Authen-SCRAM
view release on metacpan or search on metacpan
lib/Authen/SCRAM/Role/Common.pm view on Meta::CPAN
use 5.008;
use strict;
use warnings;
package Authen::SCRAM::Role::Common;
our $VERSION = '0.011';
use Moo::Role 1.001000;
use Authen::SASL::SASLprep 1.100 qw/saslprep/;
use Carp qw/croak/;
use Crypt::URandom qw/urandom/;
use Encode qw/encode_utf8/;
use MIME::Base64 qw/encode_base64/;
use PBKDF2::Tiny 0.003 qw/digest_fcn hmac/;
use Try::Tiny;
use Types::Standard qw/Bool Enum Num HashRef CodeRef/;
use namespace::clean;
#--------------------------------------------------------------------------#
# public attributes
#--------------------------------------------------------------------------#
has digest => (
is => 'ro',
isa => Enum [qw/SHA-1 SHA-224 SHA-256 SHA-384 SHA-512/],
default => 'SHA-1',
);
has nonce_size => (
is => 'ro',
isa => Num,
default => 192,
);
has skip_saslprep => (
is => 'ro',
isa => Bool,
);
#--------------------------------------------------------------------------#
# private attributes
#--------------------------------------------------------------------------#
has _const_eq_fcn => (
is => 'lazy',
isa => CodeRef,
);
# constant time comparison to avoid timing attacks; uses
# String::Compare::ConstantTime if available or a pure-Perl fallback
sub _build__const_eq_fcn {
my ($self) = @_;
# XXX disable String::Compare::ConstantTime until a new version
# is released that fixes warnings on older perls.
if ( 0 && eval { require String::Compare::ConstantTime; 1 } ) {
return \&String::Compare::ConstantTime::equals;
}
else {
return sub {
my ( $dk1, $dk2 ) = @_;
my $dk1_length = length($dk1);
return unless $dk1_length == length($dk2);
my $match = 1;
for my $offset ( 0 .. $dk1_length ) {
$match &= ( substr( $dk1, $offset, 1 ) eq substr( $dk2, $offset, 1 ) ) ? 1 : 0;
}
return $match;
};
}
}
has _digest_fcn => (
is => 'lazy',
isa => CodeRef,
( run in 1.254 second using v1.01-cache-2.11-cpan-39bf76dae61 )