Skip to main content

PHP, GnuPG, and gpg-agnet when decryption

I am now trying to write a small web application in PHP for my personal use.
It reads a file encrypted with my GnuPG public key, decrypts it, and shows the content in pretty HTML format.
Because PHP natively supports many GnuPG wrapper functions, I only wrote codes to call those wrapper functions. By the GnuPG's nature, you have to provide the pass phrase before decrypting the file to retrieve the secret key .

I configured up my application running with my user ID under user-dir directory, i.e. ~/public_html, within apache 2.4 prefork process. This setting requires Apache 2 PHP module as well as mod_ruid2, which enables apache handlers to run under the user-dir.

When I ran my PHP application  supplying my key ID and its pass phrase as the form input elements on my desktop browser, an unusual pop-up window came up. It is not the browser's one, but the keyring manager's window on my desktop environment.  It surprised me because normal web applications don't do such thing and no such behavior is written in the PHP document.  But I understand shortly that the GnuPG's key agent (gpg-agent) must have launched the pop-up window asking for the pass phrase.

This is against my expectation, but is not critical. But I still want to know  how to disable the intervention of the gpg-agent by control from within the PHP code.

Comments

Post a Comment

Popular posts from this blog

The final update to Debian 11 has come

Recently, the 11th point release of Debian 11 has been announced, and it will be the last one. For I am still maintaining one Debian 11 machine, I am starting to prepare its upgrade to Debian 12. Because it is a dual boot machine, I must not forget about the change of grub OS probing. Before I ugrade, I have to add  GRUB_DISABLE_OS_PROBER=false to / etc/default/grub,  or I lose grub menu for Windows OS.  Another thing that impacts me is the change of gnome-text-editor. In Debian 11, gnome-text-editor is a kind of alias of gedit controlled under the Debian alternative system with update-alternatives command. On the other hand, a new package gnome-text-editor appears in Debian 12, and it is a different thing from gedit. For I am an uim user, I was confused when I tried to use launch a Japanese input method via uim on gnome-text-editor in Debian 12, for it wouldn't work as in Debian 11. Yes, these two things are important reminder to me.
Post a Comment
Read more

Data migration tool from Figaro's Password Manager 2

Figaro's Password Manager 2 was my favorite password management tool. It is GTK2-application to preserve and manage your pairs of ID and password secretly with cipher. To my regret, its Debian package was orphaned many years ago and I thought it was time to switch to another password management tool. But besides finding a good alternative choice, I had a big problem: migration. Figaro's Password Manager 2 does have data export function, but only in special XML format. If you want to move your data to a different application, you have to change the format of the data even if the application can import the data. As my next password management tool is KeePass2 or KeePassXC , I need a XML to CSV data converter. So, I have been developing the conversion tool very slowly and finally, completed. Today, I published it on GitHub , which I named fpm2_csv . The history of the code is quite embarrassing, but very few people in the world would be interested in it, that doesn't matte...
Post a Comment
Read more

Epson MFP EP-977A3 and Linux box

Just a report of a hardware device usage for reminder.   EPSON EP-977A3 is a multi-functional peripheral for personal use once sold in Japanese market.   It has color printer, color flat-bed scanner, USB memory RW capability with USB and both wired and wireless LAN connectivity.  With the simple-scan software, whose package name is 'simple-scan' in Debian 10, I am able to scan documents from the flat-bed scanner of EPSON EP-977A3 connecting with my Debian box with an USB cable.   But when I tried to start scanning on the control panel of the scanner device, I got error with a message saying "The computer is not ready". I guessed if the scanned package for that purpose and installed it. Still, I got the same error message. Hmm... I need more research.
Post a Comment
Read more