PHP gnupg 部分功能不工作
PHP gnupg part of functions are not working
我刚刚安装了 gnupg pecl 扩展和所需的库,我的 phpinfo();
中似乎启用了 gnupg
php-i | grep gnupg
/etc/php/7.3/cli/conf.d/20-gnupg.ini,
gnupg
gnupg support => enabled
当我尝试调用 gnupg_init() 时它成功了并给我资源 ID
但后来我尝试 gnupg_import 但它总是失败并且 return false
当我尝试在 shell 中执行命令时:gpg --import somekey.txt 它有效
这是我的测试 test.key:
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFxmhuYBEADLObpGfH0eQmrhF9Rs4FrYZ2D/QbiDk0TRY/M3aop2oYL8sjCE
hgIvQ9iKAkGydT0bY4pZpRZj5+HQVvDg6ps/7iXPX6RQUsS4SufvoAFUZLIXTla8
WTXC1fY+ZLV29H2NdzT1ZIh72xKquFV+hh0DuI16J1AYSoCrqx4FDZ9vfivCa3Qb
Xyao3B6BHdF9GqvjFWAjp45Fbg4voEPcbPvhoD40ilsO9PDx4/LTQu7afs8HKlAh
XtiyCEJBq/hyiRagLmt81ZpEbQXJiTkOylas1WsJdQpMfb9fTmwDSE0baqwoQUS0
y20w0+3+BKaIrDGu9ErSqG3qUO5sfolczvZZK7ccqfgYTBgvBECL3fA/5kMLh7/X
wgn7Hjw8NqpfwvuPCwQOlI4ovpGSsJceF9IqGauwQUFFHaHqRtah7lXHcw8od0iG
QIT+EIqvYOV19/g0QfZzFQePMSU/+ApkqcIL902TVMYPRcP/1CqcmQMIDdFFycdZ
AG27nDw514uJEh0x7HV9JdI3ZUWrwlMLq9wnVVwMgKGSfVJ/bp+irwydfZfcFmHo
5hvQDcOrM0xMYch8JZ47ZN+u91KjBQMO0QAz1RWYXFhqit9gHm4lIQ65P86VhbnB
ChWa/rYH8/d29lX69TR4IBitBcyaZwJfZuxPFvKrrG3ljt4RWEdVc/AOmQARAQAB
tAt0ZXN0aW5nIGtleYkCNgQTAQoAIAUCXGaG5gIbAwULCQgHAwUVCgkICwQWAgEA
Ah4BAheAAAoJEBeRbnwEwXF5sWQP/iQT4AQDVdyjfk+XyaFx2HITBvaM0SytIThj
qFzChBw7KB/W7MV957UOFLL9LgJfzHkllnFrzu55lz04F4IhpPtkc+BTCP0pZaSu
tLUBKSq27+MdLMQgAWJJvw28Rff066+KmeW/lIkGRQ5WQ5zR4UgV0xyWbZxzCrZQ
nY4oof9rYeXhBghLx80biks6hID5y5Sd4y4WIt2EBqN1je2G/H59uPb2fhjQmc34
HgGebU82TW80V0JHI6QweSrHD4ETv92y2ztfUOPhemS94L7ToWSgTXDZIOTzIGYn
zMMsNz94GZAKnD6M/Bm9OgBbO756Py49CKRTjIn+zUzK03hZMJGYpZL3FTHOVf4k
+zAlzUqNW/L3qULaK+ttm6y14L39DU0xOOEzU+7V1SOE8qpGQgGtq31D/Zj8i1Gm
ejd+22cC4o8nxTXS9G12PYMrOmJCTANJrNby7nXs+jFBj2VekwCv2VCF1bU2+oJI
IAI46+f6uozBnlTGDHo7/YWglvDrSQ7ComgPcBi0CLQOOzK9clZ1x4BlNBiZsmZc
ID4DLiVcQMZuULDvB80hGYjiCuDWswfyPr/Lc3I9IAJGWYthl9NYAb8pwlgaLRnF
l4Tg5VpLEjb2JysuDk33Nm5Nb8C1eCHIHM+UiG+yuz3nEhn1/HKVWHxJYdwwGT09
Hwmq0S2/uQINBFxmhuYBEAC4yaeZc87TtT3k40st0Chk6AqB2nXRbPCtVjxkZOba
