NAME

Crypt::Passphrase::Encoder - Base class for Crypt::Passphrase encoders

VERSION

version 0.020

DESCRIPTION

This is a base class for password encoders. It is a subclass of Crypt::Passphrase::Validator.

SUBCLASSING

Mandatory methods

It expects the subclass to implement the following four methods:

hash_password

$encoder->hash_password($password)

This hashes a $password. Note that this will typically return a different value each time since it uses a unique salt every time.

verify_password

$encoder->verify_password($password, $hash)

This checks if a $password satisfies $hash.

needs_rehash

$encoder->needs_rehash($hash)

This method will return true if the password hash needs a rehash. This may either mean it's using a different hashing algoritm, or because it's using different parameters.

crypt_subtypes

$encoder->crypt_subtypes

This method returns the types of crypt entries this validator supports. This is used to implement accepts_hash.

Optional methods

recode_hash

$encoder->recode_hash($hash)

This method recodes the $hash if possible. By default it will just return the hash unmodified, this is usualy what you want.

Provided methods

It provides the following methods to aid in implementing encoders:

random_bytes

$encoder->random_bytes($count)

This is a utility method to aid in generating a good salt.

secure_compare

$encoder->secure_compare($left, $right)

This compares two strings in a way that resists timing attacks.

AUTHOR

Leon Timmermans <fawaka@gmail.com>

COPYRIGHT AND LICENSE

This software is copyright (c) 2021 by Leon Timmermans.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.