line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Crypt::Lite; |
2
|
1
|
|
|
1
|
|
23139
|
use strict; |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
1345
|
|
3
|
|
|
|
|
|
|
############################################################ |
4
|
|
|
|
|
|
|
# Author : retoh@cpan.org |
5
|
|
|
|
|
|
|
# Created : 07FEB2002 |
6
|
|
|
|
|
|
|
# |
7
|
|
|
|
|
|
|
# Licencing: |
8
|
|
|
|
|
|
|
# http://www.infocopter.com/perl/licencing-print.htm |
9
|
|
|
|
|
|
|
# |
10
|
|
|
|
|
|
|
# Usage: |
11
|
|
|
|
|
|
|
# ---------------------------------------------------------- |
12
|
|
|
|
|
|
|
# See POD at the end or enter |
13
|
|
|
|
|
|
|
# man Crypt::Lite |
14
|
|
|
|
|
|
|
# after installation |
15
|
|
|
|
|
|
|
# ---------------------------------------------------------- |
16
|
|
|
|
|
|
|
# http://www.infocopter.com/perl/modules/ |
17
|
|
|
|
|
|
|
############################################################ |
18
|
|
|
|
|
|
|
|
19
|
|
|
|
|
|
|
my $package = __PACKAGE__; |
20
|
|
|
|
|
|
|
require MIME::Base64; |
21
|
|
|
|
|
|
|
unless (eval "require MD5") { |
22
|
|
|
|
|
|
|
print "No MD5 module.\n"; |
23
|
|
|
|
|
|
|
# skip remaining tests |
24
|
|
|
|
|
|
|
exit; |
25
|
|
|
|
|
|
|
} |
26
|
|
|
|
|
|
|
|
27
|
|
|
|
|
|
|
our $VERSION = '0.82.11'; |
28
|
|
|
|
|
|
|
|
29
|
|
|
|
|
|
|
# GLOBAL VARIABLES |
30
|
|
|
|
|
|
|
my $contentType = ""; |
31
|
|
|
|
|
|
|
my $priv = ""; # challenge key |
32
|
|
|
|
|
|
|
my $debug = 0; |
33
|
|
|
|
|
|
|
|
34
|
|
|
|
|
|
|
#----- FORWARD DECLARATIONS & PROTOTYPING |
35
|
|
|
|
|
|
|
sub iso2hex($); |
36
|
|
|
|
|
|
|
sub hex2iso($); |
37
|
|
|
|
|
|
|
sub Error($); |
38
|
|
|
|
|
|
|
sub Debug($); |
39
|
|
|
|
|
|
|
|
40
|
|
|
|
|
|
|
sub new { |
41
|
1
|
|
|
1
|
0
|
186
|
my $type = shift; |
42
|
1
|
|
|
|
|
7
|
my %params = @_; |
43
|
1
|
|
|
|
|
3
|
my $self = {}; |
44
|
|
|
|
|
|
|
|
45
|
1
|
|
50
|
|
|
7
|
$params{'encoding'} ||= 'base64'; # base64 || hex8 |
46
|
1
|
|
50
|
|
|
9
|
$params{'debug' } ||= 0; |
47
|
|
|
|
|
|
|
|
48
|
1
|
|
|
|
|
3
|
$self->{'debug' } = $debug = $params{'debug'}; |
49
|
1
|
|
|
|
|
3
|
$self->{'encoding'} = $params{'encoding'}; |
50
|
|
|
|
|
|
|
|
51
|
1
|
|
|
|
|
2
|
$debug = $params{'debug'}; |
52
|
|
|
|
|
|
|
|
53
|
1
|
|
|
|
|
6
|
bless $self, $type; |
54
|
|
|
|
|
|
|
} |
55
|
|
|
|
|
|
|
|
56
|
|
|
|
|
|
|
sub encrypt { |
57
|
1
|
|
|
1
|
0
|
8
|
my $self = shift; |
58
|
|
|
|
|
|
|
|
59
|
1
|
|
|
|
|
3
|
my $text = shift; |
60
|
1
|
