Authen::Passphrase::EggdropBlowfish 0.005

Authen::Passphrase::EggdropBlowfish is a Perl module with passphrases using Eggdrop's blowfish.mod.

SYNOPSIS

use Authen::Passphrase::EggdropBlowfish;

$ppr = Authen::Passphrase::EggdropBlowfish->new(
hash_base64 => "9tpsG/61YqX/");

$ppr = Authen::Passphrase::EggdropBlowfish->new(
passphrase => "passphrase");

$hash = $ppr->hash;
$hash_base64 = $ppr->hash_base64;

if($ppr->match($passphrase)) { ...

An object of this class encapsulates a passphrase hashed using the Blowfish-based algorithm used in Eggdrop's blowfish.mod. This is a subclass of Authen::Passphrase, and this document assumes that the reader is familiar with the documentation for that class.

This hash scheme uses no salt, and does not accept a zero-length passphrase. It uses the passphrase as a Blowfish key to encrypt a standard plaintext block. The hash is the ciphertext block. The standard Blowfish key schedule only accepts keys from 8 to 56 bytes long; this algorithm relaxes that requirement and accepts any non-zero length. Up to 72 bytes of passphrase/key are significant; any more are ignored.

In Eggdrop the hash is represented as a "+" followed by twelve base 64 digits. The first six digits encode the second half of the hash, and the last six encode the first half. Within each half the bytes are encoded in reverse order. The base 64 digits are ".", "/", "0" to "9", "a" to "z", "A" to "Z" (in that order).

Note: Due to the Blowfish key length restriction being strictly enforced in Crypt::Blowfish, this module currently dies if given a passphrase longer than 56 bytes. This limitation will be corrected in a future version. Passphrases shorter than 8 bytes are correctly handled despite Blowfish rules.

Warning: The hash is small by modern standards, and the lack of salt is a weakness in this scheme. For a scheme that makes better use of Blowfish see Authen::Passphrase::BlowfishCrypt.

Requirements:

· Perl



Product's homepage

Requirements:

· Perl