How-to send PGP encrypted emails (Pretty Good Privacy)
This is something I hacked a while back for some PGP encrypted emails that I needed to process. Its working nicely for me. I know its ugly but its damn unique! I haven't seen anything out there that does what this code does. I hope you can use it somehow as I'm sure I wasn't the only one looking for an easy way to decrypt/encrypt PGP.
This is the following example uses the DOS based PGP encryption/decryption program
availble from http://www.pgpi.org/ Configure the software with your PGP key by following the directions in the included files.
A self made component or a third part component like ASPExec from
http://www.serverobjects.com can be used to execute the PGP decryption
execututable.
An example VB component to do this task would contain the following code in
a Class Module.
Dim sTest, i As Integer
Dim sCommand As String
Dim sPGPTXT As String
Public Property Let Command(temp As Variant)
sCommand = temp
End Property
Public Property Get Command() As Variant
Command = sCommand
End Property
Public Property Let PGPTXT(temp As Variant)
sPGPTXT = temp
End Property
Public Property Get PGPTXT() As Variant
PGPTXT = sPGPTXT
End Property
Public Sub PGPDecrypt()
sTest = Shell(sCommand, vbMinimizedNoFocus)
sTest = ""
i = 0
Do While Not sTest = "Exit"
i = i + 1
If i > 30 Then
sTest = "Exit"
End If
If GetFileAttributes(sPGPTXT) <> -1 Then sTest = "Exit"
Sleep (500)
Loop
End Sub
To call this component from within ASP:
Set oFS = CreateObject("Scripting.FileSystemObject")
Response.Write "Decyrypting"
Set oPGP = Server.CreateObject("NWCRPGP.PGP")
oPGP.Command = "C:\inetpub\wwwroot\pgp\pgp.bat"
oPGP.PGPTXT = "C:\Inetpub\wwwroot\pgp\ASP.TXT"
Response.Write ".."
If oFS.FileExists("C:\Inetpub\wwwroot\pgp\asp.txt") Then
Set oFSTemp = oFS.GetFile("C:\Inetpub\wwwroot\pgp\asp.txt")
oFSTemp.Delete
Set oFSTemp = Nothing
Response.Write "."
End If
If oFS.FileExists("C:\Inetpub\wwwroot\pgp\asp.pgp") Then
Set oFSTemp = oFS.GetFile("C:\Inetpub\wwwroot\pgp\asp.pgp")
oFSTemp.Delete
Set oFSTemp = Nothing
Response.Write "."
End If
Set oFSTemp = oFS.CreateTextFile("C:\Inetpub\wwwroot\pgp\asp.pgp", True)
Response.Write ".."
oFSTemp.Write sTemp
oFSTemp.Close
Set oFSTemp = Nothing
Response.Write ".."
oPGP.PGPDecrypt
Response.Write "...."
Set oFSTemp = oFS.OpenTextFile("C:\Inetpub\wwwroot\pgp\ASP.TXT")
Response.Write oFSTemp.ReadAll
oFSTemp.Close
Set oFSTemp = Nothing
Set oFSTemp = oFS.GetFile("C:\Inetpub\wwwroot\pgp\asp.txt")
oFSTemp.Delete
Set oFSTemp = Nothing
Set oFSTemp = oFS.GetFile("C:\Inetpub\wwwroot\pgp\asp.pgp")
oFSTemp.Delete
Set oFSTemp = Nothing
Set oFS = Nothing
Set oPGP = Nothing
Contained in the pgp.bat file is:
c: CD \inetpub\wwwroot\pgp
pgp -v -o asp.txt -z password asp.pgp
This code is in no way in a condition for production use.
Things to think about:
Decrypting to a file is insecure because your unencrypted message will be
saved, even if temporarily, to the HD which could allow access to it.
