[Dbix-class] Re: A better Digest / Encoding / Encryption Component
Moritz Onken
onken at houseofdesign.de
Wed Jan 30 08:23:14 GMT 2008
You should have a look at Crypt::SaltedHash, which is used by Catalyst.
There is also a Plugin called DBIx::Class::SaltedPasswords which I
wrote some month ago. It's pretty simple implementation.
Moritz
--
Moritz Onken
onken at houseofdesign.de
Schützenstraße 81
76137 Karlsruhe
Festnetz: +49 (721) 2048842
Mobil: +49 (176) 24436493
Am 30.01.2008 um 00:52 schrieb Guillermo Roditi:
> Please see working draft, with tests and docs at:
> DBIx::Class::EncodedColumn available in the BAST repo and as a dev
> release on CPAN (should hit your mirror shortly).
>
> example code:
>
> __PACKAGE__->add_columns(
> 'password' => {
> data_type => 'CHAR',
> size => 40,
> encode_column => 1,
> encode_class => 'Digest',
> encode_args => {algorithm => 'SHA-1', format => 'hex'},
> encode_check_method => 'check_password',
> }
>
> #MD5 / base64 encoding / generate check method
> __PACKAGE__->add_columns(
> 'password' => {
> data_type => 'CHAR',
> size => 22,
> encode_column => 1,
> encode_class => 'Digest',
> encode_args => {algorithm => 'MD5', format => 'base64'},
> digest_check_method => 'check_password',
> }
>
> #Eksblowfish bcrypt / cost of 8/ no key_nul / generate check method
> __PACKAGE__->add_columns(
> 'password' => {
> data_type => 'CHAR',
> size => 22,
> encode_column => 1,
> encode_class => 'Crypt::Eksblowfish::Bcrypt',
> encode_args => { key_nul => 0, cost => 8 },
> digest_check_method => 'check_password',
> }
>
>
> --Guillermo Roditi (groditi)
>
>
> On Jan 29, 2008 1:41 PM, Guillermo Roditi <groditi at gmail.com> wrote:
>> After last night's initial release of DigestOnSet a couple of
>> suggestions / issues came up:
>>
>> -- I forgot to add a 'salt' slot. (Doh!)
>> -- We really should make this more flexible, so we can use modules
>> outside of the Digest::* family
>> -- The name kind of sucks.
>>
>>
>> What I am looking for is ideas. If you keep digests in your database
>> let me know what could be easier and what could be more flexible.
>> -- What do you do and how do you do it?
>> -- How would you like to see a solution be implemented?
>> -- What would make development easier?
>> -- Are you interested in seeing 2-way ciphers be supported?
>> -- What are the essential ciphers that I should include support for
>> (besides the Digest::* family)
>>
>> Tentative name is "DBIx::Class::EncodedColumn"
>>
>>
>> Tentative API:
>>
>> name => 'password',
>> data_type => 'char',
>> size => 43,
>> encode_column => 1,
>> encode_class => (Digest|Crypt|SOmeThingElse),
>> encode_args =>
>> {
>> pre_salt => 'string',
>> post_salt => 'other string',
>> algorithm => 'SHA-256',
>> format => 'base64',
>> check_method => 'check_password',
>> }
>>
>>
>> -------------------------------------------------
>>
>> name => 'password',
>> data_type => 'char',
>> size => 43,
>> encode_column => 1,
>> encode_class => "Crypt::Eksblowfish::Bcrypt",
>> encode_args =>
>> {
>> #salt gets generated automatically for this one
>> cost => 8,
>> key_nul => 1,
>> check_method => 'check_password',
>> }
>>
>>
>>
>> --Guillermo Roditi
>>
>
> _______________________________________________
> List: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/dbix-class
> IRC: irc.perl.org#dbix-class
> SVN: http://dev.catalyst.perl.org/repos/bast/DBIx-Class/
> Searchable Archive: http://www.grokbase.com/group/dbix-class@lists.rawmode.org
More information about the DBIx-Class
mailing list