• Your recent searches
Apache-CryptHash
1 match

 view release on metacpan or  search on metacpan

CryptHash.pm  view on Meta::CPAN 

  return undef unless exists ${$state}{MAC};	# punt if decode failure
  foreach (keys %$state) {
    ${$state}{$_} =~ s/%58/:/g;
  }
# invalid if the cookie was tampered with
  
  return undef unless &_MAC($self, $state, $ck, 'check');
  foreach ( @$ck ) {
    return undef unless exists ${$state}{$_};
  }
  $flag;		# return true
}

sub checkMAC {
  my ( $self, $s, $k ) = @_;
  return _MAC($self, $s, $k, 'check');
}

sub _MAC {
  my ( $self, $s, $k, $action ) = @_;
  @_ = ($k) ? sort @$k : ();
  my @fields = @{$s}{@_};
  my $md5 = Crypt::CapnMidNite->new_md5;
  my $newmac = $md5->md5_base64($self->{CRYPT} . 
	$md5->md5_base64(join '', $self->{CRYPT}, @fields));
  return $s->{MAC} = $newmac if $action eq 'generate';
  return 1 if ($newmac eq $s->{MAC} && $action eq 'check');
  return undef;
}

# split to an even number of fields
# this will split to a hash when the trailing value is null
#
sub _evensplit {
  my ( $m, $s ) = @_;
  @_ = split(/$m/, $s, -1);
  push ( @_, '') if @_ % 2;
  @_;
}

1;
__END__

=head1 NAME

Apache::CryptHash - Encrypted tokens for cookies

=head1 SYNOPSIS

use Apache::CryptHash;

=head1 DESCRIPTION

Creates an encrypted cookie-like string with a MAC (checksum) 
from a hash of critical and non-critical values. The MAC is 
created on only the critical values. Decryption will fail if
the string has been altered and the MAC does not match when 
the string is decrypted.

Particularly useful when using COOKIES and will do all the 
hard work for Apache::AuthCookie

=over 4

=item C<init()>

Create class reference and set passcode to the value
returned by Sys::Hostname::hostname;

  my $c = Apache::CryptHash->init;	# default passcode = hostname

init takes an optional parameter 

  my $c = Apache::CryptHash->init('no');

  $c->passcode('no'}		# will turn encryptation off
				# and put in Debug mode

Optionally, the passcode or debug may be set by

  $c->passcode('no')		# will turn encryptation off
                                # and put in Debug mode
  $c->passcode('newpasscode');	# change the passcode

=item C<name & passcode>


Hash Header may be set to any string

  $c->name('some_string');	# default 'Secret'

Just remember to obey the rules for allowed characters in cookie strings for
both B<name & passcode>

=item C<encode()>

Generate an encrypted cookie-like value from a hash. Optional invarient
values may be specified for a MAC

  $c->encode(\%state, \@mac_keys).

Only the crypt secret and the mac_keys valuess are present in the MAC. What
is returned is 

  NAME:crypted_string (NAME.Debug:crypted_string)

where $c->pascode(I<somename>) (default 'Secret')

=item C<decode($$$)>

Decrypt and generate state hash from the encrypted hash

  $c->decode(\$cookie,\%state, \@mac_keys);

Return false if decode or MAC fails

=item C<md5_hex($)>

Return the md5 hash of input string.

=item C<md5_b64($)>



( run in 1.968 second using v1.01-cache-2.11-cpan-22024b96cdf )