No such thing as a small change | |
PerlMonks |
crypt and blowfish?by skazat (Chaplain) |
on Sep 16, 2005 at 01:31 UTC ( [id://492488]=perlquestion: print w/replies, xml ) | Need Help?? |
skazat has asked for the wisdom of the Perl Monks concerning the following question: Heya, Please let me know if this question doesn't make any sense, I'm still trying to wrap my mind around it. I'm working on a clients server that only has blowfish available for its crypt(3) functions. Ecrypting thingies in Perl doesn't seem to work - observe:
Should print the same encrypted pass over and over again, like, "saHW9GdxihkGQ" But, on the blowfish-only server, it prints out things like: $2a$04$sbKVIAQsDwhO1/am9JaVI.qr13R.8.Cn5Xxqbj6aSqcad/9z3p0Jy Obviously, I'm doing something wrong. For one - I do not see the salt number in the string. The length is much different, but I chalk that up to the different encryption spec. The string, "$2a$04$" is always present, so I'm assuming that this is some sort of marker that tells me I'm working with a blowfish encryption. The question is - how do I now compare this encrypted string to an unencrypted string to validate a password? Regularly, you would just encrypt the password you want to challenge the encrypted password with (using the same salt) - if they match, you've entered the correct password. I'm missing a step. Sort of a:
Does anyone care to enlighten? I know about the Crypt::Blowfish module, I don't necessarily want to use it - I'm sort of asking also why Perl's crypt function isn't working as expected. Thanks, y'all
-justin simoni <script language="JavaScript" src="http://quotes.prolix.nu/cgi-bin/random_quote_js.pl"> </script>
Back to
Seekers of Perl Wisdom
|
|