Sending the PGP encrypted message directly and receiving to/from the program
would be much more secure. If multiple instances of this ran they would conflict since its using the
same file names.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More ASP Code Articles
More By aspfree
developerWorks - FREE Tools! |
Hold your calendar on January 30, 2008 for this free webcast on the new i5/OS. Rational's Enterprise Modernization products will be discussed at this webcast as they help to drive the application development environment for this new System i OS. <br />And learn how i5/OS will take you to the next step of efficient, resilient business processing. You will hear about the new i5/OS capabilities as it will be the most significant i5/OS release in years. If you cannot join the webcast on 1/30/08 you can still use this link to listen to the replay.<br /> FREE! Go There Now!
|
|
|
|
Building a software-as-a-service solution requires addressing a few key technical challenges. In this webcast, we'll focus on the role of IBM Tivoli Directory Server and WebSphere Portlet Factory in creating a Software as a Service solution. We will demonstrate how to use Tivoli Directory Server to prevent the user population of one tenant from accessing the virtual portal and portlet components of another tenant. We will also use the dynamic profile capability of WebSphere Portlet Factory to create multiple highly customized applications from one code base. FREE! Go There Now!
|
|
|
|
Secure your Web applications with IBM Rational AppScan Standard Edition V7.7, previously known as Watchfire AppScan. This Web application security testing tool automates vulnerability assessments and scans and tests for common Web application vulnerabilities. Visit IBM developerWorks to download a free trial of IBM Rational AppScan Standard Edition V7.7. FREE! Go There Now!
|
|
|
|
Learn how Rational Build Forge can extend a simple compile and package build process by adding customization and deployment capability. Go from a manual method to automating: checking for code changes; getting the latest source; compiling and packaging; customizing; copying to and restarting a deployment server; and sending e-mail notification that a new version is available. FREE! Go There Now!
|
|
|
|
Listen to this webcast to get an overview of Info 2.0 and a technical demo of how to quickly build an enterprise mashup. IBM's Info 2.0 technology leverages emerging Web 2.0 technologies such as mashups, feeds, AJAX, and JSON in order to simplify assembly of information using feeds and services. Come learn about the technical elements of Info 2.0 including the Feed Generation framework, Mashup Engine, and mashup assembly components. Learn how to pull information from databases, departmental information, and the Web to create mashups critical to your company’s success. We will also discuss best practices to help you get started. FREE! Go There Now!
|
|
|
|
Portfolio Management is about effectively managing portfolio value by aligning portfolio investments with business goals. This complimentary e-kit provides a collection of materials that can help you understand how IBM Rational enables and automates best practices for improved governance and clear visibility into portfolio and project performance across the entire IT project lifecycle. FREE! Go There Now!
|
|
|
|
Join this Rational Talks to You teleconference on December 6 at 1:00 pm ET to participate in an agile application development discussion and get your questions answered on using IBM Rational Method Composer in a distributed environment.Get your questions answered! FREE! Go There Now!
|
|
|
|
Because access to government information continues to be an area of concern for many U.S. citizens with disabilities, the U.S. government enacted Section 508 of the Rehabilitation Act in 2001 to ensure that government agencies create accessible Web content, enabling all citizens to access the information they need. A fully accessible Web site makes Web content accessible to all individuals, including those with disabilities, who may be accessing Web content via a variety of user agents. Common user agents include standard Web browsers, text-only browsers, assistive devices and mobile devices such as cell phones or personal digital assistants (PDAs). FREE! Go There Now!
|
|
|
|
As organizations have grown increasingly dependent on online software, the risk of malicious attacks has also become far more serious. Fortunately, well-governed organizations can protect their Web applications by injecting vulnerability assessments and ethical hacks into their software development and delivery processes. This paper describes 12 of the most common hacker attacks and provides basic rules that you can follow to help create more hack-resistant Web applications. FREE! Go There Now!
|
|
|
|
Get a free trial download of the latest version of IBM Rational Functional Tester V7.0.1. Rational Functional Tester is an automated functional and regression testing solution for QA teams concerned with the quality of their Java, Microsoft Visual Studio .NET, and Web-based applications. FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools! |