Crypt::Password::StretchedHash - simple library for password hashing and stretching
This module provides Generation / Verification method for hashed password string. There are two methods to handle parameters simply.
use Crypt::Password::StretchedHash qw(
crypt
verify
);
use Digest::SHA;
# crypt
my $pwhash = crypt(
password => q{password},
hash => Digest::SHA->new("sha256"),
salt => q{salt},
stretch_count => 5000,
format => q{base64},
);
# verify
my $result = verify(
password => q{password},
password_hash => q{4hvvzqZio+l9vGifQ7xF2+FKiyWRcb4lV3OSo9PsfUw=},
hash => Digest::SHA->new("sha256"),
salt => q{salt},
stretch_count => 5000,
format => q{base64},
);
if you use class of the hash information(Crypt::Passwoed::SaltedHash::HashInfo), there are two methods to generate/verify string for DB Store.
use Your::Password::HashInfo;
use Crypt::Password::StretchedHash qw(
crypt_with_hashinfo
verify_with_hashinfo
);
my $hash_info = Your::Password::HashInfo->new;
# crypt
my $password = ...;
my $pwhash_with_hashinfo = crypt_with_hashinfo(
password => $password,
hash_info => $hash_info,
);
# verify
my $password = ...;
my $pwhash_with_hashinfo = ...;
my $result = verify_with_hashinfo(
password => $password,
password_hash => $pwhash_with_hashinfo,
hash_info => $hash_info,
);
Crypt::Password::StretchedHash is simple library for password hashing and stretching. This module is available in generation and validation of the stretched password hash.
Generates stretched password hash. This uses the following hash algorithm.
for (1..$params{stretch_count}) {
$hash->add( $pwhash, $params{password}, $salt );
$pwhash = $hash->digest;
}
-
$params{password}
This is password string.
-
$params{hash}
This is a hash function. This value must be the object of Digest::SHA or Digest::SHA3.
-
$params{salt}
This is salt string.
-
$params{stretch_count}
This is stretching count. The value will depend on a kind of hash function and the server load.
-
$params{format}
This value is optional. If it has none, the password hash is returned with a binary string. If it has "hex", the password hash is returned with hexadecimal representation. If it has "base64", the password hash is returned with base64 representation.
Verifies stretched password hash. This compares the value of $params{password_hash} with the generated using crypt method.
Generates stretched password hash with hash information.
-
$params{password}
This is password string.
-
$params{hash_info}
This is a hash information. You have to inherit Crypt::Password::StretchedHash::HashInfo.
Verifies stretched password hash with hash information. This compares the value of $params{password_hash} with the generated using crypt method.
-
$params{password}
This is password string.
-
$params{password_hash}
This is hashed password to be compared.
-
$params{hash_info}
This is a hash information. You have to inherit Crypt::Password::StretchedHash::HashInfo.
Copyright (C) Ryo Ito.
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
Ryo Ito ritou.06@gmail.com