At 9/26/01 12:37 AM, Vladislav Vik wrote:
>I would like to add subroutine for PGP encryption of the orders e-mail.
>
>However I do not have a clue how to do it. If anybody has an idea on how to
>do it or even better is willing to share the code that will do that.
Hmmm, I sent you some code that does it about three weeks ago. Did you
not get it, or did you have some trouble with it?
Here's the message again in case you didn't get it:
------
I use GnuPG instead of PGP, and at least for GnuPG, this is harder than
it looks. There are three perl modules that claim to work; in my testing,
all three of them had some kind of problem.
I eventually had to resort to opening a pipe to GPG and having it write
an encrypted file. You could do something more complicated with expect or
open2, but I've found the following to be reliable for GnuPG 1.0.6 and
Red Hat Linux 6.2 and 7.1:
sub GPGEncode
{
my $plaintext = shift;
# directory with GPG keys
my $homedir = '/usr/local/etc/gnupg';
my $key = '[EMAIL PROTECTED]';
my $file = `mktemp -q /tmp/GPG.XXXXXX`
or die "Can't create temporary file: $!\n";
$file =~ /^(\/tmp\/GPG\.\w\w\w\w\w\w)$/
or die "Can't untaint temporary file\n";
$file = $1;
open (OUTFILE, "| /usr/bin/gpg --no-secmem-warning --batch
--no-tty --textmode --encrypt --homedir '$homedir' --recipient '$key'
--armor >> $file")
or die "Can't open GPG: $!\n";
print OUTFILE $plaintext or die "Can't print: $!\n";
close OUTFILE or die "Can't close: $!\n";
open INFILE, $file or die "Can't open $file: $!\n";
my $result = join "", <INFILE>;
close INFILE;
unlink ($file) or warn "Can't unlink temp file: $!\n";
return $result;
}
Just use it like:
my $encryptedText = GPGEncode 'Testing';
-----
Note that you can use this to encrypt things before mailing or, as
someone else suggested, before putting data into a database. One
suggestion for putting credit card numbers in a database is to store the
GPG encrypted version, as well as an MD5 sum of the card number and of
the last four digits of the number. That way if you need to search for a
number (when a customer calls and says "I don't recognize this charge,
what's it for?"), your application layer can calculate the MD5 sum of
your search string and search on that, meaning you can quickly search the
database without having to decrypt each card number.
--
Robert L Mathews, Tiger Technologies
Put an animated US flag on your Windows desktop: http://deskflag.com/
