开发者

How can I encrypt and decrypt passwords in a Perl CGI program?

开发者 https://www.devze.com 2023-01-15 05:08 出处:网络
Am new to Perl CGI, using ActivePerl, SQLite DB, Apache server and Windows. I have an entry form in which their are fields like Id, Name, Password and so

Am new to Perl CGI, using ActivePerl, SQLite DB, Apache server and Windows. I have an entry form in which their are fields like Id, Name, Password and so on. Whenever anybody makes a new entry then whatever they enter into password field that should be encrypted and get stor开发者_高级运维ed in database.

The next time when that same user enters the password then it should be validated. Now I suppose a decrypt function or code is required.

I found something called MD5 encryption. Please can anybody give me more info about this and help me regarding how to write the code or any link regarding this?


Call make_crypto_hash when you initially set up the user, the parameter is his given passphrase. Store the function return value in the database.

sub make_crypto_hash {
    my ($passphrase) = @_;
    return Authen::Passphrase::BlowfishCrypt->new(
        cost        => 8,
        salt_random => 1,
        passphrase  => $passphrase,
    )->as_rfc2307;
}

Call match_passphrase_against_crypto_hash when someone logs in and you want to see whether the passphrase belongs to the user. The parameters are the crypto hash you retrieve from the database for the given user name, and the passphrase just given by the user. The return value is boolean.

sub match_passphrase_against_crypto_hash {
    my ($crypto_hash, $passphrase) = @_;
    return Authen::Passphrase::BlowfishCrypt
        ->from_rfc2307($crypto_hash)->match($passphrase);
}


MD5 converts any string into a digest. To check if the user's password is valid you don't need the password from the database, but only compare the digest from their entered one to the digest you stored.

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号