Steve Eirium > Crypt-Password-0.05 > Crypt::Password

Download:
Crypt-Password-0.05.tar.gz

Dependencies

Annotate this POD

CPAN RT

New  1
Open  4
View/Report Bugs
Module Version: 0.05   Source   Latest Release: Crypt-Password-0.28

NAME ^

Crypt::Password - Unix-style, Variously Hashed Passwords

SYNOPSIS ^

 use Crypt::Password;
 
 my $hashed = password("password");
 
 $user->set_password($hashed);
 
 if ($user->get_password eq password($from_client)) {
     # authenticated
 }
 
 # This is called Modular Crypt Format.
 
 if (password($from_database)->check($from_user)) {
     # authenticated
 }
 
 # Default algorithm, supplied salt:
 my $hashed = password("password", "salt");
 
 # md5, no salt:
 my $hashed = password("password", "", "md5");
 
 # sha512, invented salt: 
 my $hashed = password("password", undef, "sha512");

DESCRIPTION ^

This is just a wrapper for perl's crypt(), which can do everything you would probably want to do to store a password, but this is to make usage easier.

The object stringifies to the return string of the crypt() function, which is usually (see "KNOWN ISSUES") in Modular Crypt Format:

 # scalar($hashed):
 #    v digest   v hash ->
 #   $5$%RK2BU%L$aFZd1/4Gpko/sJZ8Oh.ZHg9UvxCjkH1YYoLZI6tw7K8
 #      ^ salt ^

That you can store, etc, retrieve then give it to password() again to ->check($given_password) or string compare to the output of a new password($given_password).

If the given string is already hashed it is assumed to be okay to use it as is. This means users can supply pre-hashed passwords to you.

FUNCTIONS ^

password ( $password [, $salt [, $algorithm]] )

Constructs a Crypt::Password object.

METHODS ^

check ( $another_password )

Checks the given password hashes the same as that this object represents.

hash

Returns the hash.

salt

Returns the salt.

algorithm

Returns the algorithm by name.

algorithm_arg

Returns the algorithm as it is represented in the Modular Crypt Formatted output of crypt(3).

KNOWN ISSUES ^

Cryptographic functionality depends greatly on your local glibc's crypt(3). Old Linux may not support sha*, many other platforms only support md5, or that and Blowfish, etc.

SUPPORT, SOURCE ^

If you have a problem, submit a test case via a fork of the github repo.

 http://github.com/st3vil/Crypt-Password

AUTHOR AND LICENCE ^

Code by Steve Eirium, nostrasteve@gmail.com, idea by Sam Vilain, sam.vilain@catalyst.net.nz. Development commissioned by NZ Registry Services.

Copyright 2009, NZ Registry Services. This module is licensed under the Artistic License v2.0, which permits relicensing under other Free Software licenses.

SEE ALSO ^

Digest::SHA, Authen::Passphrase, Crypt::SaltedHash

syntax highlighting: