PHP gnupg_addsignkey 错误 : get_key failed

Question

<?php

$res = gnupg_init();

gnupg_clearsignkeys($res);

$key = get_pub_key();// Value pasted below

$publicImp = gnupg_import($res, $key);

gnupg_addsignkey($res, $publicImp['fingerprint']);

echo gnupg_geterror($res); // Prints `get_key failed`

key 是从 https://www.igolder.com/pgp/generate-key/ 生成的

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: BCPG C# v1.6.1.0

mQENBF3FXV0BCACy/cvfn5oEZQG+Wz8803XvpHVP0NWwIDAuogOsSfDIZX3xBK4s
Ul8y/aXkhPeK4V+NwurNiGqWQXCg3tKX77pfFGo0iBwDQlACmNhxtga/bkDOROx+
O5Ete2olKJ0qVDJTIpA1XMTZK+dFor8oKDWGlYyZ7w1mVxit65fkmzxIdCKrKxGw
9KqHZDkzCwRlpyZ/cQYVPNrx+9GREal2b+XLN3Y9Lbx2OD5FTxO6tLee2XlQdaXJ
R/hetUnei0hoP3J1Zdp99Qh+SX7cGZ+jUcGSdrDEx8q066Q7473xVDJ3Lr0YG53K
EW3lA5z13IkMFn4Yn6taJgkyF/QJtMDZ0xlTABEBAAG0DEhpQGdtYWlsLmNvbYkB
HAQQAQIABgUCXcVdXQAKCRBYbc/NUpqITuYOB/9br/Oc2ahZrbE/GOUOWQc3Yp26
rE+gcp5OjX0WXHsqfxRpVgIb7Si0hr5PPPiCiahS7n44IfZ0CGFcenhv+Eb93h5t
UtC26LRfv1ACTF7tX0QZAeACvB/npB0MMTO/dlbl6eIBjCKHmGMBMBW8WHG39J0V
m5X4GwX6vdTPWQH5ZbpNQirvhLTdYBw6JGtkU++K1gW9kZcncV+3EsRnHIqF5B1G
LnGBYOm9bAdCz2b6J8dkPqjCA9Uw5mvBI5ikB0NruZH8kXynzibnwTpXTc+N3Dsl
5dlRVPh7bIIpGdOVKWqtdnLpNDiY/dQhhmNJ64ZkXOnMibx0qPNYmy3iIgN/
=pvzn
-----END PGP PUBLIC KEY BLOCK-----

关键信息是这样的。

[fingerprint] => AF4A061F20FFFE141AA366FE586DCFCD529A884E
[keyid] => 586DCFCD529A884E
[timestamp] => 1573215581
[expires] => 0
[is_secret] =>
[invalid] =>
[can_encrypt] => 1
[can_sign] => 1
[disabled] =>
[expired] =>
[revoked] =>

找不到任何解决方案，请帮助。

Answer 1

为了使其工作，您还需要导入私钥。

根据 https://www.gnupg.org/gph/en/manual/c235.html :

Key Integrity

When you distribute your public key, you are distributing the public components of your master and subordinate keys as well as the user IDs. Distributing this material alone, however, is a security risk since it is possible for an attacker to tamper with the key. The public key can be modified by adding or substituting keys, or by adding or changing user IDs. By tampering with a user ID, the attacker could change the user ID's email address to have email redirected to himself. By changing one of the encryption keys, the attacker would also be able to decrypt the messages redirected to him.

Using digital signatures is a solution to this problem. When data is signed by a private key, the corresponding public key is bound to the signed data. In other words, only the corresponding public key can be used to verify the signature and ensure that the data has not been modified. A public key can be protected from tampering by using its corresponding private master key to sign the public key components and user IDs, thus binding the components to the public master key. Signing public key components with the corresponding private master signing key is called self-signing, and a public key that has self-signed user IDs bound to it is called a certificate.

这是一个示例工作代码:

<?php

$res = gnupg_init();

gnupg_clearsignkeys($res);

$publicKey = file_get_contents('public.key');
$privateKey = file_get_contents('private.key');

$publicImp = gnupg_import($res, $publicKey);
$privateImp = gnupg_import($res, $privateKey);

gnupg_addsignkey($res, $publicImp['fingerprint']);

echo gnupg_geterror($res);

