我很感兴趣是否有人知道一些用于联系表单的 php 脚本/代码,我可以将其放置在我的(html)网站中,并且访问者可以向我发送消息(甚至可能是附件),该消息将使用我的公钥自动加密并以 txt 格式保存在服务器上文件?
我不需要发送到我的电子邮件,只需保存在 txt 文件中,当它加密保存时,我可以使用我的私人 gpg 密钥复制和解密它。
我发现了类似的东西,但它不适合我,因为它会自动解密服务器中的消息,这意味着我必须在配置文件中写入私钥的密码,这很糟糕,因为服务器的管理员可以为我读取消息: https://privacybox.de/index.en.html (有源代码:https://privacybox.de/eval.en.html)
我需要将消息加密保存,所以我是唯一可以阅读它的人。
我想我的公钥应该通过 php 脚本访问,并且我会将我的公钥存储在网站的根文件夹中。我这么说是因为我看到一些代码看起来像我的 www 根文件夹之外的 gpg 文件夹:
<?php
$gpg = '/usr/bin/gpg';
I am interested if anyone knows some php script/code for contact form which I could place in my (html) website and visitor can send me message (maybe even attachment) which will be encrypted with my public key automatically and saved on server in txt file?
I don't need to be sent to my email, just saved in txt file and when it is saved encrypted, I can copy and decrypt it with my private gpg key.
I found something similar but it is not for me because it is decrypting message in server automatically and it means I must write password for private key in configuration file and that's bad because admin of server could read messages for me: https://privacybox.de/index.en.html (there is source code: https://privacybox.de/eval.en.html)
I need message to be saved encrypted, so I am the only one who could read it.
I suppose my public key should be accessed by php script and I would store my public key in my root folder of website. I say it because I saw some code which look like gpg folder outside of my www root folder:
<?php
$gpg = '/usr/bin/gpg';
发布评论
评论(2)
如果您不能信任您的管理员,服务器端加密将无济于事。消息以纯文本形式发送到服务器,因此管理员可以在消息加密之前轻松窃听消息。
您可能正在寻找一种在客户端上加密消息的解决方案,即。通过 JavaScript 加密(如果可以选择)。我不太确定您是否可以通过这种方式访问文件附件。
If you cannot trust your admin, server-side encryption won't help. The message is sent to the server as plain text, so the admin could easily eavesdrop on the message before it is encrypted.
You might be looking for a solution that encrypts your message on the client, ie. encrypting via JavaScript if this is an option. I'm not quite sure if you can access file attachments this way.
这里我们有一个“使用 Javascript 加密到 PGP / GnuPG / GPG”的教程 (链接)。
本教程基于第一个已知的 JavaScript-GnuPG 加密,由 Herbert Hanewinkel 编码(链接)。
Here we have a tutorial for "Encrypting to PGP / GnuPG / GPG using Javascript" (link).
This tutorial is based on first known JavaScript-GnuPG Encryption, coded by Herbert Hanewinkel (link).