Crypt::Eksblowfish::Bcrypt(3pm)

1Crypt::Eksblowfish::BcrUyspetr(3C)ontributed Perl DocumeCnrtyaptti:o:nEksblowfish::Bcrypt(3)
2
3
4

NAME

6       Crypt::Eksblowfish::Bcrypt - Blowfish-based Unix crypt() password hash
7

SYNOPSIS

9               use Crypt::Eksblowfish::Bcrypt qw(bcrypt_hash);
10
11               $hash = bcrypt_hash({
12                               key_nul => 1,
13                               cost => 8,
14                               salt => $salt,
15                       }, $password);
16
17               use Crypt::Eksblowfish::Bcrypt qw(en_base64 de_base64);
18
19               $text = en_base64($octets);
20               $octets = de_base64($text);
21
22               use Crypt::Eksblowfish::Bcrypt qw(bcrypt);
23
24               $hashed_password = bcrypt($password, $settings);
25

DESCRIPTION

27       This module implements the Blowfish-based Unix crypt() password hashing
28       algorithm, known as "bcrypt".  This hash uses a variant of Blowfish,
29       known as "Eksblowfish", modified to have particularly expensive key
30       scheduling.  Eksblowfish and bcrypt were devised by Niels Provos and
31       David Mazieres for OpenBSD.  The design is described in a paper at
32       <http://www.usenix.org/events/usenix99/provos.html>.
33

FUNCTIONS

35       bcrypt_hash(SETTINGS, PASSWORD)
36           Hashes PASSWORD according to the supplied SETTINGS, and returns the
37           23-octet hash.  SETTINGS must be a reference to a hash, with these
38           keys:
39
40           key_nul
41               Truth value: whether to append a NUL to the password before
42               using it as a key.  The algorithm as originally devised does
43               not do this, but it was later modified to do it.  The version
44               that does append NUL is to be preferred; not doing so is
45               supported only for backward compatibility.
46
47           cost
48               Non-negative integer controlling the cost of the hash function.
49               The number of operations is proportional to 2^cost.
50
51           salt
52               Exactly sixteen octets of salt.
53
54       en_base64(BYTES)
55           Encodes the octet string textually using the form of base 64 that
56           is conventionally used with bcrypt.
57
58       de_base64(TEXT)
59           Decodes an octet string that was textually encoded using the form
60           of base 64 that is conventionally used with bcrypt.
61
62       bcrypt(PASSWORD, SETTINGS)
63           This is a version of "crypt" (see "crypt" in perlfunc) that
64           implements the bcrypt algorithm.  It does not implement any other
65           hashing algorithms, so if others are desired then it necessary to
66           examine the algorithm prefix in SETTINGS and dispatch between more
67           than one version of "crypt".
68
69           SETTINGS must be a string which encodes the algorithm parameters,
70           including salt.  It must begin with "$2", optional "a", "$", two
71           digits, "$", and 22 base 64 digits.  The rest of the string is
72           ignored.  The presence of the optional "a" means that a NUL is to
73           be appended to the password before it is used as a key.  The two
74           digits set the cost parameter.  The 22 base 64 digits encode the
75           salt.  The function will "die" if SETTINGS does not have this
76           format.
77
78           The PASSWORD is hashed according to the SETTINGS.  The value
79           returned is a string which encodes the algorithm parameters and the
80           hash: the parameters are in the same format required in SETTINGS,
81           and the hash is appended in the form of 31 base 64 digits.  This
82           result is suitable to be used as a SETTINGS string for input to
83           this function: the hash part of the string is ignored on input.
84

AUTHOR

89       Andrew Main (Zefram) <zefram@fysh.org>
90

COPYRIGHT

92       Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Andrew Main (Zefram)
93       <zefram@fysh.org>
94

LICENSE

96       This module is free software; you can redistribute it and/or modify it
97       under the same terms as Perl itself.
98
99
100
101perl v5.12.3                      2011-04-30     Crypt::Eksblowfish::Bcrypt(3)