[英]Check if GPG/PGP public key is valid
Through a web interface I'm trying to check if a given public key is valid or not. 通过Web界面,我试图检查给定的公钥是否有效。 The bash command
gpg --import key.pub
returns import successful/failed
based on the given key, but I don't want to use $data = system("/usr/bin/gpg --import $key)
for my own security concerns. Is there an alternative? bash命令
gpg --import key.pub
根据给定的密钥返回import successful/failed
,但是我不想自己使用$data = system("/usr/bin/gpg --import $key)
安全问题,还有其他选择吗?
Ok, I've done a little debugging and this is what I've found: 好的,我已经进行了一些调试,这就是我发现的内容:
nginx daemon was running under nginx:nginx
, no home dir, nologin shell nginx守护程序在
nginx:nginx
下运行,没有主目录,没有登录外壳
When I executed sudo -u nginx php -r "echo system("gpg -k");"
当我执行
sudo -u nginx php -r "echo system("gpg -k");"
I got /home/nginx/.gnupg: directory does not exist!
我得到了
/home/nginx/.gnupg: directory does not exist!
So I've executed the following: 因此,我执行了以下操作:
mkdir -p /home/nginx/.gnupg; chown -R nginx:nginx /home/nginx/
Then, to test if works: 然后,测试是否可行:
sudo -u nginx php -r "echo system("gpg --homedir /home/nginx/.gnupg --dry-run --batch --import key.pub");
and I've got output! 我有输出!
Is installing extension an option for you? 安装扩展程序是否适合您? Because you can use combination of gnupg_import() and gnupg_keyinfo() function from PECL/gnupg extension.
因为您可以结合使用PECL / gnupg扩展中的gnupg_import()和gnupg_keyinfo()函数的组合。
gnupg_keyinfo()
returns array of properties and there are various keys which would be useful in this case. gnupg_keyinfo()
返回属性数组,在这种情况下,有各种键会很有用。 see: http://svn.php.net/viewvc/pecl/gnupg/trunk/gnupg.c?revision=330955&view=markup#l662 参见: http : //svn.php.net/viewvc/pecl/gnupg/trunk/gnupg.c?revision=330955&view=markup#l662
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.