Examples
The following examples assume you have created a key following the instructions for generating a key that can both encrypt and sign data. The example key has a user id of test@example.com and a passphrase of test. All signature data is fictitious, but is formatted like real signature data.
Signing a Package File
<?php
require_once 'Crypt/GPG.php';
$gpg = new Crypt_GPG();
$gpg->addSignKey('test@example.com', 'test');
$signature = $gpg->signFile($filename, Crypt_GPG::SIGN_MODE_DETACHED);
echo "Package signature is: ", $signature, "\n";
?>
Verifying a Signed File
<?php
require_once 'Crypt/GPG.php';
$signature = <<<DATA
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQBIl9Tf6ZWCktsVoskRAoAKAJ9VkbFDTSGY2ygaEGBcMOE8Or9puwCgppYm
0qq0bhtw5vsi0cJF5oC52RY=
=VfxI
-----END PGP SIGNATURE-----
DATA;
$gpg = new Crypt_GPG();
$signatures = $gpg->verifyFile($filename, $signature);
if ($signatures[0]->isValid()) {
echo "Package is valid.\n";
} else {
echo "Package is invalid!\n";
}
?>
Encrypting a File From the Web
<?php
require_once 'Crypt/GPG.php';
$gpg = new Crypt_GPG();
$gpg->addEncryptKey('test@example.com');
// you can use any fopen-able stream
$gpg->encryptFile('http://example.com/file.html', '~/file.html.asc');
?>
Encrypting Credit Card Numbers
<?php
require_once 'Crypt/GPG.php';
// ... connect to database ...
$card_number = '411111111111';
$card_type = 'visa';
$gpg = new Crypt_GPG();
$gpg->addEncryptKey('test@example.com');
$encrypted = $gpg->encrypt($card_number);
$sql = sprintf('insert into payments (card_type, card_number) ' .
'values (%s, %s)',
mysql_real_escape_string($card_type),
mysql_real_escape_string($encrypted));
mysql_exec($sql);
?>
Decrypting Credit Card Numbers
<?php
require_once 'Crypt/GPG.php';
// ... connect to database ...
$gpg = new Crypt_GPG();
$gpg->addDecryptKey('test@example.com', 'test');
$sql = 'select card_type, card_number from payments';
$rs = mysql_query($sql);
while ($row = mysql_fetch_object($rs)) {
echo "Card type: ", $row->card_type, "\n";
echo "Card number: ", $gpg->decrypt($row->card_number), "\n";
}
?>
Publishing a Public Key
<?php
require_once 'Crypt/GPG.php';
$gpg = new Crypt_GPG();
echo "My public key is: ", $gpg->exportPublicKey('test@example.com'), "\n";
echo "My key fingerprint is: ",
$gpg->getFingerprint('test@example.com', Crypt_GPG::FORMAT_CANONICAL), "\n";
?>
Clearsigning a Message
<?php
require_once 'Crypt/GPG.php';
$data = 'Hello, World!';
$gpg = new Crypt_GPG();
$gpg->addSignKey('test@example.com', 'test');
$signedData = $gpg->sign($data, Crypt_GPG::SIGN_MODE_CLEAR);
echo "Clearsigned message is: ", $signedData, "\n";
?>
Verifying a Clearsigned Message
<?php
require_once 'Crypt/GPG.php';
$signedData = <<<DATA
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello, World!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIl9Sb6ZWCktsVoskRArWDAJ9D5mq6p+4JnBy11OaAhnIA+uRSSACgoM5T
WcUHQ9pKf9PvNUn1Izy6c9E=
=k8+7
-----END PGP SIGNATURE-----
DATA;
$gpg = new Crypt_GPG();
$signatures = $gpg->verify($signedData);
if ($signatures[0]->isValid()) {
echo "Message is valid.\n";
} else {
echo "Message is invalid!\n";
}
?>