Crypt::AnyPasswordHash
Use best installed password encryption available
Synopsis
use Crypt::AnyPasswordHash;
my $password = 'somepassword';
my Str $hash = hash-password($password);
if check-password($hash, $password ) {
# password ok
}
Description
This module exports two subroutines hash-password
and check-password
which encrypt password and check a provided password against an encrypted hash.
The implementation for the hash-password
is provided by the first of:
which can be found. Crypt::Libcrypt
will be installed as a dependency so it will nearly always work but is dependent on the mechanisms provided by the libcrypt
: with a fairly recent libcrypt
it will be able to determine and use the best available algorithm, falling back to attempt SHA-512, however if that isn't available it may fall back to DES which is not considered secure enough for production use. You can tell you are getting DES when the hash returned by hash-password
is only 13 characters long, if this is the case then you should install one of the other providers.
The check-password
will attempt to validate against all the available mechanisms until one validates the password or the mechanisms are exhausted. This is so that, if you are validating against stored hashes, if a new supported module is installed or this module is upgraded then you will still be able to verify against hashes made by a previous mechanism.
Installation
If you have a working Rakudo installation, you should be able to install this with zef :
zef install Crypt::AnyPasswordHash
# or from a local copy
zef install .
Support
If you have any suggestions or patches, please send then to Github
New hashing providers are welcomed - any new modules should export the subroutines for hashing and verifying.
Crypt::Bcrypt does work but it needs a small change to be detected.
Licence
This is free software.
Please see the LICENCE file in the distribution
© Jonathan Stowe 2019 - 2021