Sorry to bother, but I was wondering if a mod might move my topic into this forum:
http://www.linuxquestions.org/questi...il-4175452903/

The basic idea is that I want to determine how to take a simple text message (possibly containing sensitive information) and encrypt it using someone's public key.

From reading the thread you linked to, it looks like your still looking for a solution?

Here is a simple example using gpg, which in my opinion is much easier than SSL and Mime. I used the example of sending an email to "slackbuilds" since I have their public (only) key

I appreciate the responses, but the goal here is not to login via SSH and use gpg vid command line. I have some facility with gpg and have seen that madboa page before.

What I'm trying to do is concoct a PHP script which will provide a way for a developer to email potentially sensitive information securely to one or more intended recipients by encrypting it with their public key. I believe this is communicated in the other thread. The main issue is that gpg requires interaction and you have to maintain a keyring, etc. I was much rather hoping to skip all the keyring maintenance, all the prompts, etc., and just encrypt a text message using a public key.

There is no way I know of to skip the keyring maintenance you want to avoid with GPG, other than using symmetric encryption only.

PKI might not be the solution you are seeking here. Perhaps you could explain your security requirement in a little more detail.

The primary motivation for wanting this is that I'm working on a PHP script that handles Instant Payment Notifications. While this page is securely hosted (and only makes secure HTTPS connections to verify that any posts are valid) and furthermore does not ever traffic in sensitive payment information such as account numbers, etc., I would like to be able to notify a developer when an unexpected error occurs by emailing the POST data to the developer's email address. It seems a simple enough affair to set up one's mail client to send and receive encrypted messages, it seems that simply using somebody's public key to encrypt a message is unexpectedly difficult.

I'd like to use public-key cryptography so that a server compromise would not necessarily reveal any important keys (such as might be used in symmetric encryption). The basic idea is that the server would be able to send an encrypted message to the developer (or someone else) without needing any especially sensitive data.

I'd like to avoid manipulating a keyring so that deployment of such an emailing script is easier. It would be ideal if the PHP script that sends this message would be configurable with just a few bits of information:
1) the recipient's email address
2) the recipient's public key
3) maybe some SMTP credentials to send the mail via SMTP gateway.

OK so I pulled out my copy of Bruce Schneier's Applied Cryptography (an really good book) and has a very helpful section on Privacy-Enhanced Mail(PEM) which I've been looking at. Turns out PEM is not just way to encrypt things but it describes a variety of privacy-related protocols. To summarize Schneier:
The basic idea is that it describes protocols for sending encrypted and/or signed messages while also describing what has gone into encrypting and/or signing them. It supports both symmetric and public key encryption. The Wikipedia link above says that it was not widely adopted due to its reliance on a centralized root CA.

I think this cocktail of encryption-plus-protocol is what I'm after. Schneier also has a section on PGP (which uses web-of-trust rather than centralized CA) but details about the protocol look pretty light.

Seems to me that if I want to have PHP sending these messages, I will probably have two choices:
1) concoct awkward CLI stuff in PHP and use exec to manipulate key rings and such to get gpg to encrypt my messages (and then take care to shred and/or cleanup the file system to make sure my sensitive messages don't hang around
2) use mcrypt or some other PHP extension to encrypt my messages and then write PHP code to build out the appropriate email-friendly protocol aspects described by PEM and/or PGP such that the message, when it arrives at somebody's mail client, will be decipherable by something like Enigmail or some other secure mail client/plugin.

Surely someone has done this before?

For option 1 above, these functions look pretty useful:
http://www.php.net/manual/en/function.gnupg-encrypt.php

You might also be able to use the PHP execute function to call GPG to perform the encryption. I don't see anyway around maintaining a keyring, at least a public one as you will need the public key for each recipient that you want to send to.

