Posted by shimmyshack on 02/09/07 02:24

On 9 Feb, 00:54, "laredotorn...@zipmail.com"
<laredotorn...@zipmail.com> wrote:
> Hi,
>
> I'm trying to send emails that contain credit card numbers and so I
> would like to encrypt those emails. Knowing little about how this
> works, is there a PHP module out there that does this? I assume the
> client must have something installed on his email client to interpret
> the emails?
>
> I'm using PHP 4.4.4 with Apache 2.2.
>
> Thanks, - Dave

to do this you can use a public/private key pair.
Go ask your client to create one first at thawte (they must do this to
install the private key into their system, importing either into
thunderbird, (or "IE" so that outlook can use it)
Thawte offer freemail certs

You can use another method, once you have these and in a form where
they can be used by php.

check out the manual for openssl_pkcs7_encrypt, it has examples and
working code.

It's basically this:
make and save the file: body_of_email.txt

$public_key = file_get_contents("/var/www/vhost/private/
public_cert.pem");

openssl_pkcs7_encrypt(
//body of email to be encrypted
"/var/www/vhost/private/body_of_email.txt",
//the output of this function will be saved to encrypted_body.txt
"/var/www/vhost/private/encrypted_body.txt",
//use the public key to encrypt, this email can be encrypted by
anyone,
//but only read by the one with the corresponding private key
$public_key,
//array to do with headers for the email that will be sent
array(
"To" => "client <client@needs_credit_card_info.org>",
"From" => "webserver <php_script@server.com>",
"Subject" => 'plain text unencrypted subject ')
,0
,1)
)
//get the sendmail executable path
$sendmail_exe = '/path/to/sendmail/sendmail.exe -t';
//send the encrypted_body.txt
exec($sendmail_exe . ' < "/var/www/vhost/private/
encrypted_body.txt"');

encryption can occur from anyone (they use public key) to one with
private key.
This means that your client needs the private key and that the
webserver needs the public one, you will need to export the public key
from the keypair you will generate. (the keypair is the one you will
have protected with a password)
Dont end up storing both the private and public keys on the server or
this reduces to a dictionary attack on the keypair to get hold of the
private key. Also this means your cient should choose a _strong_
password to encrypt the pair, and definately NOT his/her pop or smtp
password!!!
The subject is always sent in plain text.
If you decide to sign and encrypt, which isnt needed you will need to
make sure that the email comes from the email address assocaited with
the public key, so you dont get weird errors.


Of course you can do this differently, using gnu privacy guard.
Encrypt the body, and send over normal mail, the email client will
need something like enigmail / gpg addon. Easy on thunderbird.
I prefer certs as they are just cooler, and dont require special
client functionality. If you decide to go with Thawte pick a decent
bit length for your cert and try not to use the same password to
protect the key pair as you do to log onto Thawte itself, or firefox/
ie might save a copy of this.

Personally I use a encrypted password database from sourceforge:
http://keepass.sourceforge.net/
or
http://passwordsafe.sourceforge.net/
to store passwords associated with certs.

[Back to original message]