Jump to content
  • Advertisement
Sign in to follow this  

Checking cleanliness of openPGP keys

This topic is 3795 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hello all, I'm reading the documentation at http://au2.php.net/manual/en/ref.gnupg.php and I'm not sure how to accomplish the following: My code will encrypt messages but not decrypt or sign them. This means I will not need anyone's private key. More to the point, I don't want anyone to give me their private key. When someone sends me a key file, I want to detect the presence of the private information and reject the key in this case, all without ever adding the key to the keychain. I expect that the 'secretimported' field of the returned array of gnupg_import will tell me this, but that requires temporarily adding the key to the chain. This is unacceptable since the key would me momentarilly visible to a seperate, compromised part of the site. Is there a way to scan the key without importing it?

Share this post

Link to post
Share on other sites
Sign in to follow this  

  • Advertisement

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!