gravity-forms-encryptorator.php

<?php

/*
Plugin Name: Gravity Forms Encryptorator
Plugin URI: https://github.com/humanmade/Gravity-Forms-Encryptorator
Description: Encrypt all Gravity Forms data on the way into the database using openssl public encryption, data can only be decrypted with the associated private key.
Author: Human Made Limited
Version: 1.0 Alpha
Author URI: http://www.hmn.md/
*/

// TODO - Long entry details get truncated after they are encrypted which mean the short version is nonsensical, that breaks the detail list page view .

// Show a message in the admin if the public key path isn't working
if ( ! defined ( 'HMGFE_PUBLIC_KEY' ) || ( defined( 'HMGFE_PUBLIC_KEY' ) && ! HMGFE_PUBLIC_KEY ) || ( defined( 'HMGFE_PUBLIC_KEY' ) && ! is_readable( HMGFE_PUBLIC_KEY ) ) )
	add_action( 'admin_notices', function() { ?>

		<div id="hmgfe-warning" class="updated fade"><p><strong><?php _e( 'Gravity Forms Encryptorator is almost ready.', 'hmgfe' ); ?></strong> <?php printf( __( 'You need to set the path to your public key file by adding %2$s to your %1$s file.', 'hmgfe' ), '<code>wp-config.php</code>', '<code>define( \'HMGFE_PUBLIC_KEY\', \'path/to/your/keyfile.pem\' );</code>' ); ?></p></div>

	<?php } );

add_filter( 'gform_save_field_value', function( $value, $lead, $field, $form ) {

	// Load the public key
	if ( defined( 'HMGFE_PUBLIC_KEY' ) && HMGFE_PUBLIC_KEY && file_exists( HMGFE_PUBLIC_KEY ) && is_readable( HMGFE_PUBLIC_KEY ) ) {

		$public_key = openssl_get_publickey( fread( $handle = fopen( HMGFE_PUBLIC_KEY, 'r' ), 8192 ) );
		fclose( $handle );

		// If we have a public key then encyrpt the data
		if ( ! empty( $public_key ) && openssl_seal( $value, $encrypted_value, $env_keys, array( $public_key ) ) )
			$value = base64_encode( $encrypted_value ) . ':::' . base64_encode( reset( $env_keys ) );

		// Free the key from memory
		openssl_free_key( $public_key );

	}

	return $value;

}, 10, 4 );

add_filter( 'gform_get_field_value', function( $value, $lead, $field ) {

	// If we have a decryption key
	if ( defined( 'HMGFE_PRIVATE_KEY' ) && HMGFE_PRIVATE_KEY && file_exists( HMGFE_PRIVATE_KEY ) && is_readable( HMGFE_PRIVATE_KEY ) ) {

		$private_key = openssl_get_privatekey( fread( $handle = fopen( HMGFE_PRIVATE_KEY, 'r' ), 8192 ) );
		fclose( $handle );

		if ( is_string( $value ) ) {

			$encrypted_value = base64_decode( reset( explode( ':::', $value ) ) );
			$env_key = base64_decode( end( explode( ':::', $value ) ) );

			// If we have a public key then encyrpt the data
			if ( $env_key && openssl_open( $encrypted_value, $decrypted_value, $env_key, $private_key ) )
				$value = $decrypted_value;

		}

		// Decrypt data in arrays
		if ( is_array( $value ) )

			array_walk( $value, function( &$value ) use ( $private_key ) {

				$encrypted_value = base64_decode( reset( explode( ':::', $value ) ) );
				$env_key = base64_decode( end( explode( ':::', $value ) ) );

				// If we have a public key then encyrpt the data
				if ( $env_key && openssl_open( $encrypted_value, $decrypted_value, $env_key, $private_key ) )
				    $value = $decrypted_value;

		} );

		// Free the key from memory
		openssl_free_key( $private_key );

	}

	// If the data is encrypted and we don't have the decryption key
	if ( ! defined( 'HMGFE_PRIVATE_KEY' ) && defined( 'HMGFE_PUBLIC_KEY' ) ) {

		if ( is_string( $value ) && base64_decode( $value ) != $value )
			$value = str_pad( '', 49, '&#9608;' );

		elseif ( is_array( $value ) )
			$value = array_pad( array(), count( $value ), str_pad( '', 42, '&#9608;' ) );

	}

	return $value;

}, 10, 3 );

This is awesome, but ..
Plugin URI: https://github.com/humanmade/Gravity-Forms-Encryptorator - Doesnt exist :(