如何使用 GnuPG 模块确定 PHP 中导入的 OpenPGP 密钥的指纹?
How to determine fingerprint of imported OpenPGP key in PHP using the GnuPG module?
在 php 我有一个 public 钥匙,但我不知道这个钥匙的指纹。
我如何用这个 public 密钥加密文本?
代码如下:
$gpg = new gnupg();
putenv("GNUPGHOME=/tmp");
$pubkey = "-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQENBFYH/asBCACeLwizAl/EziNDyVGW3a2td2FVvpoKWoWgmCwQ0A+Ukb+tSK8e
GZLbePb3oMNVOlBWPGSRUMsyugcjD0WhWS8AwRlrNoZyCvu4CZIrP51txhsxfTL6
PJC710vzuhS3Sqk8yMxayTjPzJaf5mHkTo4nd5tWgqmIIxHQW/NabVmTR5hQ+ctN
B/4zwRg3LEg4YGH8SzSgPZZMC6QCJuL1OJuaSwz79zNOzzFEmQ2xHfpkNKfFEvsX
dUdXWA+zz9omDtj2Eau8u7b5L6MR+ydlKo9MFjN55Qzif5h/N0kskQPSuBEffGzD
ToP6Zy9YBSAKscydcvl2yWcfytaCSKDpwrPpABEBAAG0EW15dGVzdCA8YWFAYWEu
YWE+iQE5BBMBCAAjBQJWB/2rAhsDBwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AA
CgkQ/v2Icpyb3SeAsQf7ByN468jN0ZhgrXlN2CvrHG2x4fx1GwhbIMEtNrnvy0rU
ivyKbM8YBs+QY39SuX55upmeVRfQFEiU7Cha+lXZ32hl1fsb/4OG59jGLvcX9Evq
qapyfEKhwO1C+eG1EhLPqpph1vnTOcciRkHtV33fCs0kHhLDOdhD65NX7RzE8XdX
s9GolKGCIrZuDQLKcQoPeD/IJLzom1iP4N46V2uz9ke018XRvnDObBgq5+qiloX1
SlbTwq0UToRIb3ggPiNes3grvyLTJxWqMpAXtHSHBbfwmtznZxYsyIY0JMQNB3UW
mYeu+qwOUpJqsI+bzCWhWOhyHqsA8Gv4TgHIcm/BFLkBDQRWB/2rAQgAuahVrWGv
IAcjrj30P8P0meAPwMbl4wlsYwTY4Qw9bfcPhfzDm4pltm9xXlYKTN3UeaiWhO2z
DeCcIwcxl2Ypa84Gd3aOV1rBDnDr+RPOdZBdkpjjoPRLL15c7QMv2chd70ZIBp9m
BC63J+BcBvMRnLaCi05E9TedIbTGK209+An9aiOIBRMnuhJ2dLNW2hGfVNIg/S00
hj3bJxXllJncNBxwDljPE7JWWtKA6XSUz+j2qBJSQv2koPj/+Fprc+Sa6R+T1kh/
dj8EDweLeweZ2kZojw8g4gzAQPWdf4NEuo+W/Mo6vx+1ALcKqSWW1g/+VTadg+pp
iynkX2f7I3sWMwARAQABiQEfBBgBCAAJBQJWB/2rAhsMAAoJEP79iHKcm90n4JMI
AJn4zNz4agYrV2NLTF5E7YdniGUKmtigN5Omxgil+hSEasLM7GgP+dzx+0DWHojH
tN/g5BJFU/jxy5mAVHsZYgs66KBUeL5TT69llMcTPg39xl338CXpaNDh9HEh+9Fb
/UwLr8dqd7Ld9Psd9f/x9X7irW244u+gUFL1Jvgr9/2XPbcVf5tUWT1YDGgKc7Vx
Etx8C/n+lXLXfmL/woqby2JnB/WgJxkg5ovOxzzzuE8TxKmZ3TqKyvwPdFVlcpw3
l1oTWHQ2Ru6ZdD1vFMaharoRHy+X4bc6PNli7KTBTA+X0iBAWUOqHZD4GdwHTleB
HsuhVwkm5Qv06KmM5g7leVg=
=Mgfi
-----END PGP PUBLIC KEY BLOCK-----
";
$info = $gpg->import($pubkey);
print_r($info);
$gpg->addencryptkey("96E9C3DC001C10B3AE6236B1FEFD88729C9BDD27");
$enc = $gpg->encrypt("just a test");
echo $enc;
我不知道这个加密密钥:
$gpg->addencryptkey("96E9C3DC001C10B3AE6236B1FEFD88729C9BDD27");
如何从 public 密钥中获取此指纹?
通常,运行 gpg --list-keys --with-fingerprint --with-colons
键中的管道将产生键的信息。您将得到一个易于解析的结果,例如
pub:-:2048:1:FEFD88729C9BDD27:2015-09-27:::-:mytest <aa@aa.aa>:
fpr:::::::::96E9C3DC001C10B3AE6236B1FEFD88729C9BDD27:
sub:-:2048:1:22EC13225E681EFA:2015-09-27::::
指纹位于冒号分隔输出的第二行中的固定列。
但是当您导入密钥时,请查看问题中代码给出的输出,其中已经包含 $info
:
中的指纹
Array
(
[imported] => 1
[unchanged] => 0
[newuserids] => 0
[newsubkeys] => 0
[secretimported] => 0
[secretunchanged] => 0
[newsignatures] => 0
[skippedkeys] => 0
[fingerprint] => 96E9C3DC001C10B3AE6236B1FEFD88729C9BDD27
)
无论如何导入密钥以接收它的指纹是一种可行的方法,可能不太昂贵,您甚至可以以某种方式缓存散列密钥的指纹。自己计算指纹是可能的,但需要编写自己的 OpenPGP 解析器代码,这可能不是您想要做的事情。
在 php 我有一个 public 钥匙,但我不知道这个钥匙的指纹。 我如何用这个 public 密钥加密文本?
