Tuesday, March 19, 2002, 2:51:33 PM, Alexander wrote: AS> Well, use GnuPG. Then you can use "PGP". And what you stated above is
Just some advice if you go with GPG and you don't have root/chown access. Since you'll create your keyring under your user, you'll likely have to run PHP as a CGI so that it has access to your keyrings and can use a temp file. You might get around this by making your keyrings group-readable (for the PHP-user), but obviously w/ that *any* PHP user on your server could potentially access your private key. Then again, if you only need to /send/ encrypted messages and you don't include the server's key in the recipient list, it's no big deal because the worst they could do is send messages to people signed as your server. They couldn't get the data. In windows I found the easiest way to decode GPG-ed email from the server was to install PGP6.5, the Bat! email client and generate a key w/o using the IDEA algorithm. Import this pub key into GPG on the server. There are GPG tools for windows but I found Win mail clients still don't support GPG anywhere near as much as PGP. The Bat! can use GPG to decrypt fine, but you have to enter your username and passphrase for EVERY message. The Bat!s PGP plugin allows uid/passphrase cacheing for a specified period of time, which was enough for me to switch. A snippet of the code I'm using to encrypt: //this already has the plaintext message $plainfile = "/home/me/.gnupg/temp/".$this->hash.'plain'; //this will be created having the encrypted version $gpgedfile = "/home/me/.gnupg/temp/".$this->hash.'gpg'; //shell command to call gpg $command = "gpg -e -q --no-secmem-warning "; //encrypt for my array of recipients foreach ($this->recipients as $recipient) { $command .= "-r '$recipient' "; } //target will be ascii-armored and stderr sent to stdout $command .= "-ao '$gpgedfile' '$plainfile' 2>&1"; //environment variable for GPG putenv("GNUPGHOME=/home/me/.gnupg"); //execute command $this->error = exec($command); //check error / read in $gpgedfile, unlink the files.. Hope this helps.. Steve -- [EMAIL PROTECTED] ** http://mrclay.org -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php