While adding the PGP HTML Report feature to WeSunSolve, I first successfully crypted the content of the HTML report to be sent to the user with PGP key. I would have thought that this was gonna be the hardest part, that was without thinking about MIME and HTML support of PGP encrypted mails.
Here is how I finally ended up by creating HTML PGP encrypted Mails using PHP which can be opened using (at least) claws-mail and thunderbird with proper rendering of the HTML report:
Content of the clear message
To: test@test.com Subject: My HTML crypted report X-PHP-Originating-Script: 1000:mlist.obj.php From: "We Sun Solve" <admin@wesunsolve.net> Reply-to: admin@wesunsolve.net X-Sender: WeSunSolve v2.0 Message-ID: <1335717276@wesunsolve.net> Date: Sun, 29 Apr 2012 18:34:36 +0200 MIME-Version: 1.0 Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="------------enig029BFFF948226050D5D90E10F" This is an OpenPGP/MIME encrypted message (RFC 2440 and 3156) --------------enig029BFFF948226050D5D90E10F Content-Type: application/pgp-encrypted Content-Description: PGP/MIME version identification Version: 1 --------------enig029BFFF948226050D5D90E10F Content-Type: application/octet-stream; name="encrypted.asc" Content-Description: OpenPGP encrypted message Content-Disposition: inline; filename="encrypted.asc" -----BEGIN PGP MESSAGE----- Version: GnuPG v1.4.10 (GNU/Linux) ****SNIPPED PGP CRYPTED BASE64 MESSAGE **** -----END PGP MESSAGE----- --------------enig029BFFF948226050D5D90E10F--
Content of the PGP encrypted part
Content-Type: multipart/alternative; boundary="------------F983FADF500537B8AFDC5E483" This is a multi-part message in MIME format. --------------F983FADF500537B8AFDC5E483 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable You need to have a MUA capable of rendering HTML to read the WeSunSolve emails. You can consult the website http://wesunsolve.net if you are not able to read this email, the information sent to you should also be on the website... --------------F983FADF500537B8AFDC5E483 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable --------------F983FADF500537B8AFDC5E483--
This is the report in cleartext!
Code Used
$pgpmime = ”;
$mime = ”;
$headers = ”;
$dest = ‘test@test.com’;
$subject = ‘My HTML crypted report’;
$clearContent = ‘<html><p>This is the report in cleartext!</p></html>’;
$clearText = ‘This is the text version of the report’;
/* Prepare the crypted Part of the message */
$bound = ‘————‘.substr(strtoupper(md5(uniqid(rand()))), 0, 25);
$pgpmime .= “Content-Type: multipart/alternative;\r\n boundary=\”$bound\”\r\n\r\n”;
$pgpmime .= “This is a multi-part message in MIME format.\r\n”;
$pgpmime .= “–$bound\r\n”;
$pgpmime .= “Content-Type: text/plain; charset=utf-8\r\n”;
$pgpmime .= “Content-Transfer-Encoding: quoted-printable\r\n\r\n”;
$pgpmime .= $clearText.”\r\n\r\n”;
$pgpmime .= “–$bound\r\n”;
$pgpmime .= “Content-Type: text/html; charset=\”utf-8\”\r\n”;
$pgpmime .= “Content-Transfer-Encoding: quoted-printable\r\n\r\n”;
$pgpmime .= $clearContent.”\r\n”;
$pgpmime .= “–$bound–\r\n”;
$content = GPG::cryptTxt($pgpkey, $pgpmime);
/* Make the email’s headers */
$headers = ”;
$headers = “From: $from\r\n”;
$headers .= “Reply-to: “.$config[‘mailFrom’].”\r\n”;
$headers .= “X-Sender: WeSunSolve v2.0\r\n”;
$headers .= “Message-ID: <“.time().”@”.$_SERVER[‘SERVER_NAME’].”>\r\n”;
$headers .= “Date: ” . date(“r”) . “\r\n”;
$bound = ‘————enig’.substr(strtoupper(md5(uniqid(rand()))), 0, 25);
$headers .= “MIME-Version: 1.0\r\n”;
$headers .= “Content-Type: multipart/encrypted;\r\n”;
$headers .= ” protocol=\”application/pgp-encrypted\”;\r\n”;
$headers .= ” boundary=\”$bound\”\r\n\r\n”;
/* And the cleartext body which encapsulate PGP message */
$mime = ”;
$mime .= “This is an OpenPGP/MIME encrypted message (RFC 2440 and 3156)\r\n”;
$mime .= “–$bound\r\n”;
$mime .= “Content-Type: application/pgp-encrypted\r\n”;
$mime .= “Content-Description: PGP/MIME version identification\r\n\r\n”;
$mime .= “Version: 1\r\n\r\n”;
$mime .= “–$bound\r\n”;
$mime .= “Content-Type: application/octet-stream; name=\”encrypted.asc\”\r\n”;
$mime .= “Content-Description: OpenPGP encrypted message\r\n”;
$mime .= “Content-Disposition: inline; filename=\”encrypted.asc\”\r\n\r\n”;
$mime .= $content.”\r\n”;
$mime .= “–$bound–“;
mail($dest, $subject, $mime, $headers);
Pingback: html mail encryption from terminal