开发者

How to translate OpenSSL encryption to Perl?

问答 作者:

I have some C code to encrypt text:

ngx_int_t
ngx_http_encrypted_session_3des_mac_encrypt (ngx_pool_t * pool,
                                             ngx_log_t * log,
                                             const u_char * iv, size_t iv_len,
                                             const u_char * key,
                                             size_t key_len,
                                             const u_char * in, size_t in_len,
                                             ngx_uint_t expires,
                                             u_char ** dst, size_t * dst_len)
{
    EVP_CIPHER_CTX ctx;
    const EVP_CIPHER *cipher;
    u_char *p, *data;
    int ret;
    size_t block_size, buf_size, data_size;
    int len;
    uint64_t expires_time;
    time_t now;
    if (key_len != ngx_http_encrypted_session_key_length) {
        return NGX_ERROR;
    }
    EVP_CIPHER_CTX_init (&ctx);
    cipher = EVP_aes_256_cbc ();
    block_size = EVP_CIPHER_block_size (cipher);
    data_size = in_len + siz开发者_开发问答eof (expires_time);
    buf_size = MD5_DIGEST_LENGTH        /* for the digest */
        + (data_size + block_size - 1)  /* for EVP_EncryptUpdate */
        +block_size             /* for EVP_EncryptFinal */
        ;
    p = ngx_palloc (pool, buf_size + data_size);
    if (p == NULL) {
        return NGX_ERROR;
    }
    *dst = p;
    data = p + buf_size;
    ngx_memcpy (data, in, in_len);
    if (expires == 0) {
        expires_time = 0;
    } else {
        now = time (NULL);
        if (now == -1) {
            goto evp_error;
        }
        expires_time = (uint64_t) now + (uint64_t) expires;
    }
    expires_time = ngx_http_encrypted_session_htonll (expires_time);
    ngx_memcpy (data + in_len, (u_char *) & expires_time,
                sizeof (expires_time));
    MD5 (data, data_size, p);
    p += MD5_DIGEST_LENGTH;
    ret = EVP_EncryptInit (&ctx, cipher, key, iv);
    if (!ret) {
        goto evp_error;
    }
/* encrypt the raw input data */
    ret = EVP_EncryptUpdate (&ctx, p, &len, data, data_size);
    if (!ret) {
        goto evp_error;
    }
    p += len;
    ret = EVP_EncryptFinal (&ctx, p, &len);
    if (!ret) {
        return NGX_ERROR;
    }
/* XXX we should still explicitly release the ctx
 * or we'll leak memory here */
    EVP_CIPHER_CTX_cleanup (&ctx);
    p += len;
    *dst_len = p - *dst;
    if (*dst_len > buf_size) {
        ngx_log_error (NGX_LOG_ERR, log, 0,
                       "encrypted_session: 3des_mac_encrypt: buffer error");
        return NGX_ERROR;
    }
    return NGX_OK;

  evp_error:
    EVP_CIPHER_CTX_cleanup (&ctx);
    return NGX_ERROR;
}

But I want to translate this logic to Perl. Why is MD5 hashing used in this code? What Perl module should I use?

MD5 is used as a message digest here.

Since this appears to be straightforward SSL, you should be able to use one of the SSL modules for perl (such as Net::SSLEay or IO::Socket::SSL)

You should look at

Digest::SHA1

and

Digest::MD5

modules.
I guess you are mixing both algorithms to increase safety as MD5 is only 128 bits and thus not really safe.

继续阅读:opensslperl

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9