Simple Perl Encryption Utility Useful for Off-Site Backups

Dominick Millevoi plug-discuss@lists.PLUG.phoenix.az.us
Thu, 20 Sep 2001 16:01:29 -0400 

This is a multi-part message in MIME format.
--------------DC3D8BF1E9D8B5EB63440C25
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Simple Perl Encryption Utility Useful for Off-Site Backups...

Sorry if this isn't appropriate for the list, but quite a few network administrators and general users I've known have lost data because lacking an easy to use encryption utility, they were fearful of storing their data off-site.

This is a very small, simple, easy to use & modify perl utility that I've written & used for the past 10 months. It's command line driven, which lends itself to batch processing. I've used it & installed the necessary modules under RedHat Linux v6.1 on intel, and SuSE Linux v7.1 on the power pc chip with little effort.

Since the utility is simply written, it can be easily modified to suit anyone's needs with little effort, and after installing the required modules, you'll have all the tools necessary to explore additional uses for encryption.

Basic Directions:

Download & install the following modules from www.cpan.org:
Digest-MD5-2.13.tar.gz
Crypt-IDEA-1.01.tar.gz
Crypt-Blowfish-2.06.tar.gz
Crypt-CBC-1.25.tar.gz

Help Screen Output:

This simple encryption program cascades both Blowfish & Idea algorithms
using Digest-MD5, Crypt::CBC, Crypt::Blowfish, and Crypt::IDEA modules
available on www.cpan.org, which need to be installed for the program to
work.

If you're using Perl 5.6.0 or above, you may need to compile the Crypt
modules in old-style compatibility mode if Perl complains about symbols
being defined only once.
perl Makefile.PL POLLUTE=1 (case matters). 

switches:
-what   e=encrypt, d=decrypt (required)
-file   file to be encrypted or decrypted (required)
-key1   phrase for the Blowfish cipher (under 55 characters, no spaces)
-key2   phrase for the Idea cipher (under 55 characters, no spaces)

Encryption Example:
encrypt -what=e -file=/root/filename -key1='truth&notelse4u' -key2='sockit2me'
[creates filename.encrypted, and doesn't touch the original file.]

Decryption Example:
encrypt -what=d -file=/root/filename -key1='truth&notelse4u' -key2='sockit2me'
[creates filename.decrypted, and doesn't touch the original file.]

IMPORTANT Notes:

The program has 2 hard coded phrases that you should change if you decide not
to enter values for either -key1 or -key2. Search for $B1 & $IDEA in the
source code, and replace them with your own phrase.
--------------DC3D8BF1E9D8B5EB63440C25
Content-Type: text/plain; charset=us-ascii;
 name="encrypt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="encrypt"

#! /usr/bin/perl -w
use Crypt::CBC;
use Crypt::Blowfish;
use Crypt::IDEA;
use Getopt::Long;
my($KEYIN,$KEYIN2,$DOWHAT,$SOURCEFILE,$SOURCE_IN,$DESTINATIONFILE,$cipher,$B1,$IDEA,$SOURCE,$DESTINATION,$HELP);

GetOptions("what=s" => \$DOWHAT,"file=s" => \$SOURCE_IN,"key1:s" => \$KEYIN,"key2:s" => \$KEYIN2,"help:s" => \$HELP);

if (defined $HELP) {
print "This simple encryption program cascades both Blowfish & Idea algorithms
using Digest-MD5, Crypt::CBC, Crypt::Blowfish, and Crypt::IDEA modules
available on www.cpan.org, which need to be installed for the program to
work.

If you're using Perl 5.6.0 or above, you may need to compile the Crypt
modules in old-style compatibility mode if Perl complains about symbols
being defined only once.
perl Makefile.PL POLLUTE=1 (case matters). 

switches:
-what   e=encrypt, d=decrypt (required)
-file   file to be encrypted or decrypted (required)
-key1   phrase for the Blowfish cipher (under 55 characters, no spaces)
-key2   phrase for the Idea cipher (under 55 characters, no spaces)

Encryption Example:
encrypt -what=e -file=/root/filename -key1='truth&notelse4u' -key2='sockit2me'
[creates filename.encrypted, and doesn't touch the original file.]

