summaryrefslogtreecommitdiff
path: root/lib/App/Raps2
diff options
context:
space:
mode:
Diffstat (limited to 'lib/App/Raps2')
-rw-r--r--lib/App/Raps2/Password.pm110
1 files changed, 110 insertions, 0 deletions
diff --git a/lib/App/Raps2/Password.pm b/lib/App/Raps2/Password.pm
index 73258b2..73eee32 100644
--- a/lib/App/Raps2/Password.pm
+++ b/lib/App/Raps2/Password.pm
@@ -11,6 +11,57 @@ use Crypt::Eksblowfish::Bcrypt qw(bcrypt_hash en_base64 de_base64);
our $VERSION = '0.2';
+=head1 NAME
+
+App::Raps2::Password - Password class for App::Raps2
+
+=head1 SYNOPSIS
+
+ use App::Raps2::Password;
+
+ my $pass = App::Raps2::Password->new(
+ passphrase => 'secret',
+ );
+
+ my $oneway_hash = $raps2->crypt();
+ $raps2->verify($oneway_hash);
+
+ my $twoway_hash = $raps2->encrypt('data');
+ print $raps2->decrypt($twoway_hash);
+ # "data"
+
+=head1 VERSION
+
+This manual documents B<App::Raps2::Password> version 0.2
+
+=head1 METHODS
+
+=over
+
+=item $pass = App::Raps2::Password->new(I<%conf>)
+
+Creates a new I<App::Raps2::Password> object. You can only have one passphrase
+per object. Arguments:
+
+=over
+
+=item B<cost> => I<int>
+
+Cost to pass to B<Crypt::Eksblowfish>, defaults to 12.
+
+=item B<passphrase> => I<string>
+
+Passphrase to operate with. Mandatory.
+
+=item B<salt> => I<string>
+
+16-byte string to use as salt. If none is specified, B<App::Raps2::Password>
+generates its own.
+
+=back
+
+=cut
+
sub new {
my ($obj, %conf) = @_;
@@ -33,6 +84,12 @@ sub new {
return bless($ref, $obj);
}
+=item $pass->create_salt()
+
+Returns a new 16-byte salt. Contains only printable characters.
+
+=cut
+
sub create_salt {
my ($self) = @_;
my $salt = q{};
@@ -44,6 +101,12 @@ sub create_salt {
return $salt;
}
+=item $pass->salt([I<salt>])
+
+Gets/Sets the currently used salt.
+
+=cut
+
sub salt {
my ($self, $salt) = @_;
@@ -58,6 +121,13 @@ sub salt {
$self->{salt} = $salt;
}
+=item $pass->encrypt(I<data>)
+
+Encrypts I<data> with the passphrase saved in the object, returns the
+corresponding hexadecimal hash (as string).
+
+=cut
+
sub encrypt {
my ($self, $in) = @_;
@@ -71,6 +141,12 @@ sub encrypt {
return $cbc->encrypt_hex($in);
}
+=item $pass->decrypt(I<hexstr>)
+
+Decrypts I<hexstr> (as created by B<encrypt>), returns its original content.
+
+=cut
+
sub decrypt {
my ($self, $in) = @_;
@@ -84,6 +160,12 @@ sub decrypt {
return $cbc->decrypt_hex($in);
}
+=item $pass->crypt()
+
+Return a base64 bcrypt hash of the password, salted with the salt.
+
+=cut
+
sub crypt {
my ($self) = @_;
@@ -97,6 +179,14 @@ sub crypt {
));
}
+=item $pass->verify(I<hash>)
+
+Verify a hash as returned by B<crypt>.
+
+Returns true if it matches, dies if it doesn't.
+
+=cut
+
sub verify {
my ($self, $testhash) = @_;
@@ -109,3 +199,23 @@ sub verify {
}
1;
+
+__END__
+
+=back
+
+=head1 DEPENDENCIES
+
+B<Crypt::CBC>, B<Crypt::Eksblowfish>.
+
+=head1 SEE ALSO
+
+Crypt::CBC(3pm), Crypt::Eksblowfish(3pm).
+
+=head1 AUTHOR
+
+Copyright (C) 2011 by Daniel Friesel E<lt>derf@finalrewind.orgE<gt>
+
+=head1 LICENSE
+
+ 0. You just DO WHAT THE FUCK YOU WANT TO.