Crypt::Bcrypt - A modern bcrypt implementation
version 0.011
use Crypt::Bcrypt qw/bcrypt bcrypt_check/;
my $hash = bcrypt($password, '2b', 12, $salt);
if (bcrypt_check($password, $hash)) {
...
}
This module provides a modern and user-friendly implementation of the bcrypt
password hash.
Note that in bcrypt passwords may only contain 72 characters and may not contain
any null-byte. To work around this limitation this module supports prehashing
the input in a way that prevents password shucking.
The password is always expected to come as a (utf8-encoded) byte-string.
This computes the bcrypt hash for $password in $subtype, with $cost and $salt.
Valid subtypes are:
- •
- "2b"
This is the subtype the rest of the world has been using since 2014, you
should use this unless you have a very specific reason to use something
else.
- •
- "2a"
This is an old and subtly buggy version of bcrypt. This is mainly useful for
Crypt::Eksblowfish compatibility.
- •
- "2y"
This type is considered equivalent to "2b", and is only commonly
used on php.
- •
- "2x"
This is a very broken version that is only useful for compatibility with
ancient php versions.
$cost must be between 4 and 31 (inclusive). $salt must be exactly 16 bytes.
This checks if the $password satisfies the $hash, and does so in a timing-safe
manner.
This works like the "bcrypt" functions, but pre-hashes the password
using the specified hash. This is mainly useful to get around the 72 character
limit. Currently 'sha256', 'sha384' and 'sha512' are supported (but note that
sha512 doesn't actually fit in bcrypt's input limit so is a bit moot), this is
keyed with the salt to prevent password shucking. If $hash_algorithm is an
empty string it will perform a normal "bcrypt" operation.
This verifies pre-hashed passwords as generated by "bcrypt_prehashed".
This returns true if the bcrypt hash uses a different subtype, cost or hash
algorithm than desired.
This returns a list of supported prehashes. Current that's "('sha256',
'sha384', 'sha512')" but in the future it may include more.
- •
- Crypt::Passphrase
This is usually a better approach to managing your passwords, it can use
this module via Crypt::Passphrase::Bcrypt. It facilitates upgrading the
algorithm parameters or even the algorithm itself.
- •
- Crypt::Eksblowfish::Bcrypt
This also offers bcrypt, but only supports the "2a" subtype.
Leon Timmermans <
[email protected]>
This software is copyright (c) 2021 by Leon Timmermans.
This is free software; you can redistribute it and/or modify it under the same
terms as the Perl 5 programming language system itself.