Decryption Example:
encrypt -what=d -file=/root/filename -key1='truth&notelse4u' -key2='sockit2me'
[creates filename.decrypted, and doesn't touch the original file.]

IMPORTANT Notes:

The program has 2 hard coded phrases that you should change if you decide not
to enter values for either -key1 or -key2. Search for \$B1 & \$IDEA in the
source code, and replace them with your own phrase.\n";
}else{

$B1="Wq5G&(HgFDx5Rdfwwq26&)*6289fo?dbaz99*&TBnKhsTd;LjOwq21";
$IDEA="PyaSDw&8(nh*7HeLP0RdSW4p;(#ibhJBULL6JH)ju&*MiI8ZDlwngt";

if (defined $KEYIN) {$B1="$KEYIN";}
if (defined $KEYIN2) {$IDEA="$KEYIN2";}

if ($DOWHAT eq "e") {
#ENCRYPT FILE WITH BLOWFISH
$SOURCEFILE="$SOURCE_IN";
$DESTINATIONFILE="$SOURCE_IN.one";
$cipher = new Crypt::CBC("$B1",'Crypt::Blowfish');
$cipher->start('encrypting');
open (SOURCE, "$SOURCEFILE") ||
	die "can't open $SOURCEFILE $!";
open (DESTINATION, ">$DESTINATIONFILE") ||
	die "can't open $DESTINATIONFILE $!";
   while (read(SOURCE,$buffer,1024)) {
      print DESTINATION $cipher->crypt($buffer);
   }
print DESTINATION $cipher->finish;

close (SOURCE) || die "can't close $SOURCEFILE: $!";
close (DESTINATION) || die "can't close $DESTINATIONFILE : $!";


#ENCRYPT FILE WITH IDEA
$SOURCEFILE="$SOURCE_IN.one";
$DESTINATIONFILE="$SOURCE_IN.encrypted";
$cipher = new Crypt::CBC("$IDEA",'Crypt::IDEA');
$cipher->start('encrypting');
open (SOURCE, "$SOURCEFILE") ||
	die "can't open $SOURCEFILE $!";
open (DESTINATION, ">$DESTINATIONFILE") ||
	die "can't open $DESTINATIONFILE $!";
   while (read(SOURCE,$buffer,512)) {
      print DESTINATION $cipher->crypt($buffer);
   }
print DESTINATION $cipher->finish;

close (SOURCE) || die "can't close $SOURCEFILE: $!";
close (DESTINATION) || die "can't close $DESTINATIONFILE : $!";

system("rm -f $SOURCE_IN.one");

}

elsif ($DOWHAT eq "d") {
#DECRYPT FILE WITH IDEA
$SOURCEFILE="$SOURCE_IN";
$DESTINATIONFILE="$SOURCE_IN.one";
$cipher = new Crypt::CBC("$IDEA",'Crypt::IDEA');
$cipher->start('decrypting');
open (SOURCE, "$SOURCEFILE") ||
	die "can't open $SOURCEFILE $!";
open (DESTINATION, ">$DESTINATIONFILE") ||
	die "can't open $DESTINATIONFILE $!";
   while (read(SOURCE,$buffer,1024)) {
      print DESTINATION $cipher->crypt($buffer);
   }
print DESTINATION $cipher->finish;

close (SOURCE) || die "can't close $SOURCEFILE: $!";
close (DESTINATION) || die "can't close $DESTINATIONFILE : $!";


#DECRYPT FILE WITH BLOWFISH
$SOURCEFILE="$SOURCE_IN.one";
$DESTINATIONFILE="$SOURCE_IN.decrypted";
$cipher = new Crypt::CBC("$B1",'Crypt::Blowfish');
$cipher->start('decrypting');
open (SOURCE, "$SOURCEFILE") ||
	die "can't open $SOURCEFILE $!";
open (DESTINATION, ">$DESTINATIONFILE") ||
	die "can't open $DESTINATIONFILE $!";
   while (read(SOURCE,$buffer,1024)) {
      print DESTINATION $cipher->crypt($buffer);
   }
print DESTINATION $cipher->finish;

close (SOURCE) || die "can't close $SOURCEFILE: $!";
close (DESTINATION) || die "can't close $DESTINATIONFILE : $!";

system("rm -f $SOURCE_IN.one");
}
}





--------------DC3D8BF1E9D8B5EB63440C25--