Authen::Passphrase::NetscapeMail(3) passphrases using Netscape Mail


use Authen::Passphrase::NetscapeMail;
$ppr = Authen::Passphrase::NetscapeMail->new(
salt => "8fd9d0a03491ce8f99cfbc9ab39f0dd5",
hash_hex => "983757d7b519e86d9b5d472aca4eea3a");
$ppr = Authen::Passphrase::NetscapeMail->new(
salt_random => 1,
passphrase => "passphrase");
$ppr = Authen::Passphrase::NetscapeMail->from_rfc2307(
$salt = $ppr->salt;
$hash = $ppr->hash;
$hash_hex = $ppr->hash_hex;
if($ppr->match($passphrase)) { ...
$userPassword = $ppr->as_rfc2307;


An object of this class encapsulates a passphrase hashed using the algorithm used by Netscape Mail Server. This is a subclass of Authen::Passphrase, and this document assumes that the reader is familiar with the documentation for that class.

The Netscape Mail Server scheme is based on the MD5 digest algorithm. The passphrase and a salt are concatenated, along with some fixed bytes, and this record is hashed through MD5. The output of MD5 is the password hash.

This algorithm is deprecated, and is supported for compatibility only. Prefer the mechanism of Authen::Passphrase::SaltedDigest.


Authen::Passphrase::NetscapeMail->new(ATTR => VALUE, ...)
Generates a new passphrase recogniser object using the Netscape Mail Server algorithm. The following attributes may be given:
The salt, as a raw 32-byte string. It may be any 32-byte string, but it is conventionally limited to lowercase hexadecimal digits.
Causes salt to be generated randomly. The value given for this attribute is ignored. The salt will be a string of 32 lowercase hexadecimal digits. The source of randomness may be controlled by the facility described in Data::Entropy.
The hash, as a string of 16 bytes.
The hash, as a string of 32 hexadecimal digits.
A passphrase that will be accepted.

The salt must be given, and either the hash or the passphrase.

Generates a new Netscape Mail Server passphrase recogniser object from an RFC 2307 string. The string must consist of "{NS-MTA-MD5}" (case insensitive) followed by the hash in case-insensitive hexadecimal and then the salt. The salt must be exactly 32 characters long, and cannot contain any character that cannot appear in an RFC 2307 string.


Returns the salt value, as a string of 32 bytes.
Returns the hash value, as a string of 16 bytes.
Returns the hash value, as a string of 32 hexadecimal digits.
These methods are part of the standard Authen::Passphrase interface.


Andrew Main (Zefram) <[email protected]>


Copyright (C) 2006, 2007, 2009, 2010, 2012 Andrew Main (Zefram) <[email protected]>


This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.