A while back, I was working on a similar project for a payment system that I wanted to submit the information for processing via an encrypted mail. One of the problems I ran into was the need for temporary files to work the encryption on. This was a weak spot in the system that could be potentially exploited and I abandoned the idea. However you go about it, the best idea is to not store sensitive information on your system at all, and what little of it you do have to not write to disk.

I'm inclined to use the PHP extension for the simple reason that it would be easier than concocting all the exec commands myself.

This is disappointing as I was hoping to merely provide the location of a file containing a public key and have my routine encrypt away, but I think I can live with the idea of a keyring. I expect it might be feasible to maintain a keyring for each application.

Agreed! And thanks for pointing that out. In reading Schneier, I happened across a discussion about scrubbing a file system -- a lengthy process. Schneier quotes a passage from the National Computer Security Center:
I think all those multiple overwrites are intended if you are worried about someone actually physically obtaining your storage media. I wonder if the linux shred command would be sufficient?

If your using traditional magnetic media, the shred and overwrite commands will do an excellent job of making data practically irretrievable, even with a simple overwrite or two. By practically I mean without special and expensive forensic tools to where the common criminal is not a concern. If you have an SSD or other flash based material, these tools can be spotty at best because of things like the wear mechanisms.

You mentioned reading Schneier. I have been reading his latest book, Liars and Outliers and really enjoying it. It has been out long enough to be available via inter-library loan now too.

Re the keyring, I think you may be worrying over nothing. You're only storing Public(!) keys, so there's no problem with having it sit on the disk, or even be exposed to the world; that's what they are for.
Its only Private keys that require protection.
The keyring is just the equivalent of a big file with all the Public keys stored in it; not that different from your file-per-key.

Note that each user can have their own keyring, so you can do it that way if you want to keep them physically separate.
You'd have to allow your PHP to suexec to each required user (or maybe put them all in the same group and use group perms for php access).

I'm quite confused by this thread. To send a message to someone, you need to know their public key. Only they, with their private key, can decrypt it.

Message-signing requires knowledge of the signer's public key. Successful decryption of the message signature indicates that the possessor of the corresponding private key must have created that signature.

However ... the concept of what you are wanting to do is not a good one, and I daresay that PayPal would put the kabosh on your account if they caught wind of it. The notification should, yes, be encrypted (so that eavesdroppers can't detect whether a notification succeeded or failed), but it should not contain detailed information. The technician should have to log-in himself to see details.

Software support for Privacy-Enhanced Mail (PEM) is not hard to come by, e.g. in Perl or any other "real" programming-language tool. If you're for example trying to pony something up with bash-scripting, you're going about this the wrong way.

I appreciate the input here. I'm a bit over extended at the moment and so I've not been able to get into this as much as I would like.

I'm aware of all this and have tinkered with using GPG in a variety of ways. What I'm moaning about really is the need to maintain a keyring in a server context -- it makes deployment more involved if I'm trying to do this in a PHP script. It would be ideal if my PHP script could just refer to a text file for the public key of the intended recipient. If I must also take steps to import this public key into yet another file and possibly take other configuration steps (like setting a level of trust, etc.) then it gets more involved.

I'm also somewhat confused about formats for public keys. It would appear that the public key I exported using gpg4win (the more-or-less official distro of gpg for windows AFAIK) is not a *certificate* which is what gpg seems to want. I'm still trying to sort out the difference between x.509, PEM, and SSL certs.

Again, this is server config I'd like to avoid. Ideally I would just have a script that refers to a key file and takes care of using it to encrypt something. It's bad enough that I'll probably have to install the GNUPG PECL extension. That each use would then need to maintain their keyring somehow seems like still more configuration blah-blah.

I realize that maintaining a keyring has in large part to do with scrutinizing the trust levels and legitimacy of recipients (a big part of security to be sure!) but would like to reiterate that this encryption thing for me is largely motivated by a desire to email *myself* or *close associates* an encrypted message such that a) any sensitive information would be encrypted end-to-end while in transit and b) there would be no need for any sensitive keys or anything on the server -- just my public key.