Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

encryption of php contact form with my public key

I am interested if anyone knows some php script/code for contact form which I could place in my (html) website and visitor can send me message (maybe even attachment) which will be encrypted with my public key automatically and saved on server in txt file? I don't need to be sent to my email, just saved in txt file and when it is saved encrypted, I can copy and decrypt it with my private gpg key.

I found something similar but it is not for me because it is decrypting message in server automatically and it means I must write password for private key in configuration file and that's bad because admin of server could read messages for me: https://privacybox.de/index.en.html (there is source code: https://privacybox.de/eval.en.html)

I need message to be saved encrypted, so I am the only one who could read it. I suppose my public key should be accessed by php script and I would store my public key in my root folder of website. I say it because I saw some code which look like gpg folder outside of my www root folder:

<?php
    $gpg = '/usr/bin/gpg';
like image 925
user887608 Avatar asked Nov 14 '22 19:11

user887608


1 Answers

If you cannot trust your admin, server-side encryption won't help. The message is sent to the server as plain text, so the admin could easily eavesdrop on the message before it is encrypted.

You might be looking for a solution that encrypts your message on the client, ie. encrypting via JavaScript if this is an option. I'm not quite sure if you can access file attachments this way.

like image 179
Beebop Avatar answered Dec 20 '22 04:12

Beebop