0ucWv1mBDOh1+rzkQBp/xpXJWbvRksfCboX/wA2mbrVnKe9d3hMgmm0VNDZrG9he
dahfhj56oNd/b1UsT0c5zQTQaz4QmExjuL9UtVmS+HS8sMK33/64yeUSjva1iDKo
+i9nZ0Mi4xNfEzocqC9x1JoyhY0TyIhzZV1xpdyn055BaPMpa6owVbMNbZrc3/U/
dTHPqP0MZyTZa04uTwG69V2w0/Z4AzLrRQFaRBGbtPuUzw+WcOZ4Ijwb6vlmlwl0
N9o+k2HOwPUJ9CjTj6dN10NUWcVhu6ptwZ0Up9jUisqerSUQZ6wUGS/7awW4B1qi
0t5ahqXIPoHZzPfHPiDMzIQEVIM3NjmGz24gBRb58kuvgf3MC/KNaLRUEjoUMMh1
U+dS1+D49nMrdR+APsu1ZNYecVvky7//DgZMjUblPYfHs3kbhganyupHFPLCxSEO
gTe4zU9QnGOaoO6+sUBPhZyj8HLLwW5tiGQxhwRv46aSAvCBJvEw26bd43p8q+M0
ZhokekucpgaBqPAZ9CyOweIQ5UVOdwDiTDAzIfi73Zf7w+pt2J/qNKWirR21n0/J
mBZPqLLWpRRt3E9GHZUrxeht8qQGmDb1akDJWCNQjdxhhASSgN1CJyIOieUDud3/
WQARAQABiQIfBBgBCgAJBQJcZobmAhsMAAoJEBeRbnwEwXF5PJcP/3sZZinBNCtE
wfWe+vQ9raGO/wvqkBk/NMHx67Qqj90rbCHlERGcNdcq0ssz9HlPPCJIr51vDKJ0
2aPfWjJp/L7M+HmFJafOpyLeJq3F5CZ8QsfQ0g6hq/TiBilhDiL4xOSmpnarR8By
jHJ2KchLjuuxOfiNj3S95CrxV0RspssWNwl2zHHeDoYCvLI+4vSTwg9TD7wTvUbn
BQBh/o7tx+lCD/BQrjrXCHp7OQT9sHemkNB08M8qLCg6xA60F8JuJMTd24gkaXwE
/0cltdxExjJLPDyREnUVzfjNN3fi/fK2ujjmFJtixsjoqXWME2zmDT83Y5O7+qJy
D7t6DyaIc4y978xQUaey4KYo5zAVzB/GkOr1nqYbTiKb4vqpQXKEGviMH/Qjendm
1O75GbXlPu6zbZk4pbhEeXo2RAKfWWqzpy+9rH249ecfNixBavRe+bdk3W8L9Izi
vwY3kJO7DNRqAvmIjA+AgxNtCgRgGFEmwKfWB5q0NjCIxmiOGZKhpSOO+NPPqut8
rW/dglT0SccTE95Y4UDkS6MdM7W66306+6d78zTneglnqx/z8RPlLsJfzKicmOeY
jWqp2SlPkn0nF1d+NXUepjF3/NWjvKpfeQfZIiOXZKdfuPVaUcjVbpBCuxQnUcLg
Epd4OakW3tIP+3vqfv0nJ+weizFNq5Tj
=wIHb
-----END PGP PUBLIC KEY BLOCK-----
在我的 Web 应用程序中使用 gpg 之前,我是否必须以某种方式对其进行初始化?请给我指出正确的方向
通过指纹导出之前导入的密钥:
gpg --export --armor B4A57058391D51C5853BBFA317916E7C04C17179 > /var/www/test/test.key
下面是我的 test.php:
<?php
$key=file_get_contents('/var/www/test/test.key');
$gpg=gnupg_init();
print_r($gpg); //returns Resource id #7
$res=gnupg_import($gpg, $key);
print_r($res); //returns empty string
var_dump($res); //returns (bool)false
$er=gnupg_geterror($gpg);
var_dump($er); //return (bool)false
?>