|
|
|
|
3
|
$priv = shift; |
61
|
|
|
|
|
|
|
|
62
|
|
|
|
|
|
|
# Make sure to encrypt similar or equal text to different strings |
63
|
1
|
|
|
|
|
106
|
my $scramble_left = sprintf("%04d", substr(1048576 * rand(), 0, 4)); |
64
|
|
|
|
|
|
|
|
65
|
1
|
|
|
|
|
10
|
my $priv_md5 = MD5->hexhash($priv); |
66
|
|
|
|
|
|
|
|
67
|
1
|
|
|
|
|
44
|
my $text_scrambled = "$scramble_left\t$text\t$priv_md5"; |
68
|
|
|
|
|
|
|
|
69
|
1
|
|
|
|
|
6
|
my $bin_text = &atob($text_scrambled); |
70
|
1
|
|
|
|
|
4
|
my $bin_priv = &atob($priv); |
71
|
|
|
|
|
|
|
|
72
|
1
|
|
|
|
|
12
|
Debug "N1000: Scrambling '$text' with '$priv'..."; |
73
|
|
|
|
|
|
|
|
74
|
1
|
|
|
|
|
5
|
my $encryp = &bin_add($bin_text, $bin_priv); |
75
|
|
|
|
|
|
|
|
76
|
1
|
50
|
|
|
|
13
|
if ($self->{'debug'}) { |
77
|
0
|
|
|
|
|
0
|
Debug "$bin_text \t<- text"; |
78
|
0
|
|
|
|
|
0
|
Debug "$bin_priv \t<- challenge"; |
79
|
0
|
|
|
|
|
0
|
Debug "$encryp \t<- result"; |
80
|
|
|
|
|
|
|
} |
81
|
|
|
|
|
|
|
|
82
|
1
|
|
|
|
|
3
|
my $encryp_pack = ""; |
83
|
1
|
|
|
|
|
6
|
for (my $i = 0; $i < length($encryp); $i += 8) { |
84
|
59
|
|
|
|
|
74
|
my $elem = substr($encryp, $i, 8); |
85
|
|
|
|
|
|
|
# X my $elemp = pack('C', $elem); # cannot be used on RH8.0 |
86
|
59
|
|
|
|
|
143
|
$encryp_pack .= pack('B8', $elem); |
87
|
|
|
|
|
|
|
} |
88
|
|
|
|
|
|
|
|
89
|
1
|
|
|
|
|
7
|
Debug "N1003: encryp_pack -----> '$encryp_pack'\n"; |
90
|
|
|
|
|
|
|
|
91
|
1
|
|
|
|
|
2
|
my $encrypted = ''; |
92
|
1
|
50
|
|
|
|
7
|
if ($self->{'encoding'} eq 'hex8') { |
93
|
1
|
|
|
|
|
4
|
$encrypted = iso2hex $encryp_pack; |
94
|
|
|
|
|
|
|
} |
95
|
|
|
|
|
|
|
else { |
96
|
|
|
|
|
|
|
# base64 |
97
|
0
|
|
|
|
|
0
|
$encrypted = MIME::Base64::encode($encryp_pack); |
98
|
0
|
|
|
|
|
0
|
chomp $encrypted; |
99
|
|
|
|
|
|
|
} |
100
|
|
|
|
|
|
|
|
101
|
1
|
|
|
|
|
8
|
$encrypted; |
102
|
|
|
|
|
|
|
} |
103
|
|
|
|
|
|
|
|
104
|
|
|
|
|
|
|
sub decrypt { |
105
|
2
|
|
|
2
|
0
|
750
|
my $self = shift; |
106
|
|
|
|
|
|
|
|
107
|
2
|
|
|
|
|
4
|
my $encryp_base64 = shift; |
108
|
2
|
|
|
|
|
4
|
$priv = shift; |
109
|
|
|
|
|
|
|
|
110
|
2
|
|
|
|
|
23
|
Debug 'N1002: Decrypting (' . $self->{'encoding'} . ") '$encryp_base64' with '$priv'..."; |
111
|
|
|
|
|
|
|
|
112
|
2
|
|
|
|
|
6
|
my $bin_priv = &atob($priv); |
113
|
|
|
|
|
|
|
|
114
|
2
|
|
|
|
|
5
|
my $base64toplain = ''; |
115
|
2
|
50
|
|
|
|
8
|
if ($self->{'encoding'} eq 'hex8') { |
116
|
2
|
|
|
|
|
8
|
