检查GPG / PGP公钥是否有效
[英]Check if GPG/PGP public key is valid
问题描述
Through a web interface I'm trying to check if a given public key is valid or not. 
通过Web界面,我试图检查给定的公钥是否有效。 The bash command gpg --import key.pub returns import successful/failed based on the given key, but I don't want to use $data = system("/usr/bin/gpg --import $key) for my own security concerns. Is there an alternative? bash命令gpg --import key.pub根据给定的密钥返回import successful/failed ,但是我不想自己使用$data = system("/usr/bin/gpg --import $key)安全问题,还有其他选择吗?
2 个解决方案
解决方案1
1 2012-11-21 17:58:50
Ok, I've done a little debugging and this is what I've found: 好的,我已经进行了一些调试,这就是我发现的内容:
nginx daemon was running under nginx:nginx , no home dir, nologin shell nginx守护程序在nginx:nginx下运行,没有主目录,没有登录外壳
When I executed sudo -u nginx php -r "echo system("gpg -k");" 当我执行sudo -u nginx php -r "echo system("gpg -k");"
I got /home/nginx/.gnupg: directory does not exist! 我得到了/home/nginx/.gnupg: directory does not exist!
So I've executed the following: 因此,我执行了以下操作:
mkdir -p /home/nginx/.gnupg; chown -R nginx:nginx /home/nginx/
Then, to test if works: 然后,测试是否可行:
sudo -u nginx php -r "echo system("gpg --homedir /home/nginx/.gnupg --dry-run --batch --import key.pub");
and I've got output! 我有输出!
解决方案2
0 2013-12-05 16:51:11
Is installing extension an option for you? 安装扩展程序是否适合您? Because you can use combination of gnupg_import() and gnupg_keyinfo() function from PECL/gnupg extension. 因为您可以结合使用PECL / gnupg扩展中的gnupg_import()和gnupg_keyinfo()函数的组合。
gnupg_keyinfo() returns array of properties and there are various keys which would be useful in this case. gnupg_keyinfo()返回属性数组,在这种情况下,有各种键会很有用。 see: http://svn.php.net/viewvc/pecl/gnupg/trunk/gnupg.c?revision=330955&view=markup#l662 参见: http : //svn.php.net/viewvc/pecl/gnupg/trunk/gnupg.c?revision=330955&view=markup#l662
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.