Re: [PHP] Decrypting data with GnuPG
From the GnuPG docs: --passphrase-fd n Read the passphrase from file descriptor n. If you use 0 for n, the passphrase will be read from stdin. This can only be used if only one passphrase is supplied. Don't use this option if you can avoid it. I added --passphrase-fd 0 to my command so the passphrase should normally be read from stdin (according to the docs), but it still does not work. Any idea? I am unfortunately not familiar with C code, so I can difficultly find solutions to my problems by reading the GnuPG source. Thanks! Pierre-Luc Evan Nemerson wrote: GnuPG doesn't use stdin to read the password, which is where you're sending it. It uses a more low-level interface (check out the below link if you're interested) where they interact directly with the virtual console. Try piping to your command- that won't work either echo $PASSPHRASE | \ /usr/bin/gpg \ --homedir=/path/to/.gnupg \ --no-secmem-warning \ --always-trust \ --yes \ --output /path/to/output.txt \ --decrypt /path/to/testtext.asc GnuPG source code for TTY I/O: http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/*checkout*/gnupg/util/ttyio.c?rev=1.28content-type=text/plain On Wed, 2003-05-28 at 16:14, Pierre-Luc Soucy wrote: Hi, I would like to decrypt data encoded with GnuPG without including the private key passphrase in the command to prevent people from viewing it with ps. Here is the code I wrote: $command = /usr/bin/gpg --homedir=/path/to/.gnupg --no-secmem-warning --always-trust --yes --output /path/to/output.txt --decrypt /path/to/testtext.asc; $passphrase = '***'; $fp = popen($command, 'w+'); fputs($fp, $passphrase); pclose($fp); print Done; exit; == I assumed that the fputs() function would write the passphrase at the prompt, but that doesn't seem to be the case - the command does not create the output.txt file when ran by the PHP program (which is running as a CGI under my user BTW) while it works when ran from the shell. Any idea why? Thanks! Pierre-Luc Soucy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Decrypting data with GnuPG
Are you appending a newline to your passphrase? $passphrase = my gnupg passphrase\n; On Thursday 29 May 2003 06:56 am, you wrote: From the GnuPG docs: --passphrase-fd n Read the passphrase from file descriptor n. If you use 0 for n, the passphrase will be read from stdin. This can only be used if only one passphrase is supplied. Don't use this option if you can avoid it. I added --passphrase-fd 0 to my command so the passphrase should normally be read from stdin (according to the docs), but it still does not work. Any idea? I am unfortunately not familiar with C code, so I can difficultly find solutions to my problems by reading the GnuPG source. Thanks! Pierre-Luc Evan Nemerson wrote: GnuPG doesn't use stdin to read the password, which is where you're sending it. It uses a more low-level interface (check out the below link if you're interested) where they interact directly with the virtual console. Try piping to your command- that won't work either echo $PASSPHRASE | \ /usr/bin/gpg \ --homedir=/path/to/.gnupg \ --no-secmem-warning \ --always-trust \ --yes \ --output /path/to/output.txt \ --decrypt /path/to/testtext.asc GnuPG source code for TTY I/O: http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/*checkout*/gnupg/util/ttyio.c?re v=1.28content-type=text/plain On Wed, 2003-05-28 at 16:14, Pierre-Luc Soucy wrote: Hi, I would like to decrypt data encoded with GnuPG without including the private key passphrase in the command to prevent people from viewing it with ps. Here is the code I wrote: $command = /usr/bin/gpg --homedir=/path/to/.gnupg --no-secmem-warning --always-trust --yes --output /path/to/output.txt --decrypt /path/to/testtext.asc; $passphrase = '***'; $fp = popen($command, 'w+'); fputs($fp, $passphrase); pclose($fp); print Done; exit; == I assumed that the fputs() function would write the passphrase at the prompt, but that doesn't seem to be the case - the command does not create the output.txt file when ran by the PHP program (which is running as a CGI under my user BTW) while it works when ran from the shell. Any idea why? Thanks! Pierre-Luc Soucy -- Cats are intended to teach us that not everything in nature has a function. -Garrison Keillor -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Decrypting data with GnuPG
