Crypt: Verschlüsselungsmethoden
Texte symetrisch verschlüsseln
Das zentrale Modul zur einfachen Verschlüsselung von Texten beliebiger Länge ist Crypt::CBC. Es implementiert Cipher Block Chaining für verschiedene Verschlüsselungsalgorithmen wie z.B.:
Die Verschlüsselung nutzt die Methode encrypt().
use Crypt::CBC;
my $key = "some key";
my $plaintext = "some secret text";
my $encryption_method = "Blowfish"; # or any other supported method
my $cipher = new Crypt::CBC($key, $encryption_method);
my $ciphertext = $cipher->encrypt($plaintext);
Analog wird über die Methode decrypt entschlüsselt.
my $cipher = new Crypt::CBC($key, $encryption_method);
my $plaintext = $cipher->decrypt($ciphertext);
MD5-Digest für APOP-Authentisierung
APOP-Authentisierung verwendet statt Benutzerkennung/Paßwort einen MD5-Digest aus dem POP3-Datumsstempel und dem Benutzerpaßwort.
Das folgende Perl-Skript berechnet die Prüfsumme für eine APOP-Authentisierung:
#!/usr/bin/perl -w
use Digest::MD5 qw(md5_hex);
my $stamp = '<1017.997873531@mail.zf2.de>';
my $secret = 'geheimes_passwort';
print md5_hex($stamp . $secret); # fb66767976cd0c6749bdd072964f5663
Weitere Dateils zu APOP, POP3 und SMTP_AUTH unter http://webmail.zf2.de/technik.html.
Perl-Modul für SMTP-Authentisierung
Das Perl-Module Net::SMTP bietet ein
komfortables Interface zum Versenden von Emails über SMTP. Es beinhaltet
jedoch zum gegenwärtigen Zeitpunkt keine Unterstützung für
SMTP_AUTH. Die hier vorgestellte Erweiterung bietet eine Unterstützung der
Authentisierungstypen "PLAIN", "LOGIN" und
"CRAM-MD5" und kann leicht für andere Typen erweitert werden.
# Net::SMTP_auth.pm
#
# alex pleiner 2001,2003 zeitform Internet Dienste
# thanks to Graham Barr for Net::SMTP
# This program is free software; you can redistribute it and/or
# modify it under the same terms as Perl itself.
package Net::SMTP_auth;
require 5.001;
use strict;
use vars qw($VERSION @ISA);
use Socket 1.3;
use Carp;
use IO::Socket;
use Net::Cmd;
use Net::Config;
use Net::SMTP;
use MIME::Base64;
use Digest::HMAC_MD5 qw(hmac_md5_hex);
$VERSION = "0.04";
@ISA = qw(Net::SMTP);
# all other method taken from Net::SMTP
sub auth_types {
my $me = shift;
if (exists ${*$me}{'net_smtp_esmtp'}) {
my $esmtp = ${*$me}{'net_smtp_esmtp'};
if(exists $esmtp->{AUTH}) {
return $esmtp->{AUTH};
}
}
return;
}
sub auth {
my $me = shift;
my $auth_type = shift ||
carp 'Net::SMTP_auth: missing argument "auth_type" to method "auth"';
my $user = shift;
my $pass = shift;
## go for auth login
if (uc($auth_type) eq "LOGIN") {
$me->_AUTH("LOGIN");
if ( $me->code() == 334 ) {
my $encoded_user = encode_base64($user); chomp $encoded_user;
$me->command($encoded_user)->response();
if ( $me->code() == 334 ) {
my $encoded_pass = encode_base64($pass); chomp $encoded_pass;
$me->command($encoded_pass)->response();
if ( $me->code() == 235 ) {
return 1;
}
}
}
return;
## go for auth cram-md5
} elsif (uc($auth_type) eq "CRAM-MD5") {
$me->_AUTH("CRAM-MD5");
if ( $me->code() == 334 ) {
my $stamp = $me->message;
my $hmac = hmac_md5_hex(decode_base64($stamp), $pass);
my $answer = encode_base64($user . " " . $hmac); $answer =~ s/\n//g;
$me->command($answer)->response();
if ( $me->code() == 235 ) {
return 1;
}
}
return;
## go for auth plain
} elsif (uc($auth_type) eq "PLAIN") {
$me->_AUTH("PLAIN");
if ( $me->code() == 334 ) {
my $string = encode_base64("\000$user\000$pass"); $string =~ s/\n//g;
$me->command($string)->response();
if ( $me->code() == 235 ) {
return 1;
}
}
return;
## other auth methods not supported
} else {
carp "Net::SMTP_auth: authentication type \"$auth_type\" not supported";
return;
}
}
sub _AUTH { shift->command("AUTH", @_)->response() == CMD_OK }
1;
__END__
=head1 NAME
Net::SMTP_auth - Simple Mail Transfer Protocol Client with AUTHentication
=head1 SYNOPSIS
use Net::SMTP_auth;
# Constructors
$smtp = Net::SMTP_auth->new('mailhost');
$smtp = Net::SMTP_auth->new('mailhost', Timeout => 60);
=head1 DESCRIPTION
This module implements a client interface to the SMTP and ESMTP
protocol AUTH service extension, enabling a perl5 application to talk
to and authenticate against SMTP servers. This documentation assumes
that you are familiar with the concepts of the SMTP protocol described
in RFC821 and with the AUTH service extension described in RFC2554.