公钥内容:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: BCPG C# v1.6.1.0
mQENBF3TmV4BCACOy5NyL9OMpCR2T5JpuRnaIZCiQ4dyuEx5HikChBBOo6ttB9Pp
whM8kdZf2Xd7bF9SBX5ZEESNCx1aVvo5pKEh/ziRbx4OQINmVyKfhoG7OIWiXoSI
S8swRISmRteIsARPKn7yJfoxmrlCXwAURDOBfFYbmWDdKmeVSz/AS/tysqmPg12D
WJ7Z4NlNDy2Z0g3yS39xIbqi/tf23NmfCZ9O7dNgdpmIfAO+iZKxz9b/+dCT0jms
VIxlHwq/WOJ++2OnVcF13BMjys7hCwiHuomahAQ0Z5hPzTHVdA9T9bGNL76dOZ52
807DPMeKPguKrD9nN+k8xl80d4sdc7affm8nABEBAAG0AIkBHAQQAQIABgUCXdOZ
XgAKCRDqN3uHZN8p3AYdB/9OprDVZ4fM5Lk0aIWKvyMtHy5Xl1iI0fgi8U/gTbw8
zXYJxJYyU7rq/5PJm59IFLn4O/4tTPCJ4T8O+tlc0qNrj1OF9b2HqY86F0ZeSMC7
7oiOZs+W3lyxckvAU4nXvCm4H/UGC0B81PU8YcR82WK8Ht3KG7EfOOVG+ZZc1/3R
0axR+BK9tUmOGclmsuZ9NIEEKa0Ez1jRmr3g72MP9FQRtzbeRAl39+X6+c6hXv7E
PpgshABcvd5BM66dpv1J/zbf8CRE1jNkgoiicsOEXXbtYET6G6oa0SuGiFvTLJ/1
DRbdBIOMcvT7AdY4i/QpDJGlig1L/BKDGLY4DdSc60Fg =G66f
-----END PGP PUBLIC KEY BLOCK-----

私钥内容:

-----BEGIN PGP PRIVATE KEY BLOCK-----
Version: BCPG C# v1.6.1.0
lQOsBF3TmV4BCACOy5NyL9OMpCR2T5JpuRnaIZCiQ4dyuEx5HikChBBOo6ttB9Pp
whM8kdZf2Xd7bF9SBX5ZEESNCx1aVvo5pKEh/ziRbx4OQINmVyKfhoG7OIWiXoSI
S8swRISmRteIsARPKn7yJfoxmrlCXwAURDOBfFYbmWDdKmeVSz/AS/tysqmPg12D
WJ7Z4NlNDy2Z0g3yS39xIbqi/tf23NmfCZ9O7dNgdpmIfAO+iZKxz9b/+dCT0jms
VIxlHwq/WOJ++2OnVcF13BMjys7hCwiHuomahAQ0Z5hPzTHVdA9T9bGNL76dOZ52
807DPMeKPguKrD9nN+k8xl80d4sdc7affm8nABEBAAH/AwMC2ggE9HLGZ9dgN2PG
FnpDcXGHy0ESOHRnAJNPpdFoU3BMM4uupW7bi/uejEuuFMK77qobJV6v4VBkOhqh
tuxZejOLvALNMgcU+wwlm+rEdzeRqBMs+LV5dYECeIPfZJUV9bB8YVsBMG5wwlt/
yony/nONhxOgFMyi3Q2CXhEPUb6LoyQ/vE1UtE99+PTO3B6SOXEjGBCGmRrNXJlW
xgDQgY94NPUGg8clDyNp99956gzkL5zUav9d8wKzMQD/uoyd4B7pW70FifNKRQnu
fQls4E8tQZ1mqlu4smsMq/S4MHvzInBmdapp71tN0VTC5llMvo+wl7KAneSOMaXm
OgQ+g6OXm6/9tGJ4DxC5fDBuh4j1nhm29NmBZhIIEIHsPM3XBDzEvDI+KmDXtaz3
imeFgzfsJXALVKmHcd5zoSzrIUUOUfqt/EHyuqL54+D0VAN7yUk4HrcuQYe2JHY9
ebBC7toUIToQJZpssd2qGdwLQXcmshWMcrBHZlPyrks/Zz7SbE7Ktr9edwmDV0zX
7sGrvIJsQieW6966gwD68L1qkFitJ6gfhseytXTwYeqriJs1AY8TM32P3yZUFPvY
dQnmG7SQfvVIyq5CBvQunEhXtEvnEjDf3DsflpQtqQ1AT8M7lgqZwt3y8pLJgt6G
6MXzEVWnnNdkkmScUvELifWeGs/W23hRLsWoTcEAYxaX18OxPZ1VZuV1FBTjxKQZ
hCFNvd8TbKg48jD24qj1n7Pzvv5D+hLXRzybdZdXhyMFae+D5gXU1lZsC6o75rHy
1IIJPOyofikGhvzqMAHJqmvgoc931R4PquM966XLSwRqdxysRBGad74TOSZVExK8
WPU638GWa23u+gldEB9bFPb5WNigfa8QNUc5OoP5KrQAiQEcBBABAgAGBQJd05le
AAoJEOo3e4dk3yncBh0H/06msNVnh8zkuTRohYq/Iy0fLleXWIjR+CLxT+BNvDzN
dgnEljJTuur/k8mbn0gUufg7/i1M8InhPw762VzSo2uPU4X1vYepjzoXRl5IwLvu
iI5mz5beXLFyS8BTide8Kbgf9QYLQHzU9TxhxHzZYrwe3cobsR845Ub5llzX/dHR
rFH4Er21SY4ZyWay5n00gQQprQTPWNGaveDvYw/0VBG3Nt5ECXf35fr5zqFe/sQ+
mCyEAFy93kEzrp2m/Un/Nt/wJETWM2SCiKJyw4Rddu1gRPobqhrRK4aIW9Msn/UN
Ft0Eg4xy9PsB1jiL9CkMkaWKDUv8EoMYtjgN1JzrQWA= =BpXt
-----END PGP PRIVATE KEY BLOCK-----

我希望这有帮助。