File Coverage

blib/lib/Crypt/KeyDerivation.pm

Criterion	Covered	Total	%
statement	12	12	100.0
branch			n/a
condition			n/a
subroutine	4	4	100.0
pod			n/a
total	16	16	100.0

line	stmt	sub	time	code
1				package Crypt::KeyDerivation;
2
3	2	2	78953	use strict;
	2		4
	2		56
4	2	2	10	use warnings;
	2		2
	2		253
5				our $VERSION = '0.088';
6
7				require Exporter; our @ISA = qw(Exporter