gpg --decrypt

Re: gpg --decrypt

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alan Little wrote:
[color=blue]
> I'm trying to operate gpg through proc_open. I can encrypt this way, just
> fine, but when I try to decrypt I get:
>
> gpg: cannot open `/dev/tty': Device not configured
>
> Here's what I'm using; the same basic code works fine for encrypting:[/color]

Calling "gpg" with proc_open or similar methods is a mess... consider using
the PECL GPG extension - have a look at http://pecl.php.net .

- --
- ----------------------------------
Iván Sánchez Ortega -i-punto-sanchez--arroba-mirame-punto-net

Gentlemen, start your flamethrowers.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEXfBr3jc Q2mg3Pc8RAtMfAJ 4p7iYqjSF/EO5mN/UjH+K4jH2t3wCfW nee
PvzDOkIh6dVaS+E tQnBFYJE=
=VXdM
-----END PGP SIGNATURE-----

Re: gpg --decrypt

Alan Little wrote:
[color=blue]
> I'm trying to operate gpg through proc_open. I can encrypt this way, just
> fine, but when I try to decrypt I get:
>
> gpg: cannot open `/dev/tty': Device not configured[/color]

GPG doesn't read the pass phrase from STDIN -- it reads it from the
terminal. It might seem like a minor difference, but the effect is that
you can't pass the passphrase in via STDIN.

You could try including the options "--no-tty --passphrase-fd 0".

--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact

Re: gpg --decrypt

Carved in mystic runes upon the very living rock, the last words of
Iván Sánchez Ortega of comp.lang.php make plain:
[color=blue]
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Alan Little wrote:
>[color=green]
>> I'm trying to operate gpg through proc_open. I can encrypt this way,
>> just fine, but when I try to decrypt I get:
>>
>> gpg: cannot open `/dev/tty': Device not configured
>>
>> Here's what I'm using; the same basic code works fine for encrypting:[/color]
>
> Calling "gpg" with proc_open or similar methods is a mess... consider
> using the PECL GPG extension - have a look at http://pecl.php.net .[/color]

Thanks for your response. Do you think it will be easier to sort out the
proc_open() method, or to figure out how to compile and install the
extension? And if I want to include this in distributed code later, does
that make a difference?

--
Alan Little
Phorm PHP Form Processor

Re: gpg --decrypt

Carved in mystic runes upon the very living rock, the last words of Toby
Inkster of comp.lang.php make plain:
[color=blue]
> Alan Little wrote:
>[color=green]
>> I'm trying to operate gpg through proc_open. I can encrypt this way,
>> just fine, but when I try to decrypt I get:
>>
>> gpg: cannot open `/dev/tty': Device not configured[/color]
>
> GPG doesn't read the pass phrase from STDIN -- it reads it from the
> terminal. It might seem like a minor difference, but the effect is
> that you can't pass the passphrase in via STDIN.
>
> You could try including the options "--no-tty --passphrase-fd 0".[/color]

Thanks; I wasn't aware of those options.

Now my script just hangs. I'm not sure where; I put limiters on the read
loops, and it still hangs. I noticed in the docs for proc_open, it says:

The file descriptor numbers are not limited to 0, 1 and 2 - you
may specify any valid file descriptor number and it will be
passed to the child process. This allows your script to interoperate
with other scripts that run as "co-processes". In particular, this
is useful for passing passphrases to programs like PGP, GPG and
openssl in a more secure manner.

It specifically mentions passing passphrases to GPG. I tried the
following changes in my script, but it still hangs:

$cmd =
'/usr/bin/gpg '.
'--decrypt '.
'--homedir /usr/home/userid/.gnupg '.
'--no-tty '.
'--passphrase-fd 3';

$descriptors = array(
0 => array('pipe', 'r'),
1 => array('pipe', 'w'),
2 => array('file', '/usr/home/thebest/error.gpg', 'a'),
3 => array('pipe', 'r')
);

list($stdin, $stdout, $stderr, $passpipe) = $pipes;

fputs($passpipe , $pass);

--
Alan Little
Phorm PHP Form Processor

Re: gpg --decrypt

Carved in mystic runes upon the very living rock, the last words of Alan
Little of comp.lang.php make plain:
[color=blue]
> I'm trying to operate gpg through proc_open. I can encrypt this way,
> just fine, but when I try to decrypt I get:[/color]

I got it:

$cmd =
'/usr/bin/gpg '.
'--decrypt '.
'--homedir /usr/home/userid/.gnupg '.
'--no-tty '.
'--passphrase-fd 3';

$message = '[encrypted message]';

$pass = '[passphrase]';

$descriptors = array(
0 => array('pipe', 'r'),
1 => array('pipe', 'w'),
2 => array('file', '/usr/home/userid/error.gpg', 'a'),
3 => array('pipe', 'r')
);

$process = proc_open($cmd, $descriptors, $pipes);
list($stdin, $stdout, $stderr, $passpipe) = $pipes;

fputs($stdin, $message);
fclose($stdin);

fputs($passpipe , $pass);
fclose($passpip e);

while (!feof($stdout) ) {
$line = fgets($stdout);
echo $line;
}

--
Alan Little
Phorm PHP Form Processor