/ 
Crypt-Password-0.05
River stage one • 2 direct dependents • 2 total dependents
/ Crypt::Password

NAME

Crypt::Password - Unix-style, Variously Hashed Passwords

SYNOPSIS

use Crypt::Password;

my $hashed = password("password");

$user->set_password($hashed);

if ($user->get_password eq password($from_client)) {
    # authenticated
}

# This is called Modular Crypt Format.

if (password($from_database)->check($from_user)) {
    # authenticated
}

# Default algorithm, supplied salt:
my $hashed = password("password", "salt");

# md5, no salt:
my $hashed = password("password", "", "md5");

# sha512, invented salt: 
my $hashed = password("password", undef, "sha512");

DESCRIPTION

This is just a wrapper for perl's crypt(), which can do everything you would probably want to do to store a password, but this is to make usage easier.

The object stringifies to the return string of the crypt() function, which is usually (see "KNOWN ISSUES") in Modular Crypt Format:

# scalar($hashed):
#    v digest   v hash ->
#   $5$%RK2BU%L$aFZd1/4Gpko/sJZ8Oh.ZHg9UvxCjkH1YYoLZI6tw7K8
#      ^ salt ^

That you can store, etc, retrieve then give it to password() again to ->check($given_password) or string compare to the output of a new password($given_password).

If the given string is already hashed it is assumed to be okay to use it as is. This means users can supply pre-hashed passwords to you.

FUNCTIONS

password ( $password [, $salt [, $algorithm]] )

Constructs a Crypt::Password object.

METHODS

check ( $another_password )

Checks the given password hashes the same as that this object represents.

hash

Returns the hash.

salt

Returns the salt.

algorithm

Returns the algorithm by name.

algorithm_arg

Returns the algorithm as it is represented in the Modular Crypt Formatted output of crypt(3).

KNOWN ISSUES

Cryptographic functionality depends greatly on your local glibc's crypt(3). Old Linux may not support sha*, many other platforms only support md5, or that and Blowfish, etc.

SUPPORT, SOURCE

If you have a problem, submit a test case via a fork of the github repo.

http://github.com/st3vil/Crypt-Password

AUTHOR AND LICENCE

Code by Steve Eirium, nostrasteve@gmail.com, idea by Sam Vilain, sam.vilain@catalyst.net.nz. Development commissioned by NZ Registry Services.

Copyright 2009, NZ Registry Services. This module is licensed under the Artistic License v2.0, which permits relicensing under other Free Software licenses.

SEE ALSO

Digest::SHA, Authen::Passphrase, Crypt::SaltedHash