GPG Contact Form rev10 SVN

GPG message encryption
GPG Contact Form is a tool that encrypts messages with your Public GPG Key from the server and delivers the encrypted message to your inbox. Supports both MySQL and PostgreSQL Databases.

It is powered by PHP.

INSTALLATION

First off, you need to upload all of the files in /gnupgcontact to your webserver. It could be uploaded to /contact for example.

We need to temporarily give /inc write permission so just go ahead and run:

chmod 777 inc/

This will ensure that the database.php file can be created at installation, solving many problem for you.

I have added a little command into the installation file which will automatically detect the full path to the gpg binary or the webserver. If you get any errors about this, it means that your webserver is running in SafeMode and can not execute the code.

However, the default path to gpg should be:

/usr/bin/gpg

In order for GPG to function correctly, it will need to use a keyring and public key to encrypt the messages sent through the contact form, with your public key. If you don't have one, this is senseless.

The easiest way to obtain a keyring without any other keys (AND private keys) is to copy your .gnupg directory (on your computer) to a different location and then begin running:

gpg --homedir /path/to/new/gnupg_directory --delete-key KEYID

Until you have none left but your public key. NOTICE! It is a security risk to have your private key on this keyring, as it will be web-accessible. To delete your private key from the keyring, run:

gpg --homedir /path/to/new/gnupg_directory --delete-secret-keys KEYID

When you are all finished, make sure you only have one key on your new keyring, and that is your public key:

gpg --homedir /path/to/new/gnupg_directory --list-keys

With that complete, you may now upload this directory to your webserver. You must know the path to this directory for installation!

On the Installation page, for the "Key Id" submit field, DO NOT fill in your keyid in, as the following fashion: "0xAB2356FD". Please simply use "AB2356FD" instead.

The rest of the installation should be self-explanitory! Have fun!

GPG Permission Problems

If you keep getting blank emails, it's because there is a problem with GPG outputting the encrypted text. Here is a list of permissions that you should manually set to get the thing to work properly, should you have any problems.

The .gpg directory:

rwx-rwx-rwx (777)

.gpg/pubring.gpg:

rwx-r-x-r-x (755)

.gpg/randomseed:

rwx-r-x-r-x (755)

.gpg/secring.gpg:

rw-------   (600)

.gpg/trustdb.gpg:

rw-r--r--   (644)

Theoritically, the only file necessary is .gpg/pubring.gpg but if you are copying your default .gpg directory, those other files are most likely there. If they are missing they will be created when GPG executes.

last updated on:
October 11th, 2008, 2:54 GMT
price:
FREE!
homepage:
launchpad.net
license type:
GPL v3 
developed by:
Dr Small
category:
ROOT \ Security
GPG Contact Form
Download Button

In a hurry? Add it to your Download Basket!

user rating

UNRATED
0.0/5
 

0/5

Rate it!

Add your review!

SUBMIT