+sub enable_encryption {
+
+ eval "use FS::Conf";
+ die $@ if $@;
+
+ my $conf = new FS::Conf;
+
+ die "encryption key(s) already in place"
+ if $conf->exists('encryptionpublickey')
+ || $conf->exists('encryptionprivatekey');
+
+ my $length = 2048;
+ my $rsa = Crypt::OpenSSL::RSA->generate_key($length);
+
+ $conf->set('encryption', 1);
+ $conf->set('encryptionmodule', 'Crypt::OpenSSL::RSA');
+ $conf->set('encryptionpublickey', $rsa->get_public_key_string );
+ $conf->set('encryptionprivatekey', $rsa->get_private_key_string );
+
+}
+
+sub enable_banned_pay_pad {
+
+ eval "use FS::Conf";
+ die $@ if $@;
+
+ my $conf = new FS::Conf;
+
+ die "banned_pay-pad already in place"
+ if length( $conf->config('banned_pay-pad') );
+
+ #arbitrary but good enough... all we need is *some* per-site random padding
+ my @pw_set = ( 'a'..'z', 'A'..'Z', '0'..'9', '(', ')', '#', '.', ',' );
+
+ $conf->set('banned_pay-pad',
+ join('', map($pw_set[ int(rand($#pw_set)) ], (0..15) ) )
+ );
+
+}
+