NAME

Crypt::OpenSSL::PBKDF2 - wrapper for PBKDF2 keys derivation function of the OpenSSL library

SYNOPSIS

use Crypt::OpenSSL::PBKDF2 qw( derive derive_bin );

# using SHA1 hashing
$key1 = Crypt::OpenSSL::PBKDF2::derive($pass, $salt, $salt_len, $iter, $key_len);
$key2 = Crypt::OpenSSL::PBKDF2::derive_bin($pass_bin, $pass_len, $salt, $salt_len, $iter, $key_len);

# using alternate hashing algorithms
$key3 = Crypt::OpenSSL::PBKDF2::derive($pass, $salt, $salt_len, $iter, $key_len, 'sha512');
$key4 = Crypt::OpenSSL::PBKDF2::derive_bin($pass_bin, $pass_len, $salt, $salt_len, $iter, $key_len, 'md5');
$key5 = Crypt::OpenSSL::PBKDF2::derive_bin($pass_bin, $pass_len, $salt, $salt_len, $iter, $key_len, 'shake256');

DESCRIPTION

Crypt::OpenSSL::PBKDF2 provides the ability to securely derive a key from a password using PBKDF2 function from OpenSSL library (very fast!). It requires the OpenSSL library is installed on the system.

EXPORT

None by default.

Static Methods

derive

This function returns a derived key that is supposed to be cryptographically strong. The binary output key will be generated from a textual password $pass using a salt block $salt (usually binary data) of length $salt_len; the algorithm perform the number of iterations specified by $iter (usually > 1000, better if > 4000). If the salt is empty (or undef) the salt length must be 0. The output is binary data with length (in bytes) specified by the $key_len parameter. The function will not ever attempt to auto-calculate the length of the salt because it is not assumed to be a NULL terminated value, so its length is always required. The hashing is performed using the default algorithm SHA1, but an alternate algortithm may be specified using the (optional) parameter alg; the allowed values are the textual names as defined in OpenSSL (a list may be obtained with the command: openssl dgst -list); so right now you may use:

'blake2b512', 'blake2s256', 'md4', 'md5', 'md5sha1', 'ripemd', 'ripemd160',
'rmd160', 'sha1', 'sha224', 'sha256', 'sha3224', 'sha3256', 'sha3384', 
'sha3512', 'sha384', 'sha512', 'sha512224', 'sha512256', 'shake128', 
'shake256', 'sm3', 'ssl3md5', 'ssl3sha1', 'whirlpool'

and any other algorithm that will be added to OpenSSL in the future. The derive function croaks if any error occurs.

derive_bin

This function is similar to derive, but accepts a binary password $pass_bin with a given length $pass_len. It's useful if you want to use an already hashed password (or other binary data) for password. If $pass_len is set to -1, then the password is assumed to be a string and length is automatically calculated; in this case only textual passwords are allowed (or they will be truncated on the first NUL occurrence). The derive_bin function croaks too if any error occurs.

SUPPORT

To get some help or report bugs you may try to contact the author.

AUTHOR

Riccardo Scussat <rscussat@dsplabs.net>

LICENSE

Crypt::OpenSSL::PBKDF2 is free software; you may redistribute it and/or modify it under the terms of GNU GPLv3 (or later version) or Artistic License.

The full text of the license can be found in the LICENSE file included with this module.

COPYRIGHT

To install Crypt::OpenSSL::PBKDF2, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Crypt::OpenSSL::PBKDF2

CPAN shell

perl -MCPAN -e shell
install Crypt::OpenSSL::PBKDF2

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)