A new Net::SMTP_auth object must be created with the I<new> method. Once
this has been done, all SMTP commands are accessed through this object.
The Net::SMTP_auth class is a subclass of Net::SMTP, which itself is
a subclass of Net::Cmd and IO::Socket::INET.
=head1 EXAMPLES
This example authenticates via CRAM-MD5 and sends a small message to
the postmaster at the SMTP server known as mailhost:
#!/usr/bin/perl -w
use Net::SMTP_auth;
$smtp = Net::SMTP_auth->new('mailhost');
$smtp->auth('CRAM-MD5', 'user', 'password');
$smtp->mail($ENV{USER});
$smtp->to('postmaster');
$smtp->data();
$smtp->datasend("To: postmaster\n");
$smtp->datasend("\n");
$smtp->datasend("A simple test message\n");
$smtp->dataend();
$smtp->quit;
=head1 CONSTRUCTOR
=over 4
=item new Net::SMTP_auth [ HOST, ] [ OPTIONS ]
This is the constructor for a new Net::SMTP_auth object. It is
taken from Net::SMTP as all other methods (except I<auth> and
I<auth_types>) are, too.
=head1 METHODS
Unless otherwise stated all methods return either a I<true> or I<false>
value, with I<true> meaning that the operation was a success. When a method
states that it returns a value, failure will be returned as I<undef> or an
empty list.
=over 4
=item auth_types ()
Returns the AUTH methods supported by the serarated
string. This string is exacly the line given by the SMTP server after
the C<EHLO> command containing the keyword C<AUTH>.
=item auth ( AUTH, USER, PASSWORD )
Authenticates the user C<USER> via the authentication method C<AUTH>
and the password C<PASSWORD>. Returns I<true> if successful and I<false>
if the authentication failed. Remember that the connection is not closed
if the authentication fails. You may issue a different authentication
attempt. If you once are successfully authenticated, you cannot send
the C<AUTH> command again.
=back
=head1 SEE ALSO
L<Net::SMTP> and L<Net::Cmd>
=head1 AUTHOR
Alex Pleiner <alex@zeitform.de>, zeitform Internet Dienste.
Thanks to Graham Barr <gbarr@pobox.com> for Net::SMTP.
=head1 COPYRIGHT
Copyright (c) 2001,2003 zeitform Internet Dienste. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the same terms as Perl itself.
=cut
Zufälliges Passwort generieren
Auch ohne Crypt-Module zu verwenden kann unter Zuhilfenahme der
rand()-Funktion ein einfaches Paßwort erzeugt werden:
#!/usr/bin/perl -w
# lege einen Array mit Zeichen an (hier nur alphanumerische Zeichen, die
# nicht leicht verwechselt werden koennen)
my @chars = ( 'A'..'H', 'J'..'N', 'P'..'Z', 'a'..'k', 'm'..'z', 1..9 );
my $length = $ARGV[0] || 8; # setze Laenge des Passwortes
# generiere Passwort
# $array[rand @array] liefert ein zufaelliges Element des Arrays @array
my $password = "";
foreach (1..$length) { $password .= $chars[rand @chars]; }
print $password, "\n";
Links
Zusammengestellt von Alex Pleiner
© 2001 zeitform Internet Dienste Bei Problemen wenden Sie sich bitte an den Webmaster
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.1.
