Emailing Secure Encrypted Form Data on Bluehost Using GnuPG | Joe Kraynak

Bluehost has a great tool for creating custom online forms called phpFormGenerator. You can set up the form to email data to you. Getting that form to email you the data in a secure, encrypted format, however, is quite a challenge.

In this post, I show you how to configure a form to encrypt the form data, have the encrypted message sent to you via email, and then decrypt the form in Microsoft Windows Outlook Express.

I’m assuming you already created a form using phpFormGenerator and have it set up to email you the form data.

Shameless disclaimer: This works for me, and I think it’ll work for most Bluehost users running Windows and using Outlook Express. I’m not sure how helpful it will be for others. If anyone knows an easier way, please share.

Create Your GnuPG Keys

If you haven’t created your GnuPG encryption keys yet, do so – on the Bluehost Control Panel in the Security box, click GnuPG Keys and then follow the instructions. You’ll need the email address you used to generate the keys for the next step.

Edit process.php

phpFormGenerator creates a file called process.php, which processes the form data and emails it to you. Open process.php, and delete the following line:

mail("yourmail@whatever.com","Form Submitted at your website",$message,"From: phpFormGenerator");

In its place, insert the following code… right before the closing php code ?>. And make a few adjustments as indicated in the code’s contents. (I got most of this from an article called “How to send encrypted messages using PGP and PHP scripts” but had to make changes to get it to work with my form.):

//replace yourmail@whatever.com with the email address you used to generate the GnuPG keys
$pgpuser = "yourmail@whatever.com" ;

//replace yourmail@whatever.com with the email address to which you want the form data sent
$testemail = "yourmail@whatever.com";
$emailsubject = "Encrypted Information";
$emailfrom = "From:". $_POST[email];
$body = $_POST[message];

//Indicate the location of your .gnupg folder. When you login to the Bluehost Control Panel, the left column shows your "Home Directory." Replace /home/username with your home directory, keeping the .gnupg at the end
putenv("GNUPGHOME=/home/username/.gnupg");
$infile = tempnam("/tmp", "PGP.asc");
$outfile = $infile.".asc";
$fp = fopen($infile, "w");
fwrite($fp, $message);
fclose($fp);
$command = "gpg -a --always-trust --batch --no-secmem-warning -e -r $pgpuser -o $outfile $infile";
system($command, $result);
unlink($infile);
if ($result==0) {
$fp = fopen($outfile, "r");
if(!$fp||filesize ($outfile)==0) {
$result = -1;
}
else {
//read the encrypted file
$contents = fread ($fp, filesize ($outfile));
//delete the encrypted file
unlink($outfile);
//send the email
mail ($testemail, $emailsubject, $contents, $emailfrom);
print "Thank you!! Your encrypted e-mail has been sent. ";
}
}
if($result!=0) {
print "Their was a problem processing the information.";
}

Make sure you have the closing php code at the end: ?>

At this point, you should be able to pull up the form, complete it, click the Submit button, and receive the data (encrypted) via email. Now, you need to decrypt it.

Install GnuPG on Your Computer

I’m assuming you never installed GnuPG on your computer. If you have or are not sure, follow the “Step-by-step GnuPG Installation and Configuration on Windows.”

If you’re sure you don’t have old GnuPG files on your computer, head to the GnuPG Download page, scroll down to the Binaries section, and click the link to get the Microsoft Windows version. Run the file you downloaded to install GnuPG on your computer. Don’t change any of the default installation settings.

Now, copy your key files from Bluehost to the GnuPG folder. This is easier said than done, because, by default, Bluehost hides the .gnupg folder where your keys are stored. Here’s what you do:

Go to the Bluehost Control Panel.
Under Advanced, click Index Manager.
Click the option to show hidden files.
Go back to the Control Panel and launch the File Manager.
Click the Home directory above the file list.
Click .gnupg. (If you still don’t see the .gnupg directory, try searching for gnupg using the Search box in the upper right corner of File Manager.)
Download the files pubring.gpg, secring.pgp, random seed, and trustdb.gpg into the folder C:\Documents and Settings\<UserProfile>\Application Data\GnuPG.

Tip: After downloading your encryption keys, consider deleting your private key – secring.pgp – from the Bluehost server for extra security. GnuPG will create a new secring.pgp on the server later when form data is submitted, but the file will be empty.

Configure GnuPG to Run from Anywhere

To avoid problems, configure GnuPG to run from any directory on your computer. In Windows XP, here’s what you’d do:

Right-click My Computer and click Properties.
Click the Advanced tab.
Click Environmental Variables.
Under System Variables, click Path and then Edit.
At the end of the path statement, type ;C:\Program Files\GNU\GnuPG
Keep clicking OK to close the dialog boxes and save your changes.

Test the Installation

To make sure GnuPG is installed correctly…

Click Start, Run.
Type cmd and press Enter.
Type gdp --version and press Enter. You should see a bunch of information about GnuPG.
Type gdp --list-keys and press Enter. You should see information about your pubring.gpg.

Install GnuPG for Outlook Express

Now, you’re ready to install GnuPG for Outlook Express. Head to the Wald GPGoe Project page, click the gpgoe download link and follow the link trail to the latest version.

Download and save the file to your computer, unzip it, and then run the file named GPGOEInit.exe. You should see a little keyhole icon in your system tray indicating the program is running.

Try It!

At this point, all the pieces are in place. Head to your website, pull up the form, enter some data, and click the Submit button. Then, run Outlook Express, check for mail, and you should receive an encrypted email message. When you open it, you should see the encrypted message along with a dialog box asking for your pass phrase. Type the pass phrase you used when creating your GnuPG keys, press Enter, and you should see the form data you entered.