问题
Through a web interface I'm trying to check if a given public key is valid or not. The bash command gpg --import key.pub
returns import successful/failed
based on the given key, but I don't want to use $data = system("/usr/bin/gpg --import $key)
for my own security concerns. Is there an alternative?
回答1:
Ok, I've done a little debugging and this is what I've found:
nginx daemon was running under nginx:nginx
, no home dir, nologin shell
When I executed sudo -u nginx php -r "echo system("gpg -k");"
I got /home/nginx/.gnupg: directory does not exist!
So I've executed the following:
mkdir -p /home/nginx/.gnupg; chown -R nginx:nginx /home/nginx/
Then, to test if works:
sudo -u nginx php -r "echo system("gpg --homedir /home/nginx/.gnupg --dry-run --batch --import key.pub");
and I've got output!
回答2:
Is installing extension an option for you? Because you can use combination of gnupg_import() and gnupg_keyinfo() function from PECL/gnupg extension.
gnupg_keyinfo()
returns array of properties and there are various keys which would be useful in this case. see: http://svn.php.net/viewvc/pecl/gnupg/trunk/gnupg.c?revision=330955&view=markup#l662
来源:https://stackoverflow.com/questions/13498165/check-if-gpg-pgp-public-key-is-valid