如何将OpenSSL加密转换为Perl?

时间:2010-11-29 13:29:28

标签: perl openssl

我有一些C代码来加密文本:

ngx_int_t
ngx_http_encrypted_session_3des_mac_encrypt (ngx_pool_t * pool,
                                             ngx_log_t * log,
                                             const u_char * iv, size_t iv_len,
                                             const u_char * key,
                                             size_t key_len,
                                             const u_char * in, size_t in_len,
                                             ngx_uint_t expires,
                                             u_char ** dst, size_t * dst_len)
{
    EVP_CIPHER_CTX ctx;
    const EVP_CIPHER *cipher;
    u_char *p, *data;
    int ret;
    size_t block_size, buf_size, data_size;
    int len;
    uint64_t expires_time;
    time_t now;
    if (key_len != ngx_http_encrypted_session_key_length) {
        return NGX_ERROR;
    }
    EVP_CIPHER_CTX_init (&ctx);
    cipher = EVP_aes_256_cbc ();
    block_size = EVP_CIPHER_block_size (cipher);
    data_size = in_len + sizeof (expires_time);
    buf_size = MD5_DIGEST_LENGTH        /* for the digest */
        + (data_size + block_size - 1)  /* for EVP_EncryptUpdate */
        +block_size             /* for EVP_EncryptFinal */
        ;
    p = ngx_palloc (pool, buf_size + data_size);
    if (p == NULL) {
        return NGX_ERROR;
    }
    *dst = p;
    data = p + buf_size;
    ngx_memcpy (data, in, in_len);
    if (expires == 0) {
        expires_time = 0;
    } else {
        now = time (NULL);
        if (now == -1) {
            goto evp_error;
        }
        expires_time = (uint64_t) now + (uint64_t) expires;
    }
    expires_time = ngx_http_encrypted_session_htonll (expires_time);
    ngx_memcpy (data + in_len, (u_char *) & expires_time,
                sizeof (expires_time));
    MD5 (data, data_size, p);
    p += MD5_DIGEST_LENGTH;
    ret = EVP_EncryptInit (&ctx, cipher, key, iv);
    if (!ret) {
        goto evp_error;
    }
/* encrypt the raw input data */
    ret = EVP_EncryptUpdate (&ctx, p, &len, data, data_size);
    if (!ret) {
        goto evp_error;
    }
    p += len;
    ret = EVP_EncryptFinal (&ctx, p, &len);
    if (!ret) {
        return NGX_ERROR;
    }
/* XXX we should still explicitly release the ctx
 * or we'll leak memory here */
    EVP_CIPHER_CTX_cleanup (&ctx);
    p += len;
    *dst_len = p - *dst;
    if (*dst_len > buf_size) {
        ngx_log_error (NGX_LOG_ERR, log, 0,
                       "encrypted_session: 3des_mac_encrypt: buffer error");
        return NGX_ERROR;
    }
    return NGX_OK;

  evp_error:
    EVP_CIPHER_CTX_cleanup (&ctx);
    return NGX_ERROR;
}

但我想把这个逻辑翻译成Perl。为什么在此代码中使用MD5哈希?我应该使用什么Perl模块?

2 个答案:

答案 0 :(得分:3)

MD5在此处用作消息摘要。

由于这似乎是简单的SSL,您应该能够使用其中一个用于perl的SSL模块(例如Net::SSLEayIO::Socket::SSL

答案 1 :(得分:0)

你应该看看

  

文摘:: SHA1

  

摘要:: MD5

模块。
我猜你们正在混合使用这两种算法来增加安全性,因为MD5只有128位,因此不太安全。

相关问题
最新问题