We use a small program (2 cgi scripts and 1 config file) which collects text entered into nine text fields from a webform and stores it for a particular webform owner (user) to log in and collect.
It is a simple private contact/medical record communication system.
The issue is the script does not encrypt the contact details it stores. We need for it to do exactly what it does, but encrypt the details it collects.
We can easily create RSA encryption keys in the GnuPG section of our cPanel control panel. We are on a Linux/Apache/cPanel server so its existing GnuPG encryption system is already available. We just need this existing cgi script to communicate to it.
We need a function written into the cgi script so the contact details entered into the webform on its way to being stored (the normal process of the script) actually gets encrypted to that webform's users public key which we have created for him/her from cPanel and exists in the .gnupg directory.
The location where the cgi script stores the encrypted details can remain the same - no change needed there.
To retrieve the contact details, what happens at the moment is good - when a user logs into their medi-panel using a username and pass the script retrieves stored contact details and displays it, this allows the user to print the contact details for filing. They then can delete the stored details from their medi-admin section by clicking a button. So the script works well, the mechanics do not need to be changed here either.
However, in this retrieval part there obviously needs to be some code in the cgi script for it to trigger decryption of the stored details using that webform owners private key, so the data is displayed normally to them.
We do not mind both private and public keys being on the same server although if you can suggest something more secure we would be interested.
We are not after a new program. We do not want to use MySQL either. The current program stores contact details in a directory at root which I think is a little safer than MySQL.
The current program does all of the above with the exception of encrypting/decrypting the contact details submitted.
It is critically important contact details (the only details entered into the webform) are encrypted to an extremely high level. The encryption key strengths available to us through GnuPG section of cPanel provide this.
We do not know whether this is just a matter of small snippets of code that enables the script to talk to the GnuPG encryption keys we create, or possibly something more.
Although this may not be a huge job it is very important things be done right and securely so we are hoping only those who are very confident with this sort of thing will contact us.
Please contact us for more details if interested.