in reply to Re^2: [OT?] Sanity check... (On MD5, 3DES, Cookies and other animals)
in thread [OT?] Sanity check... (On MD5, 3DES, Cookies and other animals)


Mod_perl side:
use MD5;

$date = get_todays_shortdate();  # 11/05/2004
$Private_secret = "This is my private server password"
$data = "this is my signed data."

$digest = MD5->hash("$date:$Private_secret:$data");

[download]
Send the digest and the data over to the other server and it knows the Private_secret and can verify that the data has been signed by constructing the same string calling md5->hash on it and comparing the two digests... If the hacker does not know the private_secret or the layout of the digest string then they cant forge the $data sig.


-Waswas
  • Comment on Re^3: [OT?] Sanity check... (On MD5, 3DES, Cookies and other animals)
  • Download Code

Replies are listed 'Best First'.
Re^4: [OT?] Sanity check... (On MD5, 3DES, Cookies and other animals)
by smullis (Pilgrim) on Nov 05, 2004 at 20:58 UTC

    Aha!

    Great idea...


    Cheers

    SM

[reply]

In Section Seekers of Perl Wisdom