Encrypt files using PGP in PHP?

Question

I want to use PGP encryption to encrypt a CSV files, I am generating through a PHP script and then send that file to client via email. Client will give me the encryption key, which I need to use for encryption files.

I Googled about PGP and found it is Pretty Good Privacy, also I found OpenPGP http://www.openpgp.org/ and GnuPG http://www.gnupg.org/ What are these two types of PGP? and which one should I use?

Also how to encrypt a files using PGP in PHP with the key that my client will provide?

I have heard this term first time, can anyone please help in understanding this and implementing this in PHP.

Answer 1

Question 1: About PGP

• PGP (Pretty Good Privacy) is a product and trademark of Symantec Corporation (they bought it some years ago).
• OpenPGP is the standard used by PGP.
• GnuPG (Gnu Privacy Guard) is a free and open source implementation of PGP.

So what you want to do is encrypt to an OpenPGP key. Which implementation of OpenPGP your client uses to decrypt the data is not important for you. With PHP, commonly GnuPG is used and there are interfaces built-in.

Question 2: Using GnuPG in PHP

Use the GnuPG interface, which is an extension that can be installed for PHP.

At first, import the key, where $keydata is the ASCII armored public key:

<?php
$gpg = new gnupg();
$info = $gpg -> import($keydata);
print_r($info);
?>

Then use this key to encrypt the data, this time using the client's key's fingerprint:

<?php
  $gpg = new gnupg();
  $gpg -> addencryptkey("8660281B6051D071D94B5B230549F9DC851566DC");
  $enc = $gpg -> encrypt("just a test");
  echo $enc;
?>

If you want to encrypt files, read and pass them to encrypt(). Be sure to use at least long key IDs (eg. DEADBEEFDEADBEEF), better fingerprints (as in the example) when referencing keys; and never use short key IDs (DEADBEEF), as those are vulnerable to collision attacks.

---

The is a more comprehensive example for doing both added by a user in the PHP manual.