NAME

Authen::Passphrase::MySQL41 - passphrases using the MySQL v4.1 algorithm

SYNOPSIS

        use Authen::Passphrase::MySQL41;

        $ppr = Authen::Passphrase::MySQL41->new(
                hash_hex => "9CD12C48C4C5DD62914B".
                            "3FABB93131746E9E9115");

        $ppr = Authen::Passphrase::MySQL41->new(
                passphrase => "passphrase");

        $hash = $ppr->hash;
        $hash_hex = $ppr->hash_hex;

        if($ppr->match($passphrase)) { ...

DESCRIPTION

An object of this class encapsulates a passphrase hashed using the algorithm used by MySQL from version 4.1. This is a subclass of Authen::Passphrase, and this document assumes that the reader is familiar with the documentation for that class.

The MySQL v4.1 hash scheme is based on the SHA-1 digest algorithm. The passphrase is first hashed using SHA-1, then the output of that stage is hashed using SHA-1 again. The final hash is the output of the second SHA-1. No salt is used.

In MySQL the hash is represented as a "*" followed by 40 uppercase hexadecimal digits.

The lack of salt is a weakness in this scheme. Salted SHA-1 is a better scheme; see Authen::Passphrase::SaltedDigest.

CONSTRUCTOR

Authen::Passphrase::MySQL41->new(ATTR => VALUE, ...): Generates a new passphrase recogniser object using the MySQL v4.1 algorithm. The following attributes may be given:

hash: The hash, as a string of 20 bytes.
hash_hex: The hash, as a string of 40 hexadecimal digits.
passphrase: A passphrase that will be accepted.

Either the hash or the passphrase must be given.

METHODS

$ppr->hash: Returns the hash value, as a string of 20 bytes.
$ppr->hash_hex: Returns the hash value, as a string of 40 uppercase hexadecimal digits.
$ppr->match(PASSPHRASE): This method is part of the standard Authen::Passphrase interface.

AUTHOR

Andrew Main (Zefram) <zefram@fysh.org>

COPYRIGHT

LICENSE

This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.