App-bmkpasswd
view release on metacpan or search on metacpan
While the utility is reported to work without issue, the test does not,
and I lack access to an appropriate machine for deeper diving.
2.011004 2016-03-09
- Fall back to Term::ReadKey on MSWin32
2.011003 2016-03-09
- Fall back to Term::ReadKey to turn off terminal echo on 5.8.x, if
available; if not, warn loudly and suggest it before prompting for a
password to crypt
2.011002 2016-03-09
- Fix `bmkpasswd` executable on 5.8.x (no POSIX::ECHO available)
2.011001 2016-03-08
- Add `bmkpasswd --available` for listing available crypt methods
- No code changes; fix 'Changes' to match CPAN::Changes::Spec
2.001001 2013-06-18
- Kill Term::ReadKey dependency entirely; instead use POSIX::Termios to turn
off terminal echo. (haarg clued me in to this in a conversation he was
having with tobyink on irc.perl.org #web-simple -- thanks!)
2.001000 2013-05-02
- Output `bmkpasswd` prompts to STDERR for more sensible redirection
- Make Term::ReadKey optional and warn if we don't have it
2.000003 2013-04-21
- Cleaner --bench output
- POD/test cleanups
2.000002 2013-04-19
bin/bmkpasswd view on Meta::CPAN
sha512 (requires recent libc or Crypt::Passwd::XS)
sha256 (requires recent libc or Crypt::Passwd::XS)
-w, --workcost=NUM Bcrypt work-cost factor; default 08.
Higher is slower. Should be a two-digit power of 2.
-c, --check=HASH Compare password against given HASH
-s, --strong Use strongly-random salt generation
-b, --benchmark Show timers; useful for comparing hash generation
--available List available methods (one per line)
--version Display version information and available methods
If PASSWD is missing, it is prompted for interactively.
=head1 DESCRIPTION
Simple bcrypt-enabled mkpasswd.
While SHA512 isn't a bad choice if you have it, bcrypt has the
advantage of including a configurable work cost factor.
A higher work cost factor exponentially increases hashing time, meaning
a brute-force attack against stolen hashes can take a B<very> long time.
bin/bmkpasswd view on Meta::CPAN
See L<App::bmkpasswd> for more details on bcrypt and the inner workings of
this software.
See L<Crypt::Bcrypt::Easy> if you'd like a simple interface to creating and
comparing bcrypted passwords from your own modules.
=head1 CAVEATS
Users of C<5.8.x> perls or C<MSWin32> platforms will need L<Term::ReadKey> to
turn off terminal echo for password prompts.
=head1 AUTHOR
Jon Portnoy <jon@portnoy.me>
=cut
}
{ $cmd->run(args => '--available');
is $? >> 8, 0, 'bmkpasswd --available exit 0';
ok !$cmd->stderr, 'bmkpasswd --available produced no stderr';
like $cmd->stdout, qr/bcrypt\n/, 'bmkpasswd --available';
}
{ $cmd->run(stdin => 'foo');
is $? >> 8, 0, 'bmkpasswd (defaults) exit 0';
like $cmd->stderr, qr/Password/, 'bmkpasswd prompted on stderr';
my $crypt = $cmd->stdout;
chomp $crypt;
cmp_ok length($crypt), '==', 60, 'bcrypt output correct length';
$cmd->run(args => "--check=@{[quotemeta $crypt]} foo");
is $? >> 8, 0, 'bmkpasswd --check exit 0';
ok !$cmd->stderr, 'bmkpasswd --check produced no stderr'
or diag $cmd->stderr;
cmp_ok $cmd->stdout, 'eq', "Match\n$crypt\n",
'bmkpasswd --check returned hash';
( run in 1.042 second using v1.01-cache-2.11-cpan-6aa56a78535 )