CGI/Perl Guide | Learning Center | Forums | Advertise | Login
Site Search: in

  Main Index MAIN
Search Posts SEARCH
Who's Online WHO'S
Log in LOG

Home: Perl Programming Help: Intermediate:
salt and password generation



Sep 22, 2015, 5:59 AM

Post #1 of 5 (2300 views)
salt and password generation Can't Post

I have a PHP script that uses the following routine to generate a salt and password for new users. I also have a perl script for which I need the same routine. How do I write this for use in perl?

$salt = substr(md5(uniqid(rand(), true)), 0, 9);
$password = escape(sha1($salt . sha1($salt . sha1($password)))

I'll be passing the $password to the routine.

Veteran / Moderator

Sep 22, 2015, 6:47 AM

Post #2 of 5 (2296 views)
Re: [newera] salt and password generation [In reply to] Can't Post

Start by reading the documentation for the corresponding perl functions and run a few tests. There's not always a direct one-to-one match between the results of php and perl functions, so you'll probably need to do some tweaking if you want both language routines to return the exact same password. This is especially true when writing your own custom encryption routines, like you're currently doing..

rand() -
Digest::MD5 -
Digest::SHA1 -
Data::Uniqid -

I can't find an escape function on, so I don't know what your escape function does and because of that, I can't provide a corresponding perl function.

(This post was edited by FishMonger on Sep 22, 2015, 6:48 AM)


Sep 22, 2015, 1:11 PM

Post #3 of 5 (2285 views)
Re: [FishMonger] salt and password generation [In reply to] Can't Post

the escape should not be there.... sorry

It should read:

$salt = substr(md5(uniqid(rand(), true)), 0, 9);  
$password = sha1($salt . sha1($salt . sha1($password)))

Would it be possible to call this PHP function from within my perl script? With an include maybe?

Veteran / Moderator

Sep 23, 2015, 2:42 AM

Post #4 of 5 (2270 views)
Re: [newera] salt and password generation [In reply to] Can't Post

Although I don't like that too much, you could probably use the Perl backticks to call a PHP program, but probably not a specific function within a PHP program. Something like that (which should be adapted to the PHP calling conventions, which I have completely forgotten):

my $password = `php php_script.php $salt`:

Then $password should contain any output provided by the PHP script.

But again, PHP is Web-oriented and a bit special in terms of calling and output conventions, there might be some additional tweaking involved, and I don't know enough about PHP to help on this side of the issue.

(This post was edited by Laurent_R on Sep 24, 2015, 5:42 AM)

Veteran / Moderator

Sep 23, 2015, 8:25 AM

Post #5 of 5 (2261 views)
Re: [newera] salt and password generation [In reply to] Can't Post

I am not suggesting you should do/use this; I'm just pointing you to a possible answer to your question. One which I would never use myself.

PHP::Interpreter - An embedded PHP5 interpreter


Search for (options) Powered by Gossamer Forum v.1.2.0

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives