Benoit Vanalderweireldt Benoit Vanalderweireldt - 18 days ago 4
Perl Question

How could i hide/protect password from a Perl script

i'm writing a Perl script that need to connect to a smtp server in order to send a mail, but i really don't like this kind of things :

my $pass = '123456';


And i found Data::Encrypted, that should allow the user to prompt a it the first time and then store it encrypted.

use Data::Encrypted file => ".passwd", qw(encrypted);
my $password = encrypted('password');


But i cannot make it work, it makes a running time error :


Bad key file format at /Library/Perl/5.12/Data/Encrypted.pm line 78


Is anybody having the same issue, or know another way to hide/protect password ?

Answer

The Data::Encrypted module was last released in 2001. I'd say that's a good sign not to use it.

Normally, I'd say storing passwords at all is a bad idea even encrypted. However, if you must store a password for use contacting another system, encrypting it is the way to go. The way I would do it is something like this:

# Rijndael is also known as AES, which is the encryption standard used by the NSA
use Crypt::Rijndael;
use IO::Prompter;

# This secret is exactly 32 bytes long, you could prompt for this as a
# passphrase or something and pad it with spaces or whatever you need
my $app_secret = 'this_is_the_key_the_app_uses....';

# Setup the encryption system
my $crypto = Crypt::Rijndael->new( $app_secret, Crypt::Rijndael::MODE_CBC() );

# Ask the user to enter the password the first time
my $password = prompt "password: ", -echo => ''; # from IO::Prompter

# Encrypt the password. You can save this off into a file however you need to
my $enc_password = $crypto->encrypt($password);

# Later load it from the file and decrypt it:
my $password = $crypto->decrypt($password);

For more information see Crypt::Rijndael and IO::Prompter.