代码如下:
$gpg = new gnupg();
putenv("GNUPGHOME=/tmp");
$pubkey = "-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQENBFYH/asBCACeLwizAl/EziNDyVGW3a2td2FVvpoKWoWgmCwQ0A+Ukb+tSK8e
GZLbePb3oMNVOlBWPGSRUMsyugcjD0WhWS8AwRlrNoZyCvu4CZIrP51txhsxfTL6
PJC710vzuhS3Sqk8yMxayTjPzJaf5mHkTo4nd5tWgqmIIxHQW/NabVmTR5hQ+ctN
B/4zwRg3LEg4YGH8SzSgPZZMC6QCJuL1OJuaSwz79zNOzzFEmQ2xHfpkNKfFEvsX
dUdXWA+zz9omDtj2Eau8u7b5L6MR+ydlKo9MFjN55Qzif5h/N0kskQPSuBEffGzD
ToP6Zy9YBSAKscydcvl2yWcfytaCSKDpwrPpABEBAAG0EW15dGVzdCA8YWFAYWEu
YWE+iQE5BBMBCAAjBQJWB/2rAhsDBwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AA
CgkQ/v2Icpyb3SeAsQf7ByN468jN0ZhgrXlN2CvrHG2x4fx1GwhbIMEtNrnvy0rU
ivyKbM8YBs+QY39SuX55upmeVRfQFEiU7Cha+lXZ32hl1fsb/4OG59jGLvcX9Evq
qapyfEKhwO1C+eG1EhLPqpph1vnTOcciRkHtV33fCs0kHhLDOdhD65NX7RzE8XdX
s9GolKGCIrZuDQLKcQoPeD/IJLzom1iP4N46V2uz9ke018XRvnDObBgq5+qiloX1
SlbTwq0UToRIb3ggPiNes3grvyLTJxWqMpAXtHSHBbfwmtznZxYsyIY0JMQNB3UW
mYeu+qwOUpJqsI+bzCWhWOhyHqsA8Gv4TgHIcm/BFLkBDQRWB/2rAQgAuahVrWGv
IAcjrj30P8P0meAPwMbl4wlsYwTY4Qw9bfcPhfzDm4pltm9xXlYKTN3UeaiWhO2z
DeCcIwcxl2Ypa84Gd3aOV1rBDnDr+RPOdZBdkpjjoPRLL15c7QMv2chd70ZIBp9m
BC63J+BcBvMRnLaCi05E9TedIbTGK209+An9aiOIBRMnuhJ2dLNW2hGfVNIg/S00
hj3bJxXllJncNBxwDljPE7JWWtKA6XSUz+j2qBJSQv2koPj/+Fprc+Sa6R+T1kh/
dj8EDweLeweZ2kZojw8g4gzAQPWdf4NEuo+W/Mo6vx+1ALcKqSWW1g/+VTadg+pp
iynkX2f7I3sWMwARAQABiQEfBBgBCAAJBQJWB/2rAhsMAAoJEP79iHKcm90n4JMI
AJn4zNz4agYrV2NLTF5E7YdniGUKmtigN5Omxgil+hSEasLM7GgP+dzx+0DWHojH
tN/g5BJFU/jxy5mAVHsZYgs66KBUeL5TT69llMcTPg39xl338CXpaNDh9HEh+9Fb
/UwLr8dqd7Ld9Psd9f/x9X7irW244u+gUFL1Jvgr9/2XPbcVf5tUWT1YDGgKc7Vx
Etx8C/n+lXLXfmL/woqby2JnB/WgJxkg5ovOxzzzuE8TxKmZ3TqKyvwPdFVlcpw3
l1oTWHQ2Ru6ZdD1vFMaharoRHy+X4bc6PNli7KTBTA+X0iBAWUOqHZD4GdwHTleB
HsuhVwkm5Qv06KmM5g7leVg=
=Mgfi
-----END PGP PUBLIC KEY BLOCK-----
";
$info = $gpg->import($pubkey);
print_r($info);
$gpg->addencryptkey("96E9C3DC001C10B3AE6236B1FEFD88729C9BDD27");
$enc = $gpg->encrypt("just a test");
echo $enc;
我不知道这个加密密钥:
$gpg->addencryptkey("96E9C3DC001C10B3AE6236B1FEFD88729C9BDD27");
如何从 public 密钥中获取此指纹?
通常,运行 gpg --list-keys --with-fingerprint --with-colons
键中的管道将产生键的信息。您将得到一个易于解析的结果,例如
pub:-:2048:1:FEFD88729C9BDD27:2015-09-27:::-:mytest <aa@aa.aa>:
fpr:::::::::96E9C3DC001C10B3AE6236B1FEFD88729C9BDD27:
sub:-:2048:1:22EC13225E681EFA:2015-09-27::::
指纹位于冒号分隔输出的第二行中的固定列。
但是当您导入密钥时,请查看问题中代码给出的输出,其中已经包含 $info
:
Array
(
[imported] => 1
[unchanged] => 0
[newuserids] => 0
[newsubkeys] => 0
[secretimported] => 0
[secretunchanged] => 0
[newsignatures] => 0
[skippedkeys] => 0
[fingerprint] => 96E9C3DC001C10B3AE6236B1FEFD88729C9BDD27
)
无论如何导入密钥以接收它的指纹是一种可行的方法,可能不太昂贵,您甚至可以以某种方式缓存散列密钥的指纹。自己计算指纹是可能的,但需要编写自己的 OpenPGP 解析器代码,这可能不是您想要做的事情。