sthuler has asked for the wisdom of the Perl Monks concerning the following question:

Hello everybody!

I know that encryption of passwords and control of encrypted passwords is possible with PERL under unix systems. I do not know how, but I can find the info about that.
However, I'd like to know if this is also possible under Win32 and what are the main differences.
To be honest, I'm not sure I'd like to try this for hours before discovering that it's not possible under Win32, so any info about that would be REALLY useful ;)

Thanks in advance!


- Sébastien Thüler <sthuler@isuisse.com>

Replies are listed 'Best First'.
Re: Crypted password under Win32
by HamNRye (Monk) on Jul 10, 2001 at 20:55 UTC

    Unix password encryption is usually done with the "crypt" command line utility. Windows does not have this ability because it does not have crypt.

    The answer?? Find a windows command line encryption program or:

    Use Martin Vorlaender's Crypt::UnixCrypt module on Windows. http://search.cpan.org/search?dist=Crypt-UnixCrypt

    However, it is not *exactly* the same as linux crypt(). That is, for some passwords that contained non-alphanumerics in the first 2 character positions, the hash produced by Crypt::UnixCrypt and linux's crypt() differed.

    If you just need something that works similarly to crypt on windows, this module works well. But don't use it if you need the hashes to be portable. ~Hammy

[reply]
Re: Crypted password under Win32
by foogod (Friar) on Jul 10, 2001 at 21:07 UTC

    The answer is a resounding YES! However your question is a bit sketchy. (<-- word of the day!)

    The best (IMHO) is Digest::MD5. This mod allows for both encryption and decryption, (good tip: run md5 twice). For information on loading perl modules on windows check here.

    Hope that helps, also as far as the difference (between *nix and Windows) in handling encryption is little (if any) as long as you use modules (like MD5). If you try to use system resources such as rand or crypt then you begin to find more changes. MD5 on windows or *nix is the same (AFAIK).


    - foogod

[reply]
[d/l]
[select]

      More on the crypt:

      From "readme.win32"

      <snippet>

      If you have either the source or a library that contains des_fcrypt(), enable the appropriate option in the makefile. des_fcrypt() is not bundled with the distribution due to US Government restrictions on the export of cryptographic software. Nevertheless, this routine is part of the ``libdes'' library (written by Eric Young) which is widely available worldwide, usually along with SSLeay (for example: ``ftp://fractal.mta.ca/pub/crypto/SSLeay/DES/''). Set CRYPT_SRC to the name of the file that implements des_fcrypt(). Alternatively, if you have built a library that contains des_fcrypt(), you can set CRYPT_LIB to point to the library name. The location above contains many versions of the ``libdes'' library, all with slightly different implementations of des_fcrypt(). Older versions have a single, self-contained file (fcrypt.c) that implements crypt(), so they may be easier to use. A patch against the fcrypt.c found in libdes-3.06 is in des_fcrypt.patch.

      Perl will also build without des_fcrypt(), but the crypt() builtin will fail at run time.

      </snippet>

      So, if recompiling your perl is an option, here's another solution. Not that this all makes sense to me....

      ~Hammy

[reply]
[d/l]
[select]

        That information is old. Modern versions of Perl from ActiveState and InigoStar come with working crypt that does exactly the same as the crypt of Unix Perls.

                - tye (but my friends call me "Tye")
[reply]

Back to Seekers of Perl Wisdom