[ic] Modernized encrypt usertag?

JT Justman jt at airdelights.com
Wed Jul 6 18:45:24 EDT 2005


Joshua Lavin wrote:
> On Jul 6, 2005, at 3:28 PM, JT Justman wrote:
> 
>> So do I need to specify a command or is there a way to use the command
>> that already seems to work for normal orders? I'd hate to hard-code my
>> key names for maintenance sake. Or, is there a more up-to-date way to
>> arbitrarily encrypt data?
> 
> 
> Maybe this will help you:
> http://www.icdevgroup.org/archive/interchange-users/2001/msg12402.html

Great! This got me on track...

If I specify the command as directed, it works fine.

Right now since I haven't specified it, the EncryptProgram directive is
defaulting to "pgp" in Config.pm.

When the sub pgp_encrypt is called in Order.pm, the needed options are
appended if the EncryptParam ends in 'pgp' (if I read the regex
correctly). pgp_encrypt does some cool stuff - no need to reinvent the
wheel, so I made a global usertag thus:

Usertag encrypt Order cmd key
Usertag encrypt HasEndTag 1
Usertag encrypt Interpolate 1
Usertag encrypt Routine <<EOR
sub {
    use Vend::Order;
    my ($cmd, $key, $body) = @_;
    return Vend::Order::pgp_encrypt($body, $key, $cmd);
}
EOR

And now I can simply use [encrypt]Whatever[/encrypt].

Any caveats I'm missing? It ought to be more secure than the previous
one, as Order.pm does check for funny business in the $cmd.

Thanks,

JT


More information about the interchange-users mailing list