++, Java, PHP, C#, JavaScript, Swift and more
Programming Tutorials | Sitemap