$base64toplain = hex2iso $encryp_base64; |
117
|
2
|
50
|
|
|
|
8
|
Debug "hex8 -> '$encryp_base64' = '$base64toplain'" if $self->{'debug'}; |
118
|
|
|
|
|
|
|
} |
119
|
0
|
|
|
|
|
0
|
else { $base64toplain = MIME::Base64::decode($encryp_base64); } |
120
|
|
|
|
|
|
|
|
121
|
2
|
|
|
|
|
9
|
Debug "N1004: -> base64toplain = '$base64toplain'..."; |
122
|
|
|
|
|
|
|
|
123
|
2
|
|
|
|
|
4
|
my $encryp_pack = ""; |
124
|
2
|
|
|
|
|
100
|
for (my $i = 0; $i < length($base64toplain); $i++) { |
125
|
118
|
|
|
|
|
125
|
my $elem = substr($base64toplain, $i, 1); |
126
|
118
|
|
|
|
|
184
|
my $bin = unpack('B8', $elem); |
127
|
118
|
|
|
|
|
273
|
$encryp_pack .= $bin; |
128
|
|
|
|
|
|
|
} |
129
|
|
|
|
|
|
|
|
130
|
2
|
|
|
|
|
7
|
my $bin_new = &bin_add($encryp_pack, $bin_priv); |
131
|
|
|
|
|
|
|
|
132
|
2
|
|
|
|
|
5
|
$encryp_pack = ""; |
133
|
2
|
|
|
|
|
9
|
for (my $i = 0; $i < length($bin_new); $i += 8) { |
134
|
118
|
|
|
|
|
156
|
my $elem = substr($bin_new, $i, 8); |
135
|
118
|
50
|
|
|
|
199
|
print "'$elem' = ", pack('B8', $elem), "...\n" if $debug; |
136
|
118
|
|
|
|
|
321
|
$encryp_pack .= pack('B8', $elem); |
137
|
|
|
|
|
|
|
} |
138
|
|
|
|
|
|
|
|
139
|
2
|
|
|
|
|
12
|
Debug "N1001: =====> '$encryp_pack' !!!"; |
140
|
|
|
|
|
|
|
|
141
|
2
|
|
|
|
|
12
|
my ($rand1, $result, $priv_wrapped) = split /\t/, $encryp_pack; |
142
|
|
|
|
|
|
|
|
143
|
2
|
|
|
|
|
19
|
my $priv_md5 = MD5->hexhash($priv); |
144
|
|
|
|
|
|
|
|
145
|
2
|
100
|
|
|
|
188
|
return '' if $rand1 =~ /\D/; |
146
|
1
|
50
|
33
|
|
|
28
|
return '' unless ($priv_md5 eq $priv_wrapped or $priv eq $priv_wrapped); |
147
|
|
|
|
|
|
|
# -- Additional clause "$priv eq $priv_wrapped" for reasons of reverse compatibilty before rel. 0.82.07 |
148
|
|
|
|
|
|
|
|
149
|
1
|
|
|
|
|
7
|
$result; # return middle element of array only |
150
|
|
|
|
|
|
|
} |
151
|
|
|
|
|
|
|
|
152
|
|
|
|
|
|
|
################################################ |
153
|
|
|
|
|
|
|
# LOCAL SUB ROUTINES |
154
|
|
|
|
|
|
|
################################################ |
155
|
|
|
|
|
|
|
|
156
|
|
|
|
|
|
|
sub atob ($) { |
157
|
4
|
|
|
4
|
0
|
8
|
my $str = shift; |
158
|
4
|
|
|
|
|
7
|
my $bin = ""; |
159
|
4
|
|
|
|
|
14
|
for (my $i = 0; $i < length($str); $i++) { $bin .= unpack('B8', substr($str, $i, 1)); } |
|
88
|
|
|
|
|
285
|
|
160
|
4
|
|
|
|
|
10
|
$bin; |
161
|
|
|
|
|
|
|
} |
162
|
|
|
|
|
|
|
|
163
|
|
|
|
|
|
|
sub bin_add ($$) { |
164
|
3
|
|
|
3
|
0
|
5
|
my $a = shift; |