I just tried, but that didn't correct the problem - the output.txt file is still not generated: ? $command = /usr/bin/gpg --homedir=/path/to/homedir/.gnupg --no-secmem-warning --passphrase-fd 0 --always-trust --yes --output /path/to/homedir/.gpgkeys/temp/output.txt --decrypt /path/to/homedir/.gpgkeys/temp/testtext.asc; $passphrase = 'MY_PASSPHRASE'.\n; $fp = popen($command, 'w+'); fputs($fp, $passphrase); fputs($fp, $passphrase); pclose($fp); print Done; exit; ? Regards, Pierre-Luc Evan Nemerson wrote: Are you appending a newline to your passphrase? $passphrase = my gnupg passphrase\n; On Thursday 29 May 2003 06:56 am, you wrote: From the GnuPG docs: --passphrase-fd n Read the passphrase from file descriptor n. If you use 0 for n, the passphrase will be read from stdin. This can only be used if only one passphrase is supplied. Don't use this option if you can avoid it. I added --passphrase-fd 0 to my command so the passphrase should normally be read from stdin (according to the docs), but it still does not work. Any idea? I am unfortunately not familiar with C code, so I can difficultly find solutions to my problems by reading the GnuPG source. Thanks! Pierre-Luc Evan Nemerson wrote: GnuPG doesn't use stdin to read the password, which is where you're sending it. It uses a more low-level interface (check out the below link if you're interested) where they interact directly with the virtual console. Try piping to your command- that won't work either echo $PASSPHRASE | \ /usr/bin/gpg \ --homedir=/path/to/.gnupg \ --no-secmem-warning \ --always-trust \ --yes \ --output /path/to/output.txt \ --decrypt /path/to/testtext.asc GnuPG source code for TTY I/O: http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/*checkout*/gnupg/util/ttyio.c?re v=1.28content-type=text/plain On Wed, 2003-05-28 at 16:14, Pierre-Luc Soucy wrote: Hi, I would like to decrypt data encoded with GnuPG without including the private key passphrase in the command to prevent people from viewing it with ps. Here is the code I wrote: $command = /usr/bin/gpg --homedir=/path/to/.gnupg --no-secmem-warning --always-trust --yes --output /path/to/output.txt --decrypt /path/to/testtext.asc; $passphrase = '***'; $fp = popen($command, 'w+'); fputs($fp, $passphrase); pclose($fp); print Done; exit; == I assumed that the fputs() function would write the passphrase at the prompt, but that doesn't seem to be the case - the command does not create the output.txt file when ran by the PHP program (which is running as a CGI under my user BTW) while it works when ran from the shell. Any idea why? Thanks! Pierre-Luc Soucy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Decrypting data with GnuPG
GnuPG doesn't use stdin to read the password, which is where you're sending it. It uses a more low-level interface (check out the below link if you're interested) where they interact directly with the virtual console. Try piping to your command- that won't work either echo $PASSPHRASE | \ /usr/bin/gpg \ --homedir=/path/to/.gnupg \ --no-secmem-warning \ --always-trust \ --yes \ --output /path/to/output.txt \ --decrypt /path/to/testtext.asc GnuPG source code for TTY I/O: http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/*checkout*/gnupg/util/ttyio.c?rev=1.28content-type=text/plain On Wed, 2003-05-28 at 16:14, Pierre-Luc Soucy wrote: Hi, I would like to decrypt data encoded with GnuPG without including the private key passphrase in the command to prevent people from viewing it with ps. Here is the code I wrote: $command = /usr/bin/gpg --homedir=/path/to/.gnupg --no-secmem-warning --always-trust --yes --output /path/to/output.txt --decrypt /path/to/testtext.asc; $passphrase = '***'; $fp = popen($command, 'w+'); fputs($fp, $passphrase); pclose($fp); print Done; exit; == I assumed that the fputs() function would write the passphrase at the prompt, but that doesn't seem to be the case - the command does not create the output.txt file when ran by the PHP program (which is running as a CGI under my user BTW) while it works when ran from the shell. Any idea why? Thanks! Pierre-Luc Soucy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Decrypting data with GnuPG
Hi, Does that mean that there is no way to achieve this with PHP and that I should rather use the --passphrase-fd argument? Thanks, Pierre-Luc Evan Nemerson wrote: GnuPG doesn't use stdin to read the password, which is where you're sending it. It uses a more low-level interface (check out the below link if you're interested) where they interact directly with the virtual console. Try piping to your command- that won't work either echo $PASSPHRASE | \ /usr/bin/gpg \ --homedir=/path/to/.gnupg \ --no-secmem-warning \ --always-trust \ --yes \ --output /path/to/output.txt \ --decrypt /path/to/testtext.asc GnuPG source code for TTY I/O: http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/*checkout*/gnupg/util/ttyio.c?rev=1.28content-type=text/plain On Wed, 2003-05-28 at 16:14, Pierre-Luc Soucy wrote: Hi, I would like to decrypt data encoded with GnuPG without including the private key passphrase in the command to prevent people from viewing it with ps. Here is the code I wrote: $command = /usr/bin/gpg --homedir=/path/to/.gnupg --no-secmem-warning --always-trust --yes --output /path/to/output.txt --decrypt /path/to/testtext.asc; $passphrase = '***'; $fp = popen($command, 'w+'); fputs($fp, $passphrase); pclose($fp); print Done; exit; == I assumed that the fputs() function would write the passphrase at the prompt, but that doesn't seem to be the case - the command does not create the output.txt file when ran by the PHP program (which is running as a CGI under my user BTW) while it works when ran from the shell. Any idea why? Thanks! Pierre-Luc Soucy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php