GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  PBKDF2::TINY (3)

.ds Aq ’

NAME

PBKDF2::Tiny - Minimalist PBKDF2 (RFC 2898) with HMAC-SHA1 or HMAC-SHA2

CONTENTS

VERSION

version 0.005

SYNOPSIS



    use PBKDF2::Tiny qw/derive verify/;

    my $dk = derive( SHA-1, $pass, $salt, $iters );

    if ( verify( $dk, SHA-1, $pass, $salt, $iters ) ) {
        # password is correct
    }



DESCRIPTION

This module provides an RFC 2898 <https://tools.ietf.org/html/rfc2898> compliant PBKDF2 implementation using HMAC-SHA1 or HMAC-SHA2 in under 100 lines of code. If you are using Perl 5.10 or later, it uses only core Perl modules. If you are on an earlier version of Perl, you need Digest::SHA or Digest::SHA::PurePerl.

All documented functions are optionally exported. No functions are exported by default.

FUNCTIONS

    derive



    $dk = derive( $type, $password, $salt, $iterations, $dk_length )



The derive function outputs a binary string with the derived key. The first argument indicates the digest function to use. It must be one of: SHA-1, SHA-224, SHA-256, SHA-384, or SHA-512.

If a password or salt are not provided, they default to the empty string, so don’t do that! RFC 2898 recommends <https://tools.ietf.org/html/rfc2898#section-4.1> a random salt of at least 8 octets. If you need a cryptographically strong salt, consider Crypt::URandom.

The password and salt should encoded as octet strings. If not (i.e. if Perl’s internal ’UTF8’ flag is on), then an exception will be thrown.

The number of iterations defaults to 1000 if not provided. If the derived key length is not provided, it defaults to the output size of the digest function.

    derive_hex

Works just like derive but outputs a hex string.

    verify



    $bool = verify( $dk, $type, $password, $salt, $iterations, $dk_length );



The verify function checks that a given derived key (in binary form) matches the password and other parameters provided using a constant-time comparison function.

The first parameter is the derived key to check. The remaining parameters are the same as for derive.

    verify_hex

Works just like verify but the derived key must be a hex string (without a leading 0x).

    digest_fcn



    ($fcn, $block_size, $digest_length) = digest_fcn(SHA-1);
    $digest = $fcn->($data);



This function is used internally by PBKDF2::Tiny, but made available in case it’s useful to someone.

Given one of the valid digest types, it returns a function reference that digests a string of data. It also returns block size and digest length for that digest type.

    hmac



    $key = $digest_fcn->($key) if length($key) > $block_size;
    $hmac = hmac( $data, $key, $digest_fcn, $block_size );



This function is used internally by PBKDF2::Tiny, but made available in case it’s useful to someone.

The first two arguments are the data and key inputs to the HMAC function. Both should be encoded as octet strings, as underlying HMAC/digest functions may croak or may give unexpected results if Perl’s internal UTF-8 flag is on.

<B>NoteB>: if the key is longer than the digest block size, it must be preprocessed using the digesting function.

The third and fourth arguments must be a digesting code reference (from digest_fcn) and block size.

SEE ALSO

o Crypt::PBKDF2
o Digest::PBDKF2

SUPPORT

    Bugs / Feature Requests

Please report any bugs or feature requests through the issue tracker at <https://github.com/dagolden/PBKDF2-Tiny/issues>. You will be notified automatically of any progress on your issue.

    Source Code

This is open source software. The code repository is available for public review and contribution under the terms of the license.

<https://github.com/dagolden/PBKDF2-Tiny>



  git clone https://github.com/dagolden/PBKDF2-Tiny.git



AUTHOR

David Golden <dagolden@cpan.org>

COPYRIGHT AND LICENSE

This software is Copyright (c) 2014 by David Golden.

This is free software, licensed under:



  The Apache License, Version 2.0, January 2004



Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 PBKDF2::TINY (3) 2014-11-20

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.