logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

PBKDF2::Tiny - Minimalist PBKDF2 (RFC 2898) with HMAC-SHA1 or HMAC-SHA2

Contents

Author

       David Golden <dagolden@cpan.org>

Description

       This module provides an RFC 2898 <https://tools.ietf.org/html/rfc2898> compliant PBKDF2 implementation
       using HMAC-SHA1 or HMAC-SHA2 in under 100 lines of code.  If you are using Perl 5.10 or later, it uses
       only core Perl modules.  If you are on an earlier version of Perl, you need Digest::SHA or
       Digest::SHA::PurePerl.

       All documented functions are optionally exported.  No functions are exported by default.

Functions

derive
           $dk = derive( $type, $password, $salt, $iterations, $dk_length )

       The "derive" function outputs a binary string with the derived key.  The first argument indicates the
       digest function to use.  It must be one of: SHA-1, SHA-224, SHA-256, SHA-384, or SHA-512.

       If a password or salt are not provided, they default to the empty string, so don't do that!  RFC 2898
       recommends <https://tools.ietf.org/html/rfc2898#section-4.1> a random salt of at least 8 octets.  If you
       need a cryptographically strong salt, consider Crypt::URandom.

       The password and salt should encoded as octet strings. If not (i.e. if Perl's internal 'UTF8' flag is
       on), then an exception will be thrown.

       The number of iterations defaults to 1000 if not provided.  If the derived key length is not provided, it
       defaults to the output size of the digest function.

   derive_hex
       Works just like "derive" but outputs a hex string.

   verify
           $bool = verify( $dk, $type, $password, $salt, $iterations, $dk_length );

       The "verify" function checks that a given derived key (in binary form) matches the password and other
       parameters provided using a constant-time comparison function.

       The first parameter is the derived key to check.  The remaining parameters are the same as for "derive".

   verify_hex
       Works just like "verify" but the derived key must be a hex string (without a leading "0x").

   digest_fcn
           ($fcn, $block_size, $digest_length) = digest_fcn('SHA-1');
           $digest = $fcn->($data);

       This function is used internally by PBKDF2::Tiny, but made available in case it's useful to someone.

       Given one of the valid digest types, it returns a function reference that digests a string of data. It
       also returns block size and digest length for that digest type.

   hmac
           $key = $digest_fcn->($key) if length($key) > $block_size;
           $hmac = hmac( $data, $key, $digest_fcn, $block_size );

       This function is used internally by PBKDF2::Tiny, but made available in case it's useful to someone.

       The first two arguments are the data and key inputs to the HMAC function.  Both should be encoded as
       octet strings, as underlying HMAC/digest functions may croak or may give unexpected results if Perl's
       internal UTF-8 flag is on.

       Note: if the key is longer than the digest block size, it must be preprocessed using the digesting
       function.

       The third and fourth arguments must be a digesting code reference (from "digest_fcn") and block size.

Name

       PBKDF2::Tiny - Minimalist PBKDF2 (RFC 2898) with HMAC-SHA1 or HMAC-SHA2

See Also

       •   Crypt::PBKDF2

       •   Digest::PBDKF2

Support

Bugs/FeatureRequests
       Please     report    any    bugs    or    feature    requests    through    the    issue    tracker    at
       <https://github.com/dagolden/PBKDF2-Tiny/issues>.  You will be notified automatically of any progress  on
       your issue.

   SourceCode
       This  is open source software.  The code repository is available for public review and contribution under
       the terms of the license.

       <https://github.com/dagolden/PBKDF2-Tiny>

         git clone https://github.com/dagolden/PBKDF2-Tiny.git

Synopsis

           use PBKDF2::Tiny qw/derive verify/;

           my $dk = derive( 'SHA-1', $pass, $salt, $iters );

           if ( verify( $dk, 'SHA-1', $pass, $salt, $iters ) ) {
               # password is correct
           }

Version

       version 0.005

See Also

Man Pages
Digest.S Man Pages
Man Pages
EVP_KDF Man Pages
Man Pages
hmac Man Pages
Function
Function PNG Icons
Salt
Salt PNG Icons
Installerpedia
webview/webview Installerpedia
Man Pages
derive Man Pages
Man Pages
size Man Pages
Man Pages
verify Man Pages
← View Library functions Category← Back to Cryptography🙏  Credits & Acknowledgments