165
|
3
|
|
|
|
|
6
|
my $b = shift; |
166
|
|
|
|
|
|
|
|
167
|
3
|
|
|
|
|
5
|
my $i = my $j = 0; |
168
|
3
|
|
|
|
|
11
|
for ($j = 0; $j < length($a); $j++) { |
169
|
1416
|
|
|
|
|
3971
|
substr($a, $j, 1) += substr($b, $i, 1); |
170
|
1416
|
100
|
|
|
|
4521
|
substr($a, $j, 1) = 0 if substr($a, $j, 1) == 2; |
171
|
1416
|
100
|
|
|
|
5833
|
$i = 0 if ++$i > length($priv); |
172
|
|
|
|
|
|
|
} |
173
|
3
|
|
|
|
|
15
|
$a; |
174
|
|
|
|
|
|
|
} |
175
|
|
|
|
|
|
|
|
176
|
|
|
|
|
|
|
sub iso2hex ($) { |
177
|
1
|
|
|
1
|
0
|
3
|
my $string = $_[0]; |
178
|
1
|
|
|
|
|
2
|
my $hex_string = ''; |
179
|
|
|
|
|
|
|
|
180
|
1
|
|
|
|
|
4
|
for (my $i = 0; $i < length($string); $i++) { |
181
|
|
|
|
|
|
|
# print substr($string, $i, 1); |
182
|
59
|
|
|
|
|
164
|
$hex_string .= unpack('H8', substr($string, $i, 1)); |
183
|
|
|
|
|
|
|
} |
184
|
1
|
|
|
|
|
4
|
$hex_string; |
185
|
|
|
|
|
|
|
} |
186
|
|
|
|
|
|
|
|
187
|
|
|
|
|
|
|
sub hex2iso ($) { |
188
|
2
|
|
|
2
|
0
|
4
|
my $hex_string = $_[0]; |
189
|
2
|
|
|
|
|
3
|
my $iso_string = ''; |
190
|
|
|
|
|
|
|
|
191
|
2
|
|
|
|
|
33
|
for (my $i = 0; $i < length($hex_string); $i += 2) { |
192
|
118
|
|
|
|
|
190
|
my $char = substr(pack('H8', substr($hex_string, $i, 2)), 0, 1); # 1 char |
193
|
118
|
|
|
|
|
341
|
$iso_string .= $char; |
194
|
|
|
|
|
|
|
} |
195
|
2
|
|
|
|
|
7
|
$iso_string; |
196
|
|
|
|
|
|
|
} |
197
|
|
|
|
|
|
|
|
198
|
|
|
|
|
|
|
sub Error ($) { |
199
|
0
|
0
|
|
0
|
0
|
0
|
print "Content-type: text/html\n\n" unless $contentType; |
200
|
0
|
|
|
|
|
0
|
print "<b>ERROR</b> ($package): $_[0]\n"; |
201
|
0
|
|
|
|
|
0
|
exit(1); |
202
|
|
|
|
|
|
|
} |
203
|
|
|
|
|
|
|
|
204
|
8
|
50
|
|
8
|
0
|
29
|
sub Debug ($) { return unless $debug; print "<b>[$package]</b> $_[0]<br>\n"; } |
|
0
|
|
|
|
|
|
|
205
|
|
|
|
|
|
|
|
206
|
|
|
|
|
|
|
1; |
207
|
|
|
|
|
|
|
|
208
|
|
|
|
|
|
|
#### Used Warning / Error Codes ########################## |
209
|
|
|
|
|
|
|
# Next free W Code: 1000 |
210
|
|
|
|
|
|
|
# Next free E Code: 1000 |
211
|
|
|
|
|
|
|
# Next free N Code: 1005 |
212
|
|
|
|
|
|
|
|
213
|
|
|
|
|
|
|
__END__ |
214
|
|
|
|
|
|
|
|
215
|
|
|
|
|
|
|
=head1 NAME |
216
|
|
|
|
|
|
|
|
217
|
|
|
|
|
|
|
Crypt::Lite - Easy to use symmetric data encryption and decryption |
218
|
|
|
|
|
|
|
|
219
|
|
|
|
|
|
|
=head1 SYNOPSIS |
220
|
|
|
|
|
|
|
|
221
|
|
|
|
|
|
|
use Crypt::Lite; |
222
|
|
|
|
|
|
|
|
223
|
|
|
|
|
|
|
$crypt = Crypt::Lite->new( debug => 0 ); |
