Page 1 of 1

card data pgp encryption question

Posted: Tue Jul 22, 2003 7:42 am
by vasilis
I am running Apache 1.3.26 and php 4.0.6 in a WinME system, using it for building my php apps.

Recently ive been working on a online catalogue e-commerce site. In this site, when a client sends his

credit card data for the first time in order to register, the data is sent through SSL to the server, where

it is pgp encrypted and sent as an encrypted email to the site's administrator's computer. So, the

credit card data is not stored in the server (only the rest of the personal data of the client). For my card

data processing function i ve been using the following code:


//the method here is that the card data are sent via an encrypted (by GPG) email to the mail server of

//the company's owner

Code: Select all

function process_card($username, $cardtype, $cardno, $month_expir, $year_expir, $cardholder)
{
        echo "the card is processed";
        return true;
        $to_email = "luke@localhost";

  // Tell gpg where to find the key ring
  // On this system, user nobody's home directory is /tmp/
  putenv("GNUPGHOME=/tmp/.gnupg");

  //create a unique file name
  $infile = tempnam("", "pgp");
  $outfile = $infile.".asc";
  $body="card data for the client with user name: $username";
  $body .="<br>card type: $cardtype\r\n card no: $cardno\r\n Expiry month: $month_expir\r\n Expiry 

year: $year_expir\r\n card holder: $cardholder";
  //write the user's text to the file
  $fp = fopen($infile, "w");
  fwrite($fp, $body);
  fclose($fp);

  //set up our command
  $command =  "/usr/local/bin/gpg -a \\
               --recipient 'somename<somename@somewhere.com>' 
               --encrypt -o $outfile $infile";

  // execute our gpg command
  system($command, $result);

  //delete the unencrypted temp file
          unlink($infile);

  if($result==0)
  &#123;
    $fp = fopen($outfile, "r");
    if(!$fp||filesize ($outfile)==0)
    &#123;
      $result = -1;
    &#125;
    else
    &#123;
      //read the encrypted file
      $contents = fread ($fp, filesize ($outfile));
      //delete the encrypted temp file
      unlink($outfile);

      mail($to_email, $title, $contents, "From: $from\n");
      echo "<h1>your email was sent</h1>
            <p>your card data were encrypted and sent
            <p>thank you.";
            return true;
    &#125;
  &#125;

  if($result!=0)
  &#123;
    echo "<h1>Error:</h1>
          <p>Your card data could not be encrypted therefore they were not sent.";
          return false;
  &#125;

&#125;
From what one can see in the above code, php is running pgp like a command.
My question is simple: Which pgp version should I install in my system to check the code. I have

already downloaded the binary version of GnuPG for MS-Windows 95, 98, WNT, W2000 and XP (command line) as well as the 8.02 v. of pgp for win. Can I use the command line version or should I dowload another one?
Thanks in advance, Vasilis

Posted: Tue Jul 22, 2003 8:36 am
by Stoker
any gnupg version should work, that shouldnt give any probs (Well, certain older ones had a bug that could mess up a private key, but as long as you have a spare cd with the key in a vault somewhere...)..

BUT, that code is not safe, it uses a physical file as input, meaning that the credit card number was written to disk in clear text, very very very bad, this should NEVER be done! some may say that its just for s split second, well, a deleted file is not gone, its just unlinked so the data is still on the disk until overwritten.. such and approach is againast any security advisory you'll find anywhere..

You should use pipes, something like
exec ( 'echo '.escapeshellarg($ccnum).' | /usr/bin/gpg -ear user --homedir /home/user/.mygpgdir --batch --always-trust --nosecmemwarning', $result);

Posted: Thu Jul 24, 2003 7:34 am
by vasilis
Thanks for your response. I didnt know a thing about pipes and after some search in the board I found some pgp encrypting code for encrypting sensitive user input (e.g. credit card data):

function pgp_encrypt($keyring_location, $public_key_id, $plain_text) {

$key_id = EscapeShellArg($public_key_id);
putenv("PGPPATH=$keyring_location");

// encrypt the message
$pipe = popen("pgpe -r $key_id -af", "r");

fwrite($pipe, $plain_text);
$encrypted_text = '';
while($s = fgets($pipe, 1024)) {
// read from the pipe
$encrypted_text .= $s;
}
pclose($pipe);

return $encrypted_text;
}

$Number = pgp_encrypt("/location/pgpkey/", "webmaster@domain.nl", $creditcard);

Is this code ok for you? Would you suggest some other code?