[ic] Credit card info encrypted twice by GPG!

Mike Heins interchange-users@interchange.redhat.com
Tue Aug 21 20:40:01 2001 

Quoting Ed LaFrance (edl@newmediaems.com):
> At 06:07 PM 08/21/2001 -0400, you wrote:
> >Quoting Ed LaFrance (edl@newmediaems.com):
> > > GPG:    gpg (GnuPG) 1.0.6
> > > IC:     4.7.4
> > > OS:     Yellowdog linux 1.3
> > >
> > > GPG is double-encrypting the credit card info - It has to be passed 
> > through
> > > decryption twice to get down to the plain text.  This only happens when 
> > the
> > > encryption is handled by IC as part of the submission process; a text
> > > encryption with the same command string and options in the shell works
> > > fine.  I've looked at Order.pm and the Route's and nothing is jumping out
> > > at me.  Ideas anyone?
> >
> >Sounds like both "encrypt" and "credit_card" are set in the route.
> >
> >--
> >Red Hat, Inc., 3005 Nichols Rd., Hamilton, OH  45013
> >phone +1.513.523.7621      <mheins@redhat.com>
> 
> Hmmm... encrypt is set to 0 in all routes; credit_card is set to 1 in the 
> last route (main) and is omitted from all others.  This is exactly the way 
> the foundation demo was distributed with 4.7.4.
> 
> Setting credit_card to 0 in the last route did the trick.  So when both 
> credit_card and encrypt are set to 0, but an encryptor is supplied, the 
> credit card info is encrypted. Never would have thought as such... boolean 
> logic re-invented, I guess ;-}

Hmm. It is supposed to detect that the CC is already encrypted, as in

	&credit_card=standard

without the "keep". Perhaps the detection regex is wrong... Try changint
the detection regex in Order.pm from

    $::Values->{mv_credit_card_info} =~ /BEGIN\s+PGP\s+MESSAGE/
	 and $pre_encrypted = 1;

to

    $::Values->{mv_credit_card_info} =~ /BEGIN\s+[PG][GP][PG]\s+MESSAGE/
	 and $pre_encrypted = 1;

and see if that makes a difference.

--
Red Hat, Inc., 3005 Nichols Rd., Hamilton, OH  45013
phone +1.513.523.7621      <mheins@redhat.com>

Being against torture ought to be sort of a bipartisan thing.
-- Karl Lehenbauer


-- 
Red Hat, Inc., 3005 Nichols Rd., Hamilton, OH  45013
phone +1.513.523.7621      <mheins@redhat.com>

Being against torture ought to be sort of a bipartisan thing.
-- Karl Lehenbauer