What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.

At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.

We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.


  • Profile Image

    Decrypt JotForm Post Data with PHP

    Asked by jgregoire on November 08, 2016 at 03:53 PM

    Hello,

    I need to post our form to a php script and do some additonal processing on the data.  One of the fields is SSN, so we were told we have to encrypt the form. First off, is that accurate. If it's not, then the rest of this question is not necessary. 

    We are unable to decrypt the post data on our end. I have created a key pair and successfully encrypted and decrypted data with it. Then I add our public key to jotform and send the post data across, but it will not decrypt it. It won't event decrypt the data inside of jotform.

    So I then tried having jotform create the keys and then use the jotform private key to decrypt the post data, but I get the same result.  Do you have examples of how to decrypt the post data? Are you encoding the encrypted data before posting? Any help would be appreciated.

    Thanks!

    decrypt data encrypted form php
  • Profile Image
    JotForm Support

    Answered by Mike on November 08, 2016 at 09:08 PM

    Thank you for contacting us.

    Here is an answer from our developers from a similar thread:

    On encrypted forms, we're using the RSA algorithm which is the most widely-used public key cryptography algorithm in the world.  
     
    We don't have any chance to decrypt your data. Your private key is  generated on your own browser, and stored in your computer. It never reaches to our servers.
     
    You should create your own solution to decrypt the data on your end. Simply fetch the data with API, revert the base64 encoding to binary, and decrypt it with OpenSSL.
     
    Lets assume your data is in a file called "encrypted.field"
     
    ➜  cat encrypted.field
    vg89vZgwY3yu55W5j4wFnEQ6ugbg15MH0wq+gu8YXNJvBSiqvVgny+nQjXJEE4lS7LO2MLWn8qw1asnnH0LHfP/f/c9zajEmF4NSihk2P8cZ1U+WmmfiCdyU2UbkSjTl3boT+uYQvNo9mSsgSkga3MEbaHuCcTLuQcTwQBUo039L+gv7mMJxQoD3hHM6i1gQhONch/swWXJzqpV4iVYzboqMtWujo+l60L7C7cy4FiVUUHLhL62dNmT6vAaWaFG5Fh2NnPVwxqWYQhCniJ9qqzdOMYyjWD8uUDjXArNAuzXljaZThoxVURvmKz3xNb4z8kW9gJd2CPSO0PBcuwFJ2Q==
     
    ## Pipe base64 decoded data to OpenSSL in Decryption mode
     
    ➜  base64 -D encrypted.field | openssl rsautl -decrypt -inkey eee.key
    My super secret data!
     
    You can use PHP, NodeJS or any other programming languages to decrypt your data.
     
    ## Example in PHP
     
    class Decryption { public $privateKey = '{yourPrivateKey}'; public function decrypt($data) { if (openssl_private_decrypt(base64_decode($data), $decryptedData, $this->privateKey))
    return $decryptedData; return "Decryption failed!"; } }
    For more details, you can check the openssl_private_decrypt function in PHP Manual.
     

    If you need any further assistance, please let us know.

  • Profile Image

    Answered by jgregoire on November 09, 2016 at 06:07 PM

    I got it working! Thanks!