我已经用OpenPGP-PHP创建了一个公钥和私钥,然后我将它们都导入到GnuPG中,如果不指定"--allow-non-selfsigned-uid"标志,它不会导入公钥。然后,当我尝试解密文件时,我得到以下内容:
gpg --decrypt test.tif.asc
Generated: Thu, 25 Feb 2016 11:12:28 -0500
gpg: unknown armor header:
By: <>
gpg: unknown armor header:
Using: OpenPGP for PHP
gpg: unknown armor header:
For: TEST
gpg: unknown armor header:
gpg: encrypted with 512-bit RSA key, ID 519A1973, created 2016-02-25
"TEST"
gpg: public key decryption failed: Wrong secret key used
gpg: decryption failed: No secret key
但关键显然存在:
gpg --list-secret-keys
/home/mike/.gnupg/secring.gpg
-----------------------------
sec 512R/519A1973 2016-02-25
uid TEST
我用PHP代码生成它们:
$header = array(
'Generated' => date( "r" ),
'By' => "Test <test@test.com>",
'Using' => "OpenPGP for PHP",
'For' => "TEST"
);
$rsa = new Crypt_RSA();
$k = $rsa->createKey(512);
$rsa->loadKey( $k['privatekey'] );
$nkey = new OpenPGP_SecretKeyPacket(array(
'n' => $rsa->modulus->toBytes(),
'e' => $rsa->publicExponent->toBytes(),
'd' => $rsa->exponent->toBytes(),
'p' => $rsa->primes[1]->toBytes(),
'q' => $rsa->primes[2]->toBytes(),
'u' => $rsa->coefficients[2]->toBytes()
));
$uid = new OpenPGP_UserIDPacket( "TEST" );
$wkey = new OpenPGP_Crypt_RSA ($nkey );
$m = $wkey->sign_key_userid(array($nkey, $uid));
// Serialize private key
$private_bytes = $m->to_bytes();
$private_bytes = OpenPGP::enarmor( $private_bytes, "PGP PRIVATE KEY BLOCK", $header );
// Serialize public key message
$pubm = clone($m);
$pubm[0] = new OpenPGP_PublicKeyPacket($pubm[0]);
$public_bytes = OpenPGP::enarmor( $public_bytes, "PGP PUBLIC KEY BLOCK", $header );
并使用以下方法进行加密:
$pgp_header = array(
'Generated' => date( "r" ),
'By' => "Test <test@test.com>",
'Using' => "OpenPGP for PHP",
'For' => "TEST"
);
// Unarmor the public key for encrypting
$public_bytes = OpenPGP_Message::parse( OpenPGP::unarmor( $public_bytes, "PGP PUBLIC KEY BLOCK" ) );
echo encryptData( file_get_contents( "test.tif" ), "test.tif", $public_bytes, $pgp_header );
function encryptData( $data, $filename, $key, $header )
{
$data = new OpenPGP_LiteralDataPacket( $data, array('format' => 'u', 'filename' => $filename ) );
$encrypted = OpenPGP_Crypt_Symmetric::encrypt( $key, new OpenPGP_Message(array($data)) );
return( OpenPGP::enarmor( $encrypted->to_bytes(), "PGP MESSAGE", $header ) );
}
但似乎我肯定在某个地方错过了一些东西。我怎样才能让 GnuPG 成功解密我的东西?
首先:尝试使用gpg生成的密钥使用OpenPGP-PHP进行加密 - 这有效吗? (它在本地为我做。
接下来,确保您生成的密钥设置了0x04"加密通信"密钥标志(您必须自己添加签名数据包,如果您不提供签名数据包,请查看第 154 行的lib/openpgp_crypt_rsa.php
以查看默认生成的数据包。
另外,注册机示例中存在一个错误。 请尝试最新版本。