224
|
|
|
|
|
|
|
|
225
|
|
|
|
|
|
|
[or] |
226
|
|
|
|
|
|
|
|
227
|
|
|
|
|
|
|
$crypt = Crypt::Lite->new( debug => 0, encoding => 'hex8' ); |
228
|
|
|
|
|
|
|
|
229
|
|
|
|
|
|
|
=head2 Encryption |
230
|
|
|
|
|
|
|
|
231
|
|
|
|
|
|
|
$encrypted = $crypt->encrypt('plain text to encrypt', 'your_secret_string'); |
232
|
|
|
|
|
|
|
|
233
|
|
|
|
|
|
|
=head2 Decryption |
234
|
|
|
|
|
|
|
|
235
|
|
|
|
|
|
|
$decrypted = $crypt->decrypt($encrypted, 'your_secret_string'); |
236
|
|
|
|
|
|
|
|
237
|
|
|
|
|
|
|
Returns an empty string if the encrypted hash has been broken |
238
|
|
|
|
|
|
|
|
239
|
|
|
|
|
|
|
=head1 DESCRIPTION |
240
|
|
|
|
|
|
|
|
241
|
|
|
|
|
|
|
=head2 Important Notice |
242
|
|
|
|
|
|
|
|
243
|
|
|
|
|
|
|
Crypt::Lite does C<NOT> strong encryption - that's what the "Lite" stands for. It's very easy to install and use, anwhere where Perl runs. Please take a closer look on AES or Blowfish for strong encryption. |
244
|
|
|
|
|
|
|
|
245
|
|
|
|
|
|
|
=head2 What's Special |
246
|
|
|
|
|
|
|
|
247
|
|
|
|
|
|
|
Crypt::Lite returns an empty string if the passphrase does not exactly match. Especially block ciphers often return a partial plain text even if, let's say about 90 % of the passphrase was correct (this will not say it's more secure - it's a property ;-). |
248
|
|
|
|
|
|
|
|
249
|
|
|
|
|
|
|
=head2 Introduction |
250
|
|
|
|
|
|
|
|
251
|
|
|
|
|
|
|
Sometimes it's necessary to protect some certain data against plain reading or you intend to send information through the Internet. Another reason might be to assure users cannot modify their previously entered data in a follow-up step of a long Web transaction where you don't want to deal with server-side session data. The goal of Crypt::Lite was to have a pretty simple way to encrypt and decrypt data without the need to install and compile huge packages with lots of dependencies. |
252
|
|
|
|
|
|
|
|
253
|
|
|
|
|
|
|
Crypt::Lite has the property that it typically returns an empty string on a wrong passphrase instead of a partially decrpyted string. It generates every time a different encrypted hash when you re-encrypt the same data with the same secret string. In normal cases of XOR encryption, what Crypt::Lite is based on, double or tripple encryption does NOT increase the security. Because of the nature of Crypt::Lite I state (because of the shifting concept) double encryption *does* increase the challenge to decrypt it. Nevertheless I *don't* recommend it because at least it creates very large strings ;-) What I really suggest is to use good passphrases not shorter than 6 characters, or better 16 characters length to encrypt. A randomly generated passphrase that is used only once of the same length as the plain text will be the most secure encryption with Crypt::Lite. |