p.s。使用 nginx+php7.3-fpm 和 gpg 1.4.23
我的 gnupg homedir 在 /var/www/.gnupg 属于 nginx/php 用户并且需要 previleges 600/700
这里可能有换行错误,因为您发布的是密钥内容而不是实际的密钥文件。请将该字段替换为上传文件字段,它应该不会导致换行问题(只要您没有编辑导出的密钥,但我会再次导出它们,只是为了确保)
我刚试过,装甲和普通 public 导出的文件都可以在 gnupg_import 上正常工作。我试过的代码:
//gpg --export --armor 4E8D5B22A24A1CFFA5BD2E771A9A0D703BDDF81B > public-armor.key
$PublicData = file_get_contents('public-armor.key');
$res=gnupg_import($gpg, $PublicData);
var_dump($res);
$er=gnupg_geterror($gpg);
var_dump($er);
我的输出:
array(9) {
'imported' =>
int(0)
'unchanged' =>
int(1)
'newuserids' =>
int(0)
'newsubkeys' =>
int(0)
'secretimported' =>
int(0)
'secretunchanged' =>
int(0)
'newsignatures' =>
int(0)
'skippedkeys' =>
int(0)
'fingerprint' =>
string(40) "4E8D5B22A24A1CFFA5BD2E771A9A0D703BDDF81B"
}
/tmp/so_5469155777_test_php_gnupg.php:12:
bool(false)
编辑:我只是在 DO droplet 上试了一下以确认错误,虽然它很奇怪但它确实存在。
请将您的密钥开头修改为:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1
至:
-----BEGIN PGP PUBLIC KEY BLOCK-----
一切都会很好地工作。 (是的,只需从中删除版本信息)
我刚刚安装了 gnupg pecl 扩展和所需的库,我的 phpinfo();
中似乎启用了 gnupgphp-i | grep gnupg
/etc/php/7.3/cli/conf.d/20-gnupg.ini,
gnupg
gnupg support => enabled
当我尝试调用 gnupg_init() 时它成功了并给我资源 ID 但后来我尝试 gnupg_import 但它总是失败并且 return false
当我尝试在 shell 中执行命令时:gpg --import somekey.txt 它有效 这是我的测试 test.key:
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFxmhuYBEADLObpGfH0eQmrhF9Rs4FrYZ2D/QbiDk0TRY/M3aop2oYL8sjCE
hgIvQ9iKAkGydT0bY4pZpRZj5+HQVvDg6ps/7iXPX6RQUsS4SufvoAFUZLIXTla8
WTXC1fY+ZLV29H2NdzT1ZIh72xKquFV+hh0DuI16J1AYSoCrqx4FDZ9vfivCa3Qb
Xyao3B6BHdF9GqvjFWAjp45Fbg4voEPcbPvhoD40ilsO9PDx4/LTQu7afs8HKlAh
XtiyCEJBq/hyiRagLmt81ZpEbQXJiTkOylas1WsJdQpMfb9fTmwDSE0baqwoQUS0
y20w0+3+BKaIrDGu9ErSqG3qUO5sfolczvZZK7ccqfgYTBgvBECL3fA/5kMLh7/X
wgn7Hjw8NqpfwvuPCwQOlI4ovpGSsJceF9IqGauwQUFFHaHqRtah7lXHcw8od0iG
QIT+EIqvYOV19/g0QfZzFQePMSU/+ApkqcIL902TVMYPRcP/1CqcmQMIDdFFycdZ
AG27nDw514uJEh0x7HV9JdI3ZUWrwlMLq9wnVVwMgKGSfVJ/bp+irwydfZfcFmHo
