Rather than try to work directly with /etc/shadow have you considered using Perl to interface with PAM (pluggable authentication module for Linux)? There are several modules available on CPAN: PAM.

By going to etc/shadow directly you are bypassing whatever additional checks and validations or security alternatives have been configured for your system's users via PAM.