The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.


Crypt::xDBM_File - encrypt almost any kind of dbm file


 use Crypt::xDBM_File;
 use GDBM_File; # remember to only load those you really want
 use SDBM_File;
 use NDBM_File;
 use Fcntl; # neede by SDBM_File and NDBM_File
 tie %hash, 'Crypt::xDBM_File', crypt_method, key, 'GDBM_FILE', $filename, &GDBM_WRCREAT, 0640;

 tie %hash, 'Crypt::xDBM_File', 'IDEA', "my_key", 'NDBM_FILE', $filename, O_RDWR|O_CREAT, 0640;

 tie %hash, 'Crypt::xDBM_File', 'DES', "my_key", 'SDBM_FILE', $filename, O_RDWR|O_CREAT, 0640;

 tie %hash, 'Crypt::xDBM_File', 'Crypt::Blowfish', "my key", 'GDBM_FILE', $filename, &GDBM_WRCREAT, 0640;


Crypt::xDBM_File encrypts/decrypts the data in a gdbm,ndbm,sdbm (and maybe even berkeleyDB, but I didn't test that) file. It gets tied to a hash and you just access the hash like normal. The crypt function can be any of the CPAN modules that use encrypt, decrypt, keysize, blocksize (so Crypt::IDEA, Crypt::DES, Crypt::Blowfish, ... should all work)

You can in a single dbm file mix encryption methods, just be prepared to handle the binary muck that you get from trying to decrypt with an algorithm different from the one a key was originally encrypted in (for example if you do a keys or values, you'll get all of the keys regardless of who encrypted them).

***IMPORTANT*** Encryption keys (the key you pass in on the tie line) will be padded or truncated to fit the keysize(). Data (the key/values of the hash) is padded to fill complete blocks of blocksize(). The padding is stripped before being returned to the user so you shouldn't need to worry about it (except truncated keys). Read the doc that comes with crypt function to get an idea of what these sizes are. If keysize or blocksize returns a zero the default is set to 8 bytes (64 bits).


Eric Estabrooks,