damian has asked for the wisdom of the Perl Monks concerning the following question:

sun solaris have this crypt program compiled using gcc i think, it's features is that it can crypt and decrypt keys.... i need a code that somehow clones this crypt of sun. i know perl have this crypt() function, but if i use this crypt function there is no way to decrypt the key i had inputed. did anybody here has done that? cloning sun's crypt to a perl program? thanks in advance

Replies are listed 'Best First'.
Re: cloning Sun's crypt
by marcos (Scribe) on May 15, 2000 at 13:03 UTC
    I don't know Sun's crypt program, and I don't know if someone made a perl version of it. My suggestion is to invoke the program from your perl script when you need it?
    You can use system: here is an example from perlfunc man page: 
    @args = ("command", "arg1", "arg2");
system(@args) == 0
     or die "system @args failed: $?"

    [download]
    Instead if you need to catch the crypt program output you can use a pipe open 
    $param1 = "some value";
$param2 = "some other value";
open (CRYPT, "crypt -$param1 -$param2 |") or die "error: $!";
while (<CRYPT>) {
    print; #here you can make any manipulation you need with the progr
+am output
}
close (CRYPT);

    [download]
    Hope this helps.
    marcos
[reply]
[d/l]
[select]
Re: cloning Sun's crypt
by lhoward (Vicar) on May 15, 2000 at 16:11 UTC
    I dont know of a perl implementation of the unix crypt(1) command. crypt(1) is notoriously weak and should not be used to encrypt anything that you want to stay secure. The unix crypt(3) function (the one used to encrypt passwords) is implemented in perl, but is a one-way function (i.e. you can only encrypt, not decrypt). Decrypting requires brute-force attack of some sort.

    Take a look at the Crypt modules from CPAN. If you are just looking for a general purpose encryption/decruption engine, there are many Crypt modules that would fit the bill:

    • Crypt::DES
    • Crypt::IDEA
    • Crypt::Blowfish
    • Crypt::ElGamal
    • etc...
[reply]
RE: cloning Sun's crypt
by Specimen (Acolyte) on May 15, 2000 at 19:17 UTC
    I think you are confused (or you didnt put your question well).

    The whole point of the crypt(a,b) function (or at least every version i have seen of it) is that it gives encrypted output for a given input and salt. There is no known non-brute-force way to computationally get plain text back out of an encrypted string (to the best of my knowledge).
[reply]
Re: cloning Sun's crypt
by ZZamboni (Curate) on May 15, 2000 at 18:52 UTC
    As lhoward pointed out, the unix (it's not exclusive to Solaris, AFAIK) crypt(1) command is more of a toy program than a serious encryption mechanism. From its man page in Solaris:
    crypt implements a one-rotor machine designed along the lines of the German Enigma, but with a 256-element rotor. Methods of attack on such machines are widely known, thus crypt provides minimal security.
    A publicly available program for helping in breaking ciphers generated with crypt(1) is Crypt Breaker's Workbench (cbw.tar.gz).

    Also, from Bruce Schneier's "Applied Cryptography":

    [crypt's] algorithm is far simpler than the World War II German Enigma and, for a skilled cryptanalyst, very easy to break.
    I'm sure I could dig the algorithm out of somewhere if you are really interested in writing a Perl implementation. But if you are really interested in encrypting stuff, use some other algorithm. If you only want to play with it for a while, you could use marcos' suggestion of invoking the program from perl.

    --ZZamboni

[reply]

Back to Seekers of Perl Wisdom