How-to send PGP encrypted emails (Pretty Good Privacy)
This is something I hacked a while back for some PGP encrypted emails that I needed to process. Its working nicely for me. I know its ugly but its damn unique! I haven't seen anything out there that does what this code does. I hope you can use it somehow as I'm sure I wasn't the only one looking for an easy way to decrypt/encrypt PGP.
This is the following example uses the DOS based PGP encryption/decryption program
availble from http://www.pgpi.org/ Configure the software with your PGP key by following the directions in the included files.
A self made component or a third part component like ASPExec from
http://www.serverobjects.com can be used to execute the PGP decryption
execututable.
An example VB component to do this task would contain the following code in
a Class Module.
Dim sTest, i As Integer
Dim sCommand As String
Dim sPGPTXT As String
Public Property Let Command(temp As Variant)
sCommand = temp
End Property
Public Property Get Command() As Variant
Command = sCommand
End Property
Public Property Let PGPTXT(temp As Variant)
sPGPTXT = temp
End Property
Public Property Get PGPTXT() As Variant
PGPTXT = sPGPTXT
End Property
Public Sub PGPDecrypt()
sTest = Shell(sCommand, vbMinimizedNoFocus)
sTest = ""
i = 0
Do While Not sTest = "Exit"
i = i + 1
If i > 30 Then
sTest = "Exit"
End If
If GetFileAttributes(sPGPTXT) <> -1 Then sTest = "Exit"
Sleep (500)
Loop
End Sub
To call this component from within ASP:
Set oFS = CreateObject("Scripting.FileSystemObject")
Response.Write "Decyrypting"
Set oPGP = Server.CreateObject("NWCRPGP.PGP")
oPGP.Command = "C:\inetpub\wwwroot\pgp\pgp.bat"
oPGP.PGPTXT = "C:\Inetpub\wwwroot\pgp\ASP.TXT"
Response.Write ".."
If oFS.FileExists("C:\Inetpub\wwwroot\pgp\asp.txt") Then
Set oFSTemp = oFS.GetFile("C:\Inetpub\wwwroot\pgp\asp.txt")
oFSTemp.Delete
Set oFSTemp = Nothing
Response.Write "."
End If
If oFS.FileExists("C:\Inetpub\wwwroot\pgp\asp.pgp") Then
Set oFSTemp = oFS.GetFile("C:\Inetpub\wwwroot\pgp\asp.pgp")
oFSTemp.Delete
Set oFSTemp = Nothing
Response.Write "."
End If
Set oFSTemp = oFS.CreateTextFile("C:\Inetpub\wwwroot\pgp\asp.pgp", True)
Response.Write ".."
oFSTemp.Write sTemp
oFSTemp.Close
Set oFSTemp = Nothing
Response.Write ".."
oPGP.PGPDecrypt
Response.Write "...."
Set oFSTemp = oFS.OpenTextFile("C:\Inetpub\wwwroot\pgp\ASP.TXT")
Response.Write oFSTemp.ReadAll
oFSTemp.Close
Set oFSTemp = Nothing
Set oFSTemp = oFS.GetFile("C:\Inetpub\wwwroot\pgp\asp.txt")
oFSTemp.Delete
Set oFSTemp = Nothing
Set oFSTemp = oFS.GetFile("C:\Inetpub\wwwroot\pgp\asp.pgp")
oFSTemp.Delete
Set oFSTemp = Nothing
Set oFS = Nothing
Set oPGP = Nothing
Contained in the pgp.bat file is:
c: CD \inetpub\wwwroot\pgp
pgp -v -o asp.txt -z password asp.pgp
This code is in no way in a condition for production use.
Things to think about:
Decrypting to a file is insecure because your unencrypted message will be
saved, even if temporarily, to the HD which could allow access to it.
Sending the PGP encrypted message directly and receiving to/from the program
would be much more secure. If multiple instances of this ran they would conflict since its using the
same file names.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More ASP Code Articles
More By aspfree
developerWorks - FREE Tools! |
This whitepaper presents the benefits of successfully introducing static analysis into your organization using IBM Rational Software Analyzer. Additionally, it identifies some common pitfalls that can hinder the effective use of static analysis tooling as well as presents 10 simple strategies designed to help you quickly realize the value of static analysis using Rational Software Analyzer. FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to download a free trial of the latest release of IBM Lotus Sametime Standard V8.0. Lotus Sametime Standard V8.0 is a platform for unified communications and collaboration that combines security features with an extensible, open solution including integrated Voice over IP, geographic location awareness, mobile clients, and a robust Business Partner community offering telephony and video integration. FREE! Go There Now!
|
|
|
|
Join us for this web seminar to learn how you can defend your web applications from attack. Learn about the 3 most common web application attacks, including how they occur and what can be done to prevent them. We’ll also discuss manual versus automated approaches for scanning and identifying web application vulnerabilities and how IBM Rational AppScan, an automated vulnerability scanner, can help you automate more of what you are doing manually today. FREE! Go There Now!
|
|
|
|
Analysts, architects, and developers who have existing COBOL or PL/I skills and want to extend those skills to deploy new workloads on the mainframe can use the IBM Enterprise Modernization Sandbox for System z to find hands-on walkthroughs of common real world scenarios. The scenarios provide examples of how to rapidly design, create, assemble, test, and deploy high-quality Web, Web services, portal, and SOA applications for IBM CICS, IBM IMS, and IBM WebSphere Application Server. FREE! Go There Now!
|
|
|
|
Rational Modeling Extension for Microsoft .NET enhances usability for code generation supporting a more intelligent refactoring. The latest enhancements enable organizations with Java and .NET systems and software development maintain architectural integrity across heterogeneous platforms. FREE! Go There Now!
|
|
|
|
Join this Rational Talks to You teleconference on December 11 at 1:00 pm ET to get tips on building your own plugins with Rational Method Composer. Get your questions answered! FREE! Go There Now!
|
|
|
|
Regression testing -- in which code is thoroughly tested to ensure that changes have not produced unexpected results -- is an important part of any development process. But many testing environments neglect the terminal-based applications that still form the backbone of many industries. In this tutorial, you'll learn how the Rational Functional Tester Extension for Terminal-Based Applications works with other Rational Functional Tester to help test terminal-based applications quickly and easily. FREE! Go There Now!
|
|
|
|
Whether you are creating new applications or modifying existing ones, managing integration of new components with traditional z/OS elements is a critical part of building and deploying modern applications. Listen to this webcast to see how IBM can help you optimize your development process using an IDE like Rational Developer for System z that integrates with management tools, such as ClearCase to manage your application development on mainframes. FREE! Go There Now!
|
|
|
|
The Eclipse community is constantly working to extend Eclipse's functionality. In this webcast, learn about some of the most important and feature-rich projects under development. From multi-language support to plug-in development, tune in to see what Eclipse is capable of now. FREE! Go There Now!
|
|
|
|
Join this webcast to learn how IBM Rational's Functional Testing solution enables you to implement automation your way, at your pace, with your existing staff. In this webcast, you’ll learn how you can eliminate redundancy of manual test scripts, reduce errors, and increase test coverage through test automation. After this presentation you will understand how IBM Rational Functional Testing solution can streamline your manual testing and make test automation easily attainable. FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools! |