I tried to get this module to work but when I supply a proper pubring.gpg and call gnupg_encrypt with ($message,MYKEY) the best error message I'm able to get back is "gpg: can't open `sites/all/modules/gnupg/.gnupg/pubring.gpg' gpg: keydb_search failed: file open error gpg: MYKEY: skipped: file open error gpg: : encryption failed: file open error"

While on my remote host running a bit stricter setup the error message is, unedited: "Warning: using insecure memory! gpg: can't open `': No such file or directory gpg: : encryption failed: No such file or directory." I also tried to set proc_open to true here but the result remained the same.

The latter was from gpg version 1.4.9/PHP 5.2.6 , the first from gpg 2.0.10/PHP 5.2.8.

Interestingly, gnupg_get_keys() works as expected and thus verifies that the pubring should not be the cause of the problem. I'd be grateful for any hint at what to try next, especially since I'm not that familiar with proc_open and pipes in PHP.

Comments

Arto’s picture

Assigned: Unassigned » Arto
Issue tags: +GnuPG
grahl’s picture

Status: Active » Needs work

OK, I grabbed gnupg-6.x-1.x-dev from Feb 18th and with additionally adding the following line to gnupg.module, right before the proc_open, I am now able to encrypt. What is removed are two empty single quote marks.
I haven't seen why that is since the array $options has the row recipient with a valid key_id as a last argument. Obviously this is an ugly hack and needs a better solution.

203a204,205
> $command=substr($command,0,-2);
>
271a274
>

Arto’s picture

Title: gnupg_encrypt not working » GnuPG::encrypt() troubles
Project: GnuPG » OpenPGP
Version: 6.x-1.0-alpha1 » 6.x-1.x-dev
Component: Code » GnuPG compatibility
Issue tags: +OpenPGP, +encrypt

I'm moving this bug report over to the OpenPGP module which obsoletes the GnuPG module.

I need to double-check whether this issue is still a problem for the OpenPGP module. The GnuPG code (in openpgp/openpgp_gpg/openpgp_gpg.inc) was mostly a straight port of the previous code in gnupg.module, so this bug may possibly still be present in the GnuPG::encrypt() function which replaces gnupg_encrypt().

#406334: OpenPGP_GPG::get_keys() fails if key is not specified seems to be a closely related issue.

adamo’s picture

I believe this was a problem with gnupg_exec() in the old module, which also caused the get_keys() issue you referenced.

From the issue:

The escapeshellarg function is returning a string of two single quotes (''), not an empty string. The two single quotes get added to the end of the gpg command line.

In your old code null options would get run through escapeshellarg(), which is where the extra single quotes came from. In your new code you check if the option is null before running it through escapeshellarg() and adding it to the command line. So I think this is all set.

Arto’s picture

Title: GnuPG::encrypt() troubles » OpenPGP_GPG::encrypt() troubles

The GnuPG class has now been renamed to OpenPGP_GPG per issue #586696: Compatibility with GnuPG PECL extension.

Arto’s picture

Status: Needs work » Fixed

Many thanks for checking this, Adam. It does indeed seem that I fixed that at some point (and then promptly forgot about it) when I was developing the new module, so this issue is resolved.

Status: Fixed » Closed (fixed)
Issue tags: -GnuPG, -OpenPGP, -encrypt

Automatically closed -- issue fixed for 2 weeks with no activity.