Encryption GnuPG消息加密系统_Encryption_Gnupg

Encryption GnuPG消息加密系统

encryption

Encryption GnuPG消息加密系统,encryption,gnupg,Encryption,Gnupg,我想建立一个消息加密系统，用户将发送加密格式的消息。我正在使用GnUPG。我得到了安装GnUPG的帮助。在服务器中安装之后，我通过以下代码创建公钥和私钥环 $GeneratedKey = $gpg->GenKey($name, $comment, $email, $passphrase,$ExpireDate, $KeyType, $KeyLength,$SubkeyType, $SubkeyLength ); function GenKey($RealName, $Comment, $

我想建立一个消息加密系统，用户将发送加密格式的消息。我正在使用GnUPG。我得到了安装GnUPG的帮助。在服务器中安装之后，我通过以下代码创建公钥和私钥环

$GeneratedKey = $gpg->GenKey($name, $comment, $email, $passphrase,$ExpireDate, $KeyType, $KeyLength,$SubkeyType, $SubkeyLength );

function GenKey($RealName, $Comment, $Email, $Passphrase = '', $ExpireDate = 0, $KeyType = 'DSA', $KeyLength = 1024, $SubkeyType = 'ELG-E', $SubkeyLength = 1024)
{
    // validates the keytype
    if (($KeyType != 'DSA') && ($KeyType != 'RSA')) {
        $this->error = 'Invalid Key-Type, the allowed are DSA and RSA';
        return false;
    }

    // validates the subkey
    if ((!empty($SubkeyType)) && ($SubkeyType != 'ELG-E')) {
        $this->error = 'Invalid Subkey-Type, the allowed is ELG-E';
        return false;
    }

    // validate the expiration date
    if (!preg_match('/^(([0-9]+[dwmy]?)|([0-9]{4}-[0-9]{2}-[0-9]{2}))$/', $ExpireDate)) {
        $this->error = 'Invalid Expire Date, the allowed values are <iso-date>|(<number>[d|w|m|y])';
        return false;
    }

    // generates the batch configuration script
    $batch_script  = "Key-Type: $KeyType\n" .
        "Key-Length: $KeyLength\n";
    if (($KeyType == 'DSA') && ($SubkeyType == 'ELG-E'))
        $batch_script .= "Subkey-Type: $SubkeyType\n" .
            "Subkey-Length: $SubkeyLength\n";
    $batch_script .= "Name-Real: $RealName\n" .
        "Name-Comment: $Comment\n" .
        "Name-Email: $Email\n" .
        "Expire-Date: $ExpireDate\n" .
        "Passphrase: $Passphrase\n" .
        "%commit\n" .
        "%echo done with success\n";

    // initialize the output
    $contents = '';

    // execute the GPG command
    if ( $this->_fork_process($this->program_path . ' --homedir ' . $this->home_directory .
            ' --batch --status-fd 1 --gen-key',
        $batch_script, $contents) ) {
        $matches = false;
        if ( preg_match('/\[GNUPG:\]\sKEY_CREATED\s(\w+)\s(\w+)/', $contents, $matches) )
            return $matches[2];
        else
            return true;
    } else
        return false;
}

$gpg = new gnupg();
$gpg->addencryptkey($recipient);
$ciphertext = $gpg->encrypt($plaintext);

$gpg = new gnupg();
$gpg->adddecryptkey($recipient, $receiver_passphrase); 
$plain = $gpg->decrypt($encrypted_text, $plaintext);

用下面的代码解密

$GeneratedKey = $gpg->GenKey($name, $comment, $email, $passphrase,$ExpireDate, $KeyType, $KeyLength,$SubkeyType, $SubkeyLength );

function GenKey($RealName, $Comment, $Email, $Passphrase = '', $ExpireDate = 0, $KeyType = 'DSA', $KeyLength = 1024, $SubkeyType = 'ELG-E', $SubkeyLength = 1024)
{
    // validates the keytype
    if (($KeyType != 'DSA') && ($KeyType != 'RSA')) {
        $this->error = 'Invalid Key-Type, the allowed are DSA and RSA';
        return false;
    }

    // validates the subkey
    if ((!empty($SubkeyType)) && ($SubkeyType != 'ELG-E')) {
        $this->error = 'Invalid Subkey-Type, the allowed is ELG-E';
        return false;
    }

    // validate the expiration date
    if (!preg_match('/^(([0-9]+[dwmy]?)|([0-9]{4}-[0-9]{2}-[0-9]{2}))$/', $ExpireDate)) {
        $this->error = 'Invalid Expire Date, the allowed values are <iso-date>|(<number>[d|w|m|y])';
        return false;
    }

    // generates the batch configuration script
    $batch_script  = "Key-Type: $KeyType\n" .
        "Key-Length: $KeyLength\n";
    if (($KeyType == 'DSA') && ($SubkeyType == 'ELG-E'))
        $batch_script .= "Subkey-Type: $SubkeyType\n" .
            "Subkey-Length: $SubkeyLength\n";
    $batch_script .= "Name-Real: $RealName\n" .
        "Name-Comment: $Comment\n" .
        "Name-Email: $Email\n" .
        "Expire-Date: $ExpireDate\n" .
        "Passphrase: $Passphrase\n" .
        "%commit\n" .
        "%echo done with success\n";

    // initialize the output
    $contents = '';

    // execute the GPG command
    if ( $this->_fork_process($this->program_path . ' --homedir ' . $this->home_directory .
            ' --batch --status-fd 1 --gen-key',
        $batch_script, $contents) ) {
        $matches = false;
        if ( preg_match('/\[GNUPG:\]\sKEY_CREATED\s(\w+)\s(\w+)/', $contents, $matches) )
            return $matches[2];
        else
            return true;
    } else
        return false;
}

$gpg = new gnupg();
$gpg->addencryptkey($recipient);
$ciphertext = $gpg->encrypt($plaintext);

$gpg = new gnupg();
$gpg->adddecryptkey($recipient, $receiver_passphrase); 
$plain = $gpg->decrypt($encrypted_text, $plaintext);

通过这个，我成功地创建了一个用户名文件夹，并在那里生成私有和公共密钥环，然后以加密方式发送消息，并由接收方解密。但我主要关心的是，我不想在服务器上生成用户公钥和私钥，而是想在用户本地计算机上生成公钥和私钥

是否可以在本地计算机中生成公钥和私钥？因为我不希望用户依赖于服务器安全。只有接收者才能解密消息。。其他人无法解密

谢谢，

您可以使用在客户端浏览器中运行的密钥创建密钥，将私钥存储在客户端的某个位置，然后只将公钥发送到服务器

//使用RSA加密创建新密钥（1），长度为4k
//密码为“foobar”的John Doe
var key=openpgp.generate_key_对（14096，
“约翰·多伊·约翰。doe@example.org“，“foobar”）；
keys.privateKeyArmocrated；//访问私钥
keys.PublicKeyArmocrated；//访问公钥

现在他们甚至有了锚，所以我可以提供一个深度链接。谢谢！（如果我需要重新构建一些服务器端代码，我几乎很想使用它；gnupgpython已经被证明是相当混乱的，从ClojureScript中定位节点再痛苦不过了）。