cool hacks GnuPG lib hack sent in the following hack...

I've rewritten the pgp-lib5.pl library to do gpg instead.  I'm pretty
sure it integrates into web_store the same as the pgp-lib.pl does, so
the directions for use should be the same as those found here:
http://www.extropia.com/hacks/pgp5-faq.html  (I've made a ton of changes
to all of the other web_store stuff, so if anyone has problems let me
know and I'll try to document the differences.)

Keys and such, will need to be generated the gpg way.  I'll leave that
as an exercise for the reader.

You'll have to change all references to pgp in your setup file to be for
gpg instead, like so:

------

$sc_gpg_lib_path = "./Library/gpg-lib.pl";

#
# Do we use GPG Encryption -- WARNING: This is a difficult
# option to setup. You must go into the gpg-lib.pl file
# and edit the gpg variables in the header for your specific
# setup.
# 
$sc_use_gpg = "yes";
$sc_gpg_temp_file_path = "./.gnupg";

------

Suggestions and improvements are welcome.  Note that GnuPG will give an
"insecure memory" warning in the output if it cannot su to root, or
create secured memory as a non-root user (as in Linux and most other
systems).  This is probably quite a harmless thing, as if you're
concerned about insecure memory (i.e. you think someone with root access
is mining for credit card data by scanning your system memory), then the
data from the shopping cart code itself can be compromised just as
easily as the GnuPG code.  PGP is subject to the same problem.

Anyway, it works for me.

Here is the lib:
-------------------------------------------------------------

#!/usr/bin/perl -w

############################################################
#                       GPG-LIB.PL
#
# Summary: PGP stands for Pretty Good Privacy and it
#  is a utility on the internet that allows you to encrypt
#  and decrypt files.  This library interfaces with this
#  3rd party encryption program
#
# gpg-lib summary: I rewrote this to fix the proprietary
# bug.  I.e. that PGP is not usable in a commercial context
# without fees.  So...useless in a shopping cart app, if 
# you're addicted to OSS/Free Software.
#
# This script was written by Gunther Birznieks.
# Date Created: 11-5-96
# Date Last Modified: 11-25-96
#
# Rewritten by Joe Cooper - joe@swelltech.com
# Rewrite date: July 22 2000
#
# Copyright Info: This library was written by Gunther Birznieks    
#       (gunther@clark.net) having been inspired by countless
#       other Perl authors.  Feel free to copy, cite, reference, sample,
#       borrow, resell or plagiarize the contents.  However, if you
don't
#       mind, please let me know where it goes so that I can at
least     
#       watch and take part in the development of the memes.
Information  
#       wants to be free, support public domain freware.  Donations
are   
#       appreciated and will be spent on further upgrades and other
public
#       domain scripts.
#
# Joe's Copyright Info: Same license as Gunther names above,
# This file is entirely derivitive of his nice little script.
# Now it just works with Gnu Privacy Guard instead of PGP.
#
# Purpose: Provides a set of library routines to interface with
#   gpg to create an encrypted buffer
#
# MAIN PROCEDURE:
#  make_gpg_file - makes a gpg encrypted file and sends its
#                  contents back to the user
#
# Special Notes: Script ties into the gpg executable whose
#  location is specified in the variables below.
# Joe's Notes: It's not pretty but it works for me.
#  For those banging their head on scripting with gpg, as
#  I did, try using the --batch option.  Fixed all my
#  problems.
#
#  $gpg_path = path to gpg executable
#  $gpg_public_key_user_id = which key to use for encrypting
#  $gpg_config_files = path where configuration files are located 
#
############################################################


$gpg_path = "./gnupg/bin/gpg";


$gpg_public_key_user_id = "\"Joe Cooper (Swell Technology)
<joe\@swelltech.com>\"";
$gpg_config_files = ".gnupg";
$gpg_options = "--batch --homedir $gpg_config_files -r";
$gpg_second_options = "-a --encrypt";

############################################################
#
# subroutine: make_gpg_file
#   Usage:
#     &make_gpg_file($output_text, $output_file);
# 
#   Parameters:
#     $output_text = unecrypted text that you want to scramble
#     $output_file = name of a file that you will use to
#                    temporarily create the encryption. It
#                    will be removed after it is created
#                    and its contents are assigned to a buffer.
#
#   Output:
#     $gpg_output = the encrypted text that was stored in
#          the $output_file results of running gpg
############################################################

sub make_gpg_file {
  local($output_text, $output_file) = @_;  
  local($gpg_output);

# Generate the command that needs to be used
# to execute gnupg. This consists of the gnupg 
# executable followed by command line options
# which is followed by the user id which you
# want to use a public key for and then output
# the encrypted results to an output file.
#
  $gpg_command =  "$gpg_path $gpg_options ";
  $gpg_command .= "$gpg_public_key_user_id ";
  $gpg_command .= "$gpg_second_options ";

# The command is opened using the special
# file open PIPE command which EXECUTES the
# command and then allows PERL to print to
# it as input for the command.
#
# The path manipulation is to satisfy taint mode
 
    local($old_path) = $ENV{"PATH"};
    $ENV{"PATH"} = "";

    
    open (SAVEERR, ">&STDERR") || die ("Could not capture STDERR");
    open (SAVEOUT, ">&STDOUT") || die ("Could not capture STDOUT");
    open (STDOUT, ">$output_file");
    open (STDERR, ">&STDOUT");

    $pid = open (GPGCOMMAND, "|$gpg_command");
 
    $ENV{"PATH"} = $old_path;

# The text you want to encrypt is sent to
# the command.
  print GPGCOMMAND $output_text;

  close (GPGCOMMAND);

  close (STDOUT) || die ("Error closing STDOUT");
  close (STDERR) || die ("Error closing STDERR");
  open(STDERR,">&SAVEERR") || die ("Could not reset STDERR");
  open(STDOUT,">&SAVEOUT") || die ("Could not reset STDOUT");
  close (SAVEERR) || die ("Error closing SAVEERR");
  close (SAVEOUT) || die ("Error closing SAVEOUT");

# The resulting output file is opened,
# read into $gpg_output and closed.
#
  open(GPGOUTPUT, $output_file);

  my $insidegpg = 0;
  while (<<GPGOUTPUT>) {
    $gpg_output .= $_;
  } 
  close (GPGOUTPUT);


  if (!defined($pid)) {
     $gpg_output .= "GPG Never Executed. Something went wrong.\n";
  }

  if (!$gpg_output) {
     $gpg_output = "No data was returned from GPG.\n";
  }

# we remove the temporary file
  unlink($output_file);

# we return gpg output
  return($gpg_output);

} # End of make_gpg_file

# We always return TRUE from requiring
# a library file (1;)
1;

------------------------------------------------------------------
Joe Cooper 
Affordable Web Caching Proxy Appliances
http://www.swelltech.com