Encrypt stuff simply
use Crypt::Simple; my $data = encrypt(@stuff); my @same_stuff = decrypt($data);
Maybe you have a web application and you need to store some session data at the client side (in a cookie or hidden form fields) but you don't want the user to be able to mess with the data. Maybe you want to save secret information to a text file. Maybe you have better ideas of what to do with encrypted stuff!
This little module will convert all your data into nice base64 text that you can save in a text file, send in an email, store in a cookie or web page, or bounce around the Net. The data you encrypt can be as simple or as complicated as you like.
If you don't pass any options when using \*(C`Crypt::Simple\*(C' we will generate a key for you based on the name of your module that uses this one. In many cases this works fine, but you may want more control over the key. Here's how:
The \s-1MD5\s0 hash of the text string \*(L"pass phrase\*(R" is used as the key.
The user is prompted to enter a passphrase, and the \s-1MD5\s0 hash of the entered text is used as the key.
The contents of the file /home/marty/secret are used as the pass phrase: the \s-1MD5\s0 hash of the file is used as the key.
The contents of the file /home/marty/noise are directly used as the key.
\*(C`Crypt::Simple\*(C' is really just a wrapper round a few other useful Perl modules: you may want to read the documentation for these modules too.
We use \*(C`FreezeThaw\*(C' to squish all your data into a concise textual representation. We use \*(C`Compress::Zlib\*(C' to compress this string, and then use \*(C`Crypt::Blowfish\*(C' in a home-brew \s-1CBC\s0 mode to perform the encryption. Somewhere in this process we also add a \s-1MD5\s0 digest (using \*(C`Digest::MD5\*(C'). Then we throw the whole thing through \*(C`MIME::Base64\*(C' to produce a nice bit of text for you to play with.
Decryption, obviously, is the reverse of this process.
Governments throughout the world do not like encryption because it makes it difficult for them to look at all your stuff. Each country has a different policy designed to stop you using encryption: some governments are honest enough to make it illegal; some think it is a dangerous weapon; some insist that you are free to encrypt, but only evil people would want to; some make confusing and contradictory laws because they try to do all of the above.
Although this modules itself does not include any encryption code, it does use another module that contains encryption code, and this documentation mentions encryption. Downloading, using, or reading this modules could be illegal where you live.
Marty Pauley <[email protected]>
Copyright (C) 2001 Kasei Limited
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.