1Authen::Passphrase::PHPUassesr(3C)ontributed Perl DocumeAnuttahteino:n:Passphrase::PHPass(3)
2
3
4
6 Authen::Passphrase::PHPass - passphrases using the phpass algorithm
7
9 use Authen::Passphrase::PHPass;
10
11 $ppr = Authen::Passphrase::PHPass->new(
12 cost => 10, salt => "NaClNaCl",
13 hash_base64 => "ObRxTm/.EiiYN02xUeAQs/");
14
15 $ppr = Authen::Passphrase::PHPass->new(
16 cost => 10, salt_random => 1,
17 passphrase => "passphrase");
18
19 $ppr = Authen::Passphrase::PHPass->from_crypt(
20 '$P$8NaClNaClObRxTm/.EiiYN02xUeAQs/');
21
22 $ppr = Authen::Passphrase::PHPass->from_rfc2307(
23 '{CRYPT}$P$8NaClNaClObRxTm/.EiiYN02xUeAQs/');
24
25 $cost = $ppr->cost;
26 $cost_base64 = $ppr->cost_base64;
27 $cost = $ppr->nrounds_log2;
28 $cost_base64 = $ppr->nrounds_log2_base64;
29 $salt = $ppr->salt;
30 $hash = $ppr->hash;
31 $hash_base64 = $ppr->hash_base64;
32
33 if($ppr->match($passphrase)) { ...
34
35 $passwd = $ppr->as_crypt;
36 $userPassword = $ppr->as_rfc2307;
37
39 An object of this class encapsulates a passphrase hashed using the
40 phpass algorithm invented by Solar Designer and described at
41 <http://www.openwall.com/phpass/>. This is a subclass of
42 Authen::Passphrase, and this document assumes that the reader is
43 familiar with the documentation for that class.
44
45 The phpass algorithm is based on the MD5 message digest algorithm.
46 There is an eight-byte salt, which is conventionally restricted to
47 consist of base 64 digits. There is also a cost parameter that
48 controls the expense of hashing. First the salt and passphrase are
49 concatenated and hashed by MD5. Then, 2^cost times, the hash from the
50 previous stage is concatenated with the passphrase and hashed by MD5.
51 The passphrase hash is the output from the final iteration.
52
53 The passphrase hash is represented in ASCII using the crypt format with
54 prefix "$P$". The first character after the format prefix is a base 64
55 digit giving the cost parameter. The next eight characters are the
56 salt. The salt is followed by 22 base 64 digits giving the hash. The
57 base 64 digits are ".", "/", "0" to "9", "A" to "Z", "a" to "z" (in
58 ASCII order).
59
61 Authen::Passphrase::PHPass->new(ATTR => VALUE, ...)
62 Generates a new passphrase recogniser object using the phpass
63 algorithm. The following attributes may be given:
64
65 cost
66 Base-two logarithm of the number of hashing rounds to perform.
67
68 cost_base64
69 Base-two logarithm of the number of hashing rounds to perform,
70 expressed as a single base 64 digit.
71
72 nrounds_log2
73 Synonym for cost.
74
75 nrounds_log2_base64
76 Synonym for cost_base64.
77
78 salt
79 The salt, as an eight-byte string.
80
81 salt_random
82 Causes salt to be generated randomly. The value given for this
83 attribute is ignored. The salt will be a string of eight base
84 64 digits. The source of randomness may be controlled by the
85 facility described in Data::Entropy.
86
87 hash
88 The hash, as a 16-byte string.
89
90 hash_base64
91 The hash, as a string of 22 base 64 digits.
92
93 passphrase
94 A passphrase that will be accepted.
95
96 The cost and salt must be given, and either the hash or the
97 passphrase.
98
99 Authen::Passphrase::PHPass->from_crypt(PASSWD)
100 Generates a new phpass passphrase recogniser object from a crypt
101 string. The crypt string must consist of "$P$", one base 64
102 character encoding the cost, the salt, then 22 base 64 digits
103 giving the hash. The salt must be exactly 8 characters long, and
104 cannot contain any character that cannot appear in a crypt string.
105
106 Authen::Passphrase::PHPass->from_rfc2307(USERPASSWORD)
107 Generates a new phpass passphrase recogniser object from an RFC
108 2307 string. The string must consist of "{CRYPT}" (case
109 insensitive) followed by an acceptable crypt string.
110
112 $ppr->cost
113 Returns the base-two logarithm of the number of hashing rounds that
114 will be performed.
115
116 $ppr->cost_base64
117 Returns the base-two logarithm of the number of hashing rounds that
118 will be performed, expressed as a single base 64 digit.
119
120 $ppr->nrounds_log2
121 Synonym for "cost".
122
123 $ppr->nrounds_log2_base64
124 Synonym for "cost_base64".
125
126 $ppr->salt
127 Returns the salt, as a string of eight bytes.
128
129 $ppr->hash
130 Returns the hash value, as a string of 16 bytes.
131
132 $ppr->hash_base64
133 Returns the hash value, as a string of 22 base 64 digits.
134
135 $ppr->match(PASSPHRASE)
136 $ppr->as_crypt
137 $ppr->as_rfc2307
138 These methods are part of the standard Authen::Passphrase
139 interface.
140
142 Authen::Passphrase, Digest::MD5
143
145 Andrew Main (Zefram) <zefram@fysh.org>
146
148 Copyright (C) 2006, 2007, 2009, 2010, 2012 Andrew Main (Zefram)
149 <zefram@fysh.org>
150
152 This module is free software; you can redistribute it and/or modify it
153 under the same terms as Perl itself.
154
155
156
157perl v5.36.0 2023-01-20 Authen::Passphrase::PHPass(3)