Crypt::Password::StretchedHash - Base class that specifies accessor for password information.
Crypt::Password::StretchedHash::HashInfo is base class that specifies accessor for password information. You have to inherit this, and implements subroutines according to the interface contract.
You implement your HashInfo class as follows.
package Your::Password::HashInfo; use parent 'Crypt::Password::StretchedHash::HashInfo'; use Digest::SHA; use Crypt::OpenSSL::Random; use constant STRETCH_COUNT => 5000; sub delimiter { my $self = shift; return q{$}; } sub identifier { my $self = shift; return q{1}; } sub hash { my $self = shift; return Digest::SHA->new("sha256"); } sub salt { my $self = shift; return Crypt::OpenSSL::Random::random_pseudo_bytes(32); } sub stretch_count { my $self = shift; return STRETCH_COUNT; } sub format { my $self = shift; return q{base64}; }
By passing your hashinfo to Crypt::Password::StretchedHash->crypt_with_hashinfo method, you obtain the hashed password with identifier and salt.
use Crypt::Password::StretchedHash qw( crypt_with_hashinfo ); use Your::Password::HashInfo; my $password = ...; my $hash_info = Your::Password::HashInfo->new; my $pwhash_with_hashinfo = crypt_with_hashinfo( password => $password, hash_info => $hash_info, );
It is similar at the time of the verification, you pass your hashinfo to Crypt::Password::StretchedHash->verify_with_hashinfo method.
use Crypt::Password::StretchedHash qw( verify_with_hashinfo ); use Your::Password::HashInfo; my $password = ...; my $pwhash_with_hashinfo = ...; my $hash_info = Your::Password::HashInfo->new; my $is_valid = verify_with_hashinfo( password => $password, password_hash => $pwhash_with_hashinfo, hash_info => $hash_info, );
constructor
It returns delimiter string. If delimiter is "$", generated string is as follows.
$(identifier)$(salt)$(hashed password)
It returns identifier of hashinfo. If delimiter is "$" and identifier is "1", generated string is as follows.
$1$(salt)$(hashed password)
It returns hash object. In the current version, only Digest::SHA and Digest::SHA3 are allowed.
It returns stretching count, and if has to be an integer bigger than 0.
It returns hash object. In the current version, only "hex" and "base64" are allowed.
It returns salt string. It may be binary strings. If delimiter is "$" ,identifier is "1", format is "base64", salt is "test12345" generated string is as follows.
$1$dGVzdDEyMzQ1$(hashed password)
Copyright (C) Ryo Ito.
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
Ryo Ito <ritou.06@gmail.com>
To install Crypt::Password::StretchedHash, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Crypt::Password::StretchedHash
CPAN shell
perl -MCPAN -e shell install Crypt::Password::StretchedHash
For more information on module installation, please visit the detailed CPAN module installation guide.