254
|
|
|
|
|
|
|
|
255
|
|
|
|
|
|
|
In general, decryption works also on hashes that have been encrypted on a foreign host (try this with an unpatched IDEA installation ;-). |
256
|
|
|
|
|
|
|
|
257
|
|
|
|
|
|
|
Since last time has grown a harshly thread about XOR encryption I suggest to take a look from time to time on this URL to get the latest news and documentation on |
258
|
|
|
|
|
|
|
|
259
|
|
|
|
|
|
|
http://www.infocopter.com/perl/modules/crypt-lite.html |
260
|
|
|
|
|
|
|
|
261
|
|
|
|
|
|
|
=head2 EXPORT |
262
|
|
|
|
|
|
|
|
263
|
|
|
|
|
|
|
None by default. |
264
|
|
|
|
|
|
|
|
265
|
|
|
|
|
|
|
|
266
|
|
|
|
|
|
|
|
267
|
|
|
|
|
|
|
=head1 SEE ALSO |
268
|
|
|
|
|
|
|
|
269
|
|
|
|
|
|
|
Please find a documentation and related news about this module on |
270
|
|
|
|
|
|
|
|
271
|
|
|
|
|
|
|
http://www.infocopter.com/perl/modules/ |
272
|
|
|
|
|
|
|
|
273
|
|
|
|
|
|
|
There is currently no mailing list. |
274
|
|
|
|
|
|
|
|
275
|
|
|
|
|
|
|
=head1 AUTHOR |
276
|
|
|
|
|
|
|
|
277
|
|
|
|
|
|
|
Reto Schaer, E<lt>retoh@hatespam-cpan.orgE<gt> |
278
|
|
|
|
|
|
|
|
279
|
|
|
|
|
|
|
=head1 COPYRIGHT AND LICENSE |
280
|
|
|
|
|
|
|
|
281
|
|
|
|
|
|
|
Copyright (C) 2002-2006 by Reto Schaer |
282
|
|
|
|
|
|
|
|
283
|
|
|
|
|
|
|
This library is free software; you can redistribute it and/or modify |
284
|
|
|
|
|
|
|
it under the same terms as Perl itself, either Perl version 5.8.3 or, |
285
|
|
|
|
|
|
|
at your option, any later version of Perl 5 you may have available. |
286
|
|
|
|
|
|
|
|
287
|
|
|
|
|
|
|
Feel free to use it for commercial purposes or just for pleasure. You may change the code for your needs if you like. Redistribution and use in source and binary forms, with or without modification, are permitted. |
288
|
|
|
|
|
|
|
|
289
|
|
|
|
|
|
|
I ask you to leave the link to the related documentation anywhere at the the top of the module in case of redistribution my code. |
290
|
|
|
|
|
|
|
|
291
|
|
|
|
|
|
|
=head2 SEE ALSO |
292
|
|
|
|
|
|
|
|
293
|
|
|
|
|
|
|
http://www.infocopter.com/perl/licencing.html |
294
|
|
|
|
|
|
|
|
295
|
|
|
|
|
|
|
=cut |