5hvQDcOrM0xMYch8JZ47ZN+u91KjBQMO0QAz1RWYXFhqit9gHm4lIQ65P86VhbnB
ChWa/rYH8/d29lX69TR4IBitBcyaZwJfZuxPFvKrrG3ljt4RWEdVc/AOmQARAQAB
tAt0ZXN0aW5nIGtleYkCNgQTAQoAIAUCXGaG5gIbAwULCQgHAwUVCgkICwQWAgEA
Ah4BAheAAAoJEBeRbnwEwXF5sWQP/iQT4AQDVdyjfk+XyaFx2HITBvaM0SytIThj
qFzChBw7KB/W7MV957UOFLL9LgJfzHkllnFrzu55lz04F4IhpPtkc+BTCP0pZaSu
tLUBKSq27+MdLMQgAWJJvw28Rff066+KmeW/lIkGRQ5WQ5zR4UgV0xyWbZxzCrZQ
nY4oof9rYeXhBghLx80biks6hID5y5Sd4y4WIt2EBqN1je2G/H59uPb2fhjQmc34
HgGebU82TW80V0JHI6QweSrHD4ETv92y2ztfUOPhemS94L7ToWSgTXDZIOTzIGYn
zMMsNz94GZAKnD6M/Bm9OgBbO756Py49CKRTjIn+zUzK03hZMJGYpZL3FTHOVf4k
+zAlzUqNW/L3qULaK+ttm6y14L39DU0xOOEzU+7V1SOE8qpGQgGtq31D/Zj8i1Gm
ejd+22cC4o8nxTXS9G12PYMrOmJCTANJrNby7nXs+jFBj2VekwCv2VCF1bU2+oJI
IAI46+f6uozBnlTGDHo7/YWglvDrSQ7ComgPcBi0CLQOOzK9clZ1x4BlNBiZsmZc
ID4DLiVcQMZuULDvB80hGYjiCuDWswfyPr/Lc3I9IAJGWYthl9NYAb8pwlgaLRnF
l4Tg5VpLEjb2JysuDk33Nm5Nb8C1eCHIHM+UiG+yuz3nEhn1/HKVWHxJYdwwGT09
Hwmq0S2/uQINBFxmhuYBEAC4yaeZc87TtT3k40st0Chk6AqB2nXRbPCtVjxkZOba
0ucWv1mBDOh1+rzkQBp/xpXJWbvRksfCboX/wA2mbrVnKe9d3hMgmm0VNDZrG9he
dahfhj56oNd/b1UsT0c5zQTQaz4QmExjuL9UtVmS+HS8sMK33/64yeUSjva1iDKo
+i9nZ0Mi4xNfEzocqC9x1JoyhY0TyIhzZV1xpdyn055BaPMpa6owVbMNbZrc3/U/
dTHPqP0MZyTZa04uTwG69V2w0/Z4AzLrRQFaRBGbtPuUzw+WcOZ4Ijwb6vlmlwl0
N9o+k2HOwPUJ9CjTj6dN10NUWcVhu6ptwZ0Up9jUisqerSUQZ6wUGS/7awW4B1qi
0t5ahqXIPoHZzPfHPiDMzIQEVIM3NjmGz24gBRb58kuvgf3MC/KNaLRUEjoUMMh1
U+dS1+D49nMrdR+APsu1ZNYecVvky7//DgZMjUblPYfHs3kbhganyupHFPLCxSEO
gTe4zU9QnGOaoO6+sUBPhZyj8HLLwW5tiGQxhwRv46aSAvCBJvEw26bd43p8q+M0
ZhokekucpgaBqPAZ9CyOweIQ5UVOdwDiTDAzIfi73Zf7w+pt2J/qNKWirR21n0/J
mBZPqLLWpRRt3E9GHZUrxeht8qQGmDb1akDJWCNQjdxhhASSgN1CJyIOieUDud3/
WQARAQABiQIfBBgBCgAJBQJcZobmAhsMAAoJEBeRbnwEwXF5PJcP/3sZZinBNCtE
wfWe+vQ9raGO/wvqkBk/NMHx67Qqj90rbCHlERGcNdcq0ssz9HlPPCJIr51vDKJ0
2aPfWjJp/L7M+HmFJafOpyLeJq3F5CZ8QsfQ0g6hq/TiBilhDiL4xOSmpnarR8By
jHJ2KchLjuuxOfiNj3S95CrxV0RspssWNwl2zHHeDoYCvLI+4vSTwg9TD7wTvUbn
BQBh/o7tx+lCD/BQrjrXCHp7OQT9sHemkNB08M8qLCg6xA60F8JuJMTd24gkaXwE
/0cltdxExjJLPDyREnUVzfjNN3fi/fK2ujjmFJtixsjoqXWME2zmDT83Y5O7+qJy
D7t6DyaIc4y978xQUaey4KYo5zAVzB/GkOr1nqYbTiKb4vqpQXKEGviMH/Qjendm
1O75GbXlPu6zbZk4pbhEeXo2RAKfWWqzpy+9rH249ecfNixBavRe+bdk3W8L9Izi
vwY3kJO7DNRqAvmIjA+AgxNtCgRgGFEmwKfWB5q0NjCIxmiOGZKhpSOO+NPPqut8
rW/dglT0SccTE95Y4UDkS6MdM7W66306+6d78zTneglnqx/z8RPlLsJfzKicmOeY
jWqp2SlPkn0nF1d+NXUepjF3/NWjvKpfeQfZIiOXZKdfuPVaUcjVbpBCuxQnUcLg
Epd4OakW3tIP+3vqfv0nJ+weizFNq5Tj
=wIHb
-----END PGP PUBLIC KEY BLOCK-----
在我的 Web 应用程序中使用 gpg 之前,我是否必须以某种方式对其进行初始化?请给我指出正确的方向
通过指纹导出之前导入的密钥:
gpg --export --armor B4A57058391D51C5853BBFA317916E7C04C17179 > /var/www/test/test.key
下面是我的 test.php:
<?php
$key=file_get_contents('/var/www/test/test.key');
$gpg=gnupg_init();
print_r($gpg); //returns Resource id #7
$res=gnupg_import($gpg, $key);
print_r($res); //returns empty string
var_dump($res); //returns (bool)false
$er=gnupg_geterror($gpg);
var_dump($er); //return (bool)false
?>
p.s。使用 nginx+php7.3-fpm 和 gpg 1.4.23 我的 gnupg homedir 在 /var/www/.gnupg 属于 nginx/php 用户并且需要 previleges 600/700
这里可能有换行错误,因为您发布的是密钥内容而不是实际的密钥文件。请将该字段替换为上传文件字段,它应该不会导致换行问题(只要您没有编辑导出的密钥,但我会再次导出它们,只是为了确保)
我刚试过,装甲和普通 public 导出的文件都可以在 gnupg_import 上正常工作。我试过的代码:
//gpg --export --armor 4E8D5B22A24A1CFFA5BD2E771A9A0D703BDDF81B > public-armor.key
$PublicData = file_get_contents('public-armor.key');
$res=gnupg_import($gpg, $PublicData);
var_dump($res);
$er=gnupg_geterror($gpg);
var_dump($er);
我的输出:
array(9) {
'imported' =>
int(0)
'unchanged' =>
int(1)
'newuserids' =>
int(0)
'newsubkeys' =>
int(0)
'secretimported' =>
int(0)
'secretunchanged' =>
int(0)
'newsignatures' =>
int(0)
'skippedkeys' =>
int(0)
'fingerprint' =>
string(40) "4E8D5B22A24A1CFFA5BD2E771A9A0D703BDDF81B"
}
/tmp/so_5469155777_test_php_gnupg.php:12:
bool(false)
编辑:我只是在 DO droplet 上试了一下以确认错误,虽然它很奇怪但它确实存在。 请将您的密钥开头修改为:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1
至:
-----BEGIN PGP PUBLIC KEY BLOCK-----
一切都会很好地工作。 (是的,只需从中删除版本信息)