HOWTO – Encryption with Perl

I’m a huge fan of encryption, and here I’d like to show you how you can utilize the Crypt::Rijldael module to encrypt any blob of data.

First, we need to initialize some modules.

use Crypt::Rijndael;
use MIME::Base64;

Let’s create the encryption function.  The function will take two inputs, the plain text, and the pass key to use.  It will output a base64 encoded blob of data.

sub encrypt
{
	my ($plaintext,$password) = @_;
 
	# == The input text must be in blocks of 16, so pad it with nulls until it is
	my $trail = 16 - (length($plaintext) % 16 );
	$plaintext .= "\0" x $trail;
 
	# == setup the encryption module
	my $cipher = Crypt::Rijndael->new(pack("A32",$password),Crypt::Rijndael::MODE_CBC());
	$cipher->set_iv(pack("A16",$password));
 
	# == encrypt the text
 	my $crypted = $cipher->encrypt($plaintext);
 
	# == because it could contain unreadble binary chacters, change it to base64
	my $encoded = encode_base64($crypted);
 
	# == now give it back
	return $encoded;
}

Encryption is great, but it’s pretty useless if we can’t decrypt it as well.  Similar to the previous function, it will take the encrypted base64 blob as input, along with the pass key.

sub decrypt
{
	my ($ciphertext,$password) = @_;
 
	# == the ciphertext comes in as base64, so it needs to be decoded first
	my $cipher_nonbase64 = decode_base64($ciphertext);
 
	# == now we setup the encryption module
	my $cipher = Crypt::Rijndael->new(pack("A32",$password),Crypt::Rijndael::MODE_CBC());
	$cipher->set_iv(pack("A16",$password));
 
	# == and we do the decrption
	my $plaintext = $cipher->decrypt($cipher_nonbase64);
 
	# == return the result back
	return $plaintext;
}

Now to bring it all together, we can use the following program to demonstrate how it all works.

my $input = "CPAN is not FAKE news.";	# == the message you'd like to encrypt
my $password = "donald123";		# == the password you want to use
 
print "Text to encrypt --> $input\n";
my $enc = &encrypt($input,$password);
print "Encrypted --> $enc\n";
 
my $pt = &decrypt($enc,$password);
print "Decrypted --> $pt <--\n";

Design notes

You don’t have to use these functions.  You can just call the encrypt & decrypt functions within Crypt::Rijndael directly.  The problem however is that Crypt::Rijndael expects the data in blocks of 16 or 32 characters.  If you don’t do that, the function fails.  My functions take care of that, by padding the data to the necessary length.

I’ve also opted to also encode the data to Base64.  Since encrypted text is sometimes unreadable, I’ve opted to rather have readable output, that can be used in any application, without causing too many other issues with unreadable characters.  The decryption code will do a decode of base64 first, and then do the decryption.

Lastly, I did not do any validation on the decryption to confirm that the data was correctly decrypted.  If you provide the wrong password, it will decrypt it using that password, however the output will not be what you expected.  If you decide to use these functions in a real world application, I would urge you to check the data coming out of the decryption before you use it, to confirm that it is what you expect.

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *