NAME

Text::Password::AutoMigration - generate and verify Password with any contexts

SYNOPSIS

my $pwd = Text::Password::AutoMigration->new();
my( $raw, $hash ) = $pwd->genarate();          # list context is required
my $input = $req->body_parameters->{passwd};
my $data = $pwd->encrypt($input);              # salt is made automatically
my $flag = $pwd->verify( $input, $data );

DESCRIPTION

Text::Password::AutoMigration is a module for some lasy Administrators. It would help Administrators who tries to replace old crypted MD5ed message digests.

The method verify automatically detects the algorithm which is applied to the hash with CORE::crypt, MD5, SHA-1 by hex, SHA-256 and of course SHA-512.

And every verify returns a brand new hash generated by using with SHA-512.

Therefore all you have to do is to replace the old hash with the new one.

Constructor and initialization

new()

No arguments are required. But you can set some parameters.

default(Int)

You can set default length with using 'default' attribute like below:

$pwd = Text::Pasword::AutoMiglation->new( default => 8 );

It must be an Int, defaults to 10.

readablity(Bool)

You can set default strength for password with usnig 'readablity' attribute like below:

$pwd = Text::Pasword::AutoMiglation->new( readability => 0 );

It must be a Boolean, defaults to 1. If it was false, generate() starts to return stronger passwords with charactors hard to read.

migrate(Bool)

It must be a Boolean, defaults to 1. If you've already replaced all hash or started to make new applications with this module, you can call the constructor with migrate = 0>. Then verify() would not return a new hash but always 1. It may help you a little faster without any change of your code.

Methods and Subroutines

verify( $raw, $hash )

To tell the truth, this is the most useful method of this module.

it Returns a true strings instead of boolean if the verification succeeds.

Every value is brand new hash from SHA-512 because it is true anyway.

So you can replace hash in your Database easily like below: my $pwd = Text::Password::AutoMigration->new(); my $dbh = DBI->connect(...); my $db_hash_ref = $dbh->fetchrow_hashref(...);

my $param = $req->body_parameters;
my $hash = $pwd->verify( $param->{passwd}, $db_hash_ref->{passwd} );
if ($hash) { # you don't have to execute this every time
   my $sth = $dbh->prepare('UPDATE DB SET passwd=? WHERE uid =?') or die $dbh->errstr;
   $sth->excute( $hash, $param->{uid} ) or die $sth->errstr;
}

New hash length is at least 100 if length of nonce . So you have to change your DB like below:

ALTER TABLE User CHANGE passwd passwd VARCHAR(100);

nonce(Int)

generates the random strings with enough strength.

the length defaults to 10 or $self->default().

encrypt(Str)

returns hash with unix_sha512_crypt().

salt will be made automatically.

generate(Int)

genarates pair of new password and it's hash.

less readable characters(0Oo1Il|!2Zz5sS$6b9qCcKkUuVvWwXx.,:;~-^'"`) are forbidden unless $self->readability is 0.

the length defaults to 10 || $self->default().

DON'T TRUST this method. According to Password expert says he was wrong, it's not a safe way. So, I will rewrite this method as soon as I find the better way.

SEE ALSO

GitHub
CPAN
https://shattered.io/

LICENSE

Copyright (C) Yuki Yoshida(worthmine).

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

AUTHOR

Yuki Yoshida <worthmine@users.noreply.github.com>