[nycphp-talk] Digital Signatures in PHP
Andrew Yochum
andrew at digitalpulp.com
Thu Jun 3 17:22:38 EDT 2004
On Thu, Jun 03, 2004 at 02:49:03PM -0400, Rolan Yang wrote:
> Yea, sometimes I wish you could just pipe data to gpg and have it spit
> out an
> encrypted message... rather than having it operate on an existing file.
> Storing
> sensitive information in a temporary file which has readable permissions
> by the web server leaves me feeling a bit insecure too.
Actually, you can do that with the popen() function - it can a pipe to the
STDOUT of the gpg command. Use a pipe or input re-direction to feed it data.
There are gpg examples in the comments:
http://php.net/popen
You can also use proc_open() for bi-directional pipes if you have >= 4.3
avoiding the input trickery:
http://php.net/proc_open
Use the latter if possible... less headaches.
Andrew
More information about the talk
mailing list