Perlshop 4 - Data Encryption
Contents
Perlshop data encryption applies to the customer data files generated by Perlshop 4. If data encryption is enabled,
these files will be stored on your web server in an encrypted form.
These data files can later be decrypted for your use by Perlshop Office or some other software package that is
capable of data decryption.
In order to use Perlshop data encryption, your web server will require the Crypt::CBC library module and at
least one Perl data encryption module.
The following Perl cipher modules are supported:
- Crypt::Blowfish (strongly recommended)
- Crypt::Blowfish_PP
- Crypt::DES
- Crypt::DES_EDE3
- Crypt::DES_PP
- Crypt::NULL
- Crypt::Serpent
- Crypt::TEA
- Crypt::Twofish
- Crypt::Twofish2
The Crypt::CBC module and one of these encryption modules must be present before you can use Perlshop
data encryption.
Data encryption in Perlshop 4 is defined by two control variables in your ps.cfg file:
- The $encryption_index variable defines which of these mechanisms is currently active.
If this variable has not been given a value, then data encryption is not active.
- The %encryption_table structure defines the encryption mechanisms available to your Perlshop installation.
The Encryption Mode Definition Table
The %encryption_table structure in your ps.cfg file defines one or more encryption mechanisms for your customer data files.
Each entry in this table defines one encryption mode.
The $encryption_index variable defines which mode is currently active.
This is the mode that will be applied to the customer data files generated for each order.
Each table entry has fields that MUST NOT be changed once that entry has been used to encrypt customer data files:
- cipher
This field indicates which Perl library module will be used to encryt and decrypt your data.
Cipher Block Chaining will be used in combination with the specified module.
- key
This is the passphrase used by Perlshop 4 to encrypt data, and by Perlshop Office to decrypt data.
%encryption_table =
(
# Encode using Cipher Block Chaining and the Blowfish algorithm.
'ENC1' =>
{
'cipher' => 'Crypt::Blowfish',
'key' => 'A unique passphrase goes here'
},
# Encode using Cipher Block Chaining and the Triple DES algorithm.
'ENC2' =>
{
'cipher' => 'Crypt::DES_EDE3',
'key' => 'A unique passphrase goes here'
},
# Encode using Cipher Block Chaining and the NULL algorithm.
'ENC3' =>
{
'cipher' => 'Crypt::NULL',
'key' => 'A unique passphrase goes here'
}
);
The Perlshop 4 package comes with a utility program called ps_encryption_util.cgi.
This program is intended for use while setting up your Perlshop data encryption.
Installing the Encryption Utility Program
- Make sure the $encryption_index variable in your ps.cfg file is undefined:
$encryption_index = '';
- Place the ps_encryption_util.cgi file in the same directory as your copy of
the perlshop.cgi file.
- Give the ps_encryption_util.cgi file the same permissions as your copy of
the perlshop.cgi file.
Using the Encryption Utility Program
- Execute the ps_encryption_util.cgi program through your web browser.
Example: http://www.yourdomain.com/cgi-bin/ps_encryption_util.cgi
- Examine the program output for errors. Once all of your defined encryption modes are working,
continue to the next step.
- Set the $encryption_index variable in your ps.cfg file to one of to the name of
one of your encryption modes.
Example:
$encryption_index = 'ENC1';
- Place a test order. Examine the customer data files for that order. Confirm that the contents of the data
files are encrypted (the contents will be complete gibberish to the eye).
- Retrieve the test order using Perlshop Office (or your selected retrieval program) and confirm that
the order information is correct.