|
Apache::Wyrd::Services::CodeRing - Apache-resident crypto tool |
Apache::Wyrd::Services::CodeRing - Apache-resident crypto tool (Blowfish)
my $cr1 = Apache::Wyrd::Services::CodeRing->new;
my $key = $cr1->key;
my $secret = "The turtle moves!"
my $cytext = $cr1->encrypt($secret);
my $cr2 = Apache::Wyrd::Services::CodeRing->new({key => $key});
my $plaintext = ($cr2->decrypt($crptext)
|| die "Key or cypher text was corrupt");
The CodeRing is an encryption/decryption object for use primarily for encrypting state information into cookies or hidden variables without exposing the data to deconstruction or corruption in transference.
It uses the blowfish algorithm via either a Crypt::Blowfish or Crypt::Blowfish_PP module, depending on which one compiles on this system, preferring the C-based one.
The CodeRing uses an internal hashing algorithm (MD5) to check the validity of the decrypt. If the decrypt shows alteration, it returns an empty string.
Unless the CodeRing is given a key on initialization, it uses an
instance of the Apache::Wyrd::Services::Key class, which is designed to
be a constant in primary server memory space.
(format: (returns) name (arguments after self))
new ([hashref])key (void)encrypt (scalarref)decrypt (scalarref)
Rather than returning an error, the decrypt method silently returns a
ref to an empty string on an unsuccessful decrypt. The null byte (``\0'')
is used internally as a string terminator. Any item encrypted
containing null bytes will not successfully decrypt.
Barry King <wyrd@nospam.wyrdwright.com>
Copyright 2002-2004 Wyrdwright, Inc. and licensed under the GNU GPL.
See LICENSE under the documentation for Apache::Wyrd.
|
Apache::Wyrd::Services::CodeRing - Apache-resident crypto tool |