Two-way encryption

[Extension]

Hi,

I'm looking for a simple module to encrypt and decrypt with the of a paraphrase. I'm currently using the Perl crypt function but it's a one-way encryption sadly. Digest MD5 could be solution ?

While on the subject, does anybody know if there is a module available to decrypt a text/password encrypted with the Perl crypt function ?

Thank you in advance

 

[MillerH]

Digest::MD5 is one way.

Look at Crypt::CBC for a two way encryption interface. Crypt::Rijndael provides for a good algorithm:

http://search.cpan.org/~lds/Crypt-CBC-2.22/CBC.pm

 

[KevinADC]

Crypt::Lite is an easy to use module but if you need strong encryption you need to use something else.

There is no module to decrypt text/passwords encrypted with the perl crypt function. As far as I know that is not possible. It is possible to crack the key using brute force and determine the plain text string. crypt is not recommended for anything that needs serious protection.

- Kevin, perl coder unexceptional!

 

[Extension]

I've installed Crypt-CBC and I wanted to go with the DES encryption algo. but I can't find a version which will work on a Win32 box running Perl 5.6

My server doesn't have access to the Internet so I can't use PPM.

Anyone has Crypt-Blowfish or Crypt-DES for Win32 Perl 5.6 (inc .ppd file) ???

Thank you

 

[KevinADC]

you should be able to use Digest::MD5 with windows. Perl 5.6 is a bit old. Can't you upgrade to 5.8?

- Kevin, perl coder unexceptional!

 

[MillerH]

Don't know where to find those modules for Win32 Perl 5.6

Just will say that all of those modules are available for Perl 5.8.

 

[netman4u]

Extension,

I just finished a Crypt-CBC and Crypt-Blowfish password encryption->decryption program for a project I am working on. Here is the code I used to encrypt my passwords:

use strict;
use warnings;
use Crypt::CBC;
use FileHandle;
my $encr_path;
print "Application password and user encryption program.\n
This program takes user input and created encrypted files for\n
the Application to use\n\n";
print "Do you wish to encrypt a password or User ID (enter the number 1 or 2)?\n\n1) Password\n2) User ID\n\n";
my $choice = <STDIN>;
chomp $choice;
if ($choice == 1) {
	print "Please enter the number for the type of password you wish to encrypt:\n\n1) CLI Devices\n2)VistaMart Oracle DB\n3) Failover System\n\n";
	my $device = <STDIN>;
	chomp $device;
	if ($device == 1) {
		$encr_path = "/opt/app/CLI_DAE/conf/cli_pass.dat";
	}elsif ($device == 2) {
		$encr_path = "/opt/app/CLI_DAE/conf/vmdb_pass.dat";
	}elsif ($device == 3) {
		$encr_path = "/opt/app/CLI_DAE/conf/fovr_pass.dat";
	}else{
		print "Not a valid choice for encryption! Try again\n";
		exit 1;
	}
	print "Please enter the password you wish to encrypt\n\n";
	my $passwd = <STDIN>;
	chomp $passwd;
	Encrypt($passwd,$encr_path);
}elsif ($choice == 2) {
	print "Please enter the number for the type of USER ID you wish to encrypt:\n\n1) CLI Devices\n2)VistaMart Oracle DB\n3) Failover System\n\n";
	my $device = <STDIN>;
	chomp $device;
	my $encr_path;
	if ($device == 1) {
		$encr_path = "/opt/app/CLI_DAE/conf/cli_user.dat";
	}elsif ($device == 2) {
		$encr_path = "/opt/app/CLI_DAE/conf/vmdb_user.dat";
	}elsif ($device == 3) {
		$encr_path = "/opt/app/CLI_DAE/conf/fovr_user.dat";
	}else{
		print "Not a valid choice for encryption! Try again\n";
		exit 1;
	}
	print "Please enter the User ID you wish to encrypt\n\n";
	my $userid = <STDIN>;
	chomp $userid;
	Encrypt($userid,$encr_path);
}else{
	print "Not a valid choice! Please try again.\n\n";
	exit 1;
}
sub Encrypt 
{
	my $entity			= shift (@_);
	my $sub_encr_path	= shift (@_);
	open(CT,">$sub_encr_path");
	my $cipher = new Crypt::CBC({'key'         => 't1234',
								 'cipher'      => 'Blowfish',
								 'padding'     => 'space'});
	undef $/;
	print CT $cipher->encrypt($entity);
	close(CT);
	exit(0)
}

Here is the decryption subroutine in my main program that reads the encrypted files created above:

sub Decrypt 
{
	##########################################################################################
	#
	#  This subroutine decrypts the password/UID files.
	#
	##########################################################################################
	my $file_handle = shift(@_);
	open(CT,"<$file_handle") or ErrorOut ("Error opening config file $file_handle: $1");;
	my $cipher = new Crypt::CBC({'key'         => 't1234',
								 'cipher'      => 'Blowfish',
								 'padding'     => 'space'});
	undef $/;
	my $passwd = $cipher->decrypt(<CT>);
	close(CT);
	print LOG "encrypted file $file_handle decrypted successfully.\n";
	return $passwd;
} # End sub Decrypt

HTH

If at first you don't succeed, don't try skydiving.

 

[netman4u]

OMT...If you use this code notice that when encrypting or decrypting you have to undefine the default record seperator here:

[b]undef $/;[/b]
my $passwd = $cipher->decrypt(<CT>);

When you finish decrypting or encrypting you need to redefine it for the rest of your program as in:

$/="\n";

That was a tricky one to figure out.

If at first you don't succeed, don't try skydiving.

 

[KevinADC]

better written as:

my $passwd = do {local $/; $cipher->decrypt(<CT>)};

that way you don't have to worry about it as it's scoped to only the do{} block.

- Kevin, perl coder unexceptional!

 

[MillerH]

Listen to Kevin concerning how to deal with $/.

You should never permanently modify a global variable unless you specifically know what the consequences will be. And even though, you should never do it. There's simply no reason. Always use local, and include it in a do block if some other function scope is not available. It makes for much cleaner code, and will prevent many headaches later on.

 

[netman4u]

Point taken folks. Thanks.

If at first you don't succeed, don't try skydiving.