NAME

Crypt::Password::StretchedHash - Base class that specifies accessor for password information.

DESCRIPTION

Crypt::Password::StretchedHash::HashInfo is base class that specifies accessor for password information. You have to inherit this, and implements subroutines according to the interface contract.

SYNOPSIS

You implement your HashInfo class as follows.

 package Your::Password::HashInfo;
 use parent 'Crypt::Password::StretchedHash::HashInfo';
 use Digest::SHA;
 use Crypt::OpenSSL::Random;
 use constant STRETCH_COUNT => 5000;
 
 sub delimiter {
     my $self = shift;
     return q{$};
 }
 
 sub identifier {
     my $self = shift;
     return q{1};
 }
 
 sub hash {
     my $self = shift;
     return Digest::SHA->new("sha256");
 }
 
 sub salt {
     my $self = shift;
     return Crypt::OpenSSL::Random::random_pseudo_bytes(32);
 }
 
 sub stretch_count {
     my $self = shift;
     return STRETCH_COUNT;
 }

 sub format {
     my $self = shift;
     return q{base64};
 }

By passing your hashinfo to Crypt::Password::StretchedHash->crypt_with_hashinfo method, you obtain the hashed password with identifier and salt.

use Crypt::Password::StretchedHash qw(
    crypt_with_hashinfo
);
use Your::Password::HashInfo;

my $password = ...;
my $hash_info = Your::Password::HashInfo->new;
my $pwhash_with_hashinfo = crypt_with_hashinfo(
    password    => $password,
    hash_info   => $hash_info,
);

It is similar at the time of the verification, you pass your hashinfo to Crypt::Password::StretchedHash->verify_with_hashinfo method.

use Crypt::Password::StretchedHash qw(
    verify_with_hashinfo
);
use Your::Password::HashInfo;

my $password = ...;
my $pwhash_with_hashinfo = ...;
my $hash_info = Your::Password::HashInfo->new;
my $is_valid = verify_with_hashinfo(
    password        => $password,
    password_hash   => $pwhash_with_hashinfo,
    hash_info   => $hash_info,
);

METHODS

new : Object

constructor

delimiter : String

It returns delimiter string. If delimiter is "$", generated string is as follows.

$(identifier)$(salt)$(hashed password)

identifier : String

It returns identifier of hashinfo. If delimiter is "$" and identifier is "1", generated string is as follows.

$1$(salt)$(hashed password)

hash : Object

It returns hash object. In the current version, only Digest::SHA and Digest::SHA3 are allowed.

stretch_count : Int

It returns stretching count, and if has to be an integer bigger than 0.

format : String

It returns hash object. In the current version, only "hex" and "base64" are allowed.

salt : String

It returns salt string. It may be binary strings. If delimiter is "$" ,identifier is "1", format is "base64", salt is "test12345" generated string is as follows.

$1$dGVzdDEyMzQ1$(hashed password)

LICENSE

Copyright (C) Ryo Ito.

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

AUTHOR

Ryo Ito <ritou.06@gmail.com>