App-bmkpasswd

 view release on metacpan or  search on metacpan

Changes  view on Meta::CPAN

    While the utility is reported to work without issue, the test does not,
    and I lack access to an appropriate machine for deeper diving.

2.011004 2016-03-09

  - Fall back to Term::ReadKey on MSWin32

2.011003 2016-03-09

  - Fall back to Term::ReadKey to turn off terminal echo on 5.8.x, if
    available; if not, warn loudly and suggest it before prompting for a
    password to crypt

2.011002 2016-03-09

  - Fix `bmkpasswd` executable on 5.8.x (no POSIX::ECHO available)

2.011001 2016-03-08

  - Add `bmkpasswd --available` for listing available crypt methods

Changes  view on Meta::CPAN

  - No code changes; fix 'Changes' to match CPAN::Changes::Spec

2.001001 2013-06-18

  - Kill Term::ReadKey dependency entirely; instead use POSIX::Termios to turn
    off terminal echo.  (haarg clued me in to this in a conversation he was
    having with tobyink on irc.perl.org #web-simple -- thanks!)

2.001000 2013-05-02

  - Output `bmkpasswd` prompts to STDERR for more sensible redirection

  - Make Term::ReadKey optional and warn if we don't have it

2.000003 2013-04-21

  - Cleaner --bench output

  - POD/test cleanups

2.000002 2013-04-19

bin/bmkpasswd  view on Meta::CPAN

             sha512  (requires recent libc or Crypt::Passwd::XS)
             sha256  (requires recent libc or Crypt::Passwd::XS)
 -w, --workcost=NUM Bcrypt work-cost factor; default 08.
                    Higher is slower. Should be a two-digit power of 2.
 -c, --check=HASH   Compare password against given HASH
 -s, --strong       Use strongly-random salt generation
 -b, --benchmark    Show timers; useful for comparing hash generation
 --available        List available methods (one per line)
 --version          Display version information and available methods

If PASSWD is missing, it is prompted for interactively.

=head1 DESCRIPTION

Simple bcrypt-enabled mkpasswd.

While SHA512 isn't a bad choice if you have it, bcrypt has the 
advantage of including a configurable work cost factor.

A higher work cost factor exponentially increases hashing time, meaning 
a brute-force attack against stolen hashes can take a B<very> long time.

bin/bmkpasswd  view on Meta::CPAN


See L<App::bmkpasswd> for more details on bcrypt and the inner workings of
this software.

See L<Crypt::Bcrypt::Easy> if you'd like a simple interface to creating and
comparing bcrypted passwords from your own modules.

=head1 CAVEATS

Users of C<5.8.x> perls or C<MSWin32> platforms will need L<Term::ReadKey> to
turn off terminal echo for password prompts.

=head1 AUTHOR

Jon Portnoy <jon@portnoy.me>

=cut

t/cmd.t  view on Meta::CPAN

}

{ $cmd->run(args => '--available');
  is $? >> 8, 0, 'bmkpasswd --available exit 0';
  ok !$cmd->stderr, 'bmkpasswd --available produced no stderr';
  like $cmd->stdout, qr/bcrypt\n/, 'bmkpasswd --available';
}

{ $cmd->run(stdin => 'foo');
  is $? >> 8, 0, 'bmkpasswd (defaults) exit 0';
  like $cmd->stderr, qr/Password/, 'bmkpasswd prompted on stderr';
  my $crypt = $cmd->stdout;
  chomp $crypt;
  cmp_ok length($crypt), '==', 60, 'bcrypt output correct length';
  
  $cmd->run(args => "--check=@{[quotemeta $crypt]} foo");
  is $? >> 8, 0, 'bmkpasswd --check exit 0';
  ok !$cmd->stderr, 'bmkpasswd --check produced no stderr' 
    or diag $cmd->stderr;
  cmp_ok $cmd->stdout, 'eq', "Match\n$crypt\n",
    'bmkpasswd --check returned hash';



( run in 1.042 second using v1.01-cache-2.11-cpan-6aa56a78535 )