PHP-based GPG Keyring Administration Tool (PGKAdmin)

© Copyright :: Nathan Ho
Current version: 2.3

This is a simple stand-alone PHP script that allows you to maintain (add/delete/view/download) PGP or GPG keys on a web-based GPG keyring. Such keyrings would be used in conjunction with such scipts as my PHP-GPG Secure Contact Form. Note that this script does not allow you to create new keys, and you should NOT keep a copy of your private keys on the webserver. Use of this script should be limited to public keys.

This script is not meant as a replacement for something more full-featured (such as a PGP keyserver), but is intended to simplify the management of a web-based public keyring for dynamic scripts on a website.

I make no promises about the security or stability of this script. USE AT YOUR OWN RISK!
While I’ve done what I can to make this as stable and secure as possible, you are on your own if something goes wrong with your system because you use this script.

You are free to do what you want with this script (including modify it), as long as you leave the copyright information intact at the top of the script.

What this script can do:

  • Manage a web-based GnuPG keyring (I don’t currently filter out private keys – but I HIGHLY recommend you not store your private key online)
  • Add PGP or GPG keys (by ASCII keyblock, or uploaded ASCII or binary keyfile)
  • Remove keys from the web-based keyring
  • View the ASCII-encoded keyblock (with optional download and direct link)
  • Simple search functionality (for larger keyrings)
  • Optional (simple) HTTP Auth comes with the script (just uncomment the three appropriate lines near the top of the script, and pick a user/pass to use)
  • Should work with most (if not all) versions of GPG (at the current time)
  • Written, tested and used on Linux / Apache servers (has not been tested on any other platforms)

Requirements:

  • PHP safe_mode must be OFF
  • GPG must be installed and accessible
  • You will need to create your PGP or GPG key(s) separately. You can do this by either using the free GnuPG software, or by purchasing a copy of the (easier to use) PGP (Home/Desktop) retail package.

To use this script, simply download the above code, and configure the appropriate variables at the top – then upload to your site and try it out!

Possible future enhancements:

  • Allow retrieving a key from a public keyserver
  • Allow exporting full keyring to an ASCII-armored file (for backup purposes)
  • Allow exporting of multiple keys at one time

Changelog:

  • v2.3 :: Updated auto-detection functionality of GPG binary. Only exists if both auto and manual guess fail.

Leave a Reply

Your email address will not be published. Required fields are marked *