DBIx::Class::EncodedColumn::Digest - DBIx::Class::EncodedColumn::Digest documentation

DBIx-Class-EncodedColumn documentation Contained in the DBIx-Class-EncodedColumn distribution.

Index

Code Index:

NAME

Top

DBIx::Class::EncodedColumn::Digest

SYNOPSYS

Top

  #SHA-1 / hex encoding / generate check method
  __PACKAGE__->add_columns(
    'password' => {
      data_type   => 'CHAR',
      size        => 40 + 10,
      encode_column => 1,
      encode_class  => 'Digest',
      encode_args   => {algorithm => 'SHA-1', format => 'hex', salt_length => 10},
      encode_check_method => 'check_password',
  }

  #SHA-256 / base64 encoding / generate check method
  __PACKAGE__->add_columns(
    'password' => {
      data_type   => 'CHAR',
      size        => 40,
      encode_column => 1,
      encode_class  => 'Digest',
      encode_check_method => 'check_password',
      #no  encode_args necessary because these are the defaults ...
  }

DESCRIPTION

Top

ACCEPTED ARGUMENTS

Top

format

The encoding to use for the digest. Valid values are 'binary', 'hex', and 'base64'. Will default to 'base64' if not specified.

algorithm

The digest algorithm to use for the digest. You may specify any valid Digest algorithm. Examples are MD5, SHA-1, Whirlpool etc. Will default to 'SHA-256' if not specified.

See Digest for supported digest algorithms.

salt_length

If you would like to use randomly generated salts to encode values make sure this option is set to > 0. Salts will be automatically generated at encode time and will be appended to the end of the digest. Please make sure that you remember to make sure that to expand the size of your db column to have enough space to store both the digest AND the salt. Please see list below for common digest lengths.

METHODS

Top

make_encode_sub $column_name, \%encode_args

Returns a coderef that takes two arguments, a plaintext value and an optional salt and returns the encoded value with the salt appended to the end of the digest. If a salt is not provided and the salt_length option was greater than zero it will be randomly generated.

make_check_sub $column_name, \%encode_args

Returns a coderef that takes the row object and a plaintext value and will return a boolean if the plaintext matches the encoded value. This is typically used for password authentication.

COMMON DIGEST LENGTHS

Top

     CIPHER    | Binary | Base64 |  Hex
   ---------------------------------------
   | MD2       |   16   |   22   |  32  |
   | MD4       |   16   |   22   |  32  |
   | MD5       |   16   |   22   |  32  |
   | SHA-1     |   20   |   27   |  40  |
   | SHA-256   |   32   |   43   |  64  |
   | SHA-384   |   48   |   64   |  96  |
   | SHA-512   |   64   |   86   | 128  |
   | CRC-CCITT |    3   |    2   |   3  |
   | CRC-16    |    5   |    6   |   4  |
   | CRC-32    |   10   |   14   |   8  |
   | Adler-32  |    4   |    6   |   8  |
   | Whirlpool |   64   |   86   | 128  |
   | Haval-256 |   32   |   44   |  64  |
   ---------------------------------------

SEE ALSO

Top

DBIx::Class::EncodedColumn::Crypt::Eksblowfish::Bcrypt, DBIx::Class::EncodedColumn, Digest

AUTHOR

Top

Guillermo Roditi (groditi) <groditi@cpan.org>

Based on the Vienna WoC ToDo manager code by Matt S trout (mst)

CONTRIBUTORS

Top

See DBIx::Class::EncodedColumn

LICENSE

Top

This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

DBIx-Class-EncodedColumn documentation Contained in the DBIx-Class-EncodedColumn distribution. 
package DBIx::Class::EncodedColumn::Digest;

use strict;
use warnings;
use Digest;

our $VERSION = '0.00001';

my %digest_lengths =
  (
   'MD2'       => { base64 => 22, binary => 16, hex => 32  },
   'MD4'       => { base64 => 22, binary => 16, hex => 32  },
   'MD5'       => { base64 => 22, binary => 16, hex => 32  },

   'SHA-1'     => { base64 => 27, binary => 20, hex => 40  },
   'SHA-256'   => { base64 => 43, binary => 32, hex => 64  },
   'SHA-384'   => { base64 => 64, binary => 48, hex => 96  },
   'SHA-512'   => { base64 => 86, binary => 64, hex => 128 },

   'CRC-CCITT' => { base64 => 2,  binary => 3,  hex => 3   },
   'CRC-16'    => { base64 => 6,  binary => 5,  hex => 4   },
   'CRC-32'    => { base64 => 14, binary => 10, hex => 8   },

   'Adler-32'  => { base64 => 6,  binary => 4,  hex => 8   },
   'Whirlpool' => { base64 => 86, binary => 64, hex => 128 },
   'Haval-256' => { base64 => 44, binary => 32, hex => 64  },
  );
my @salt_pool = ('A' .. 'Z', 'a' .. 'z', 0 .. 9, '+','/','=');

sub make_encode_sub {
  my($class, $col, $args) = @_;
  my $for  = $args->{format}      ||= 'base64';
  my $alg  = $args->{algorithm}   ||= 'SHA-256';
  my $slen = $args->{salt_length} ||= 0;

 die("Valid Digest formats are 'binary', 'hex' or 'base64'. You used '$for'.")
   unless $for =~ /^(?:hex|base64|binary)$/;
  defined(my $object = eval{ Digest->new($alg) }) ||
    die("Can't use Digest algorithm ${alg}: $@");

  my $format_method = $for eq 'binary' ? 'digest' :
    ($for eq 'hex' ? 'hexdigest' : 'b64digest');
  #thanks Haval for breaking the standard. thanks!
  $format_method = 'base64digest 'if ($alg eq 'Haval-256' && $for eq 'base64');

  my $encoder = sub {
    my ($plain_text, $salt) = @_;
    $salt ||= join('', map { $salt_pool[int(rand(65))] } 1 .. $slen);
    $object->reset()->add($plain_text.$salt);
    my $digest = $object->$format_method;
    #print "${plain_text}\t ${salt}:\t${digest}${salt}\n" if $salt;
    return $digest.$salt;
  };

  #in case i didn't prepopulate it
  $digest_lengths{$alg}{$for} ||= length($encoder->('test1'));
  return $encoder;
}

sub make_check_sub {
  my($class, $col, $args) = @_;

  #this is the digest length
  my $len = $digest_lengths{$args->{algorithm}}{$args->{format}};
  die("Unable to find digest length") unless defined $len;

  #fast fast fast
  return eval qq^ sub {
        my \$col_v = \$_[0]->get_column('${col}');
        my \$salt   = substr(\$col_v, ${len});
        \$_[0]->_column_encoders->{${col}}->(\$_[1], \$salt) eq \$col_v;
    } ^ || die($@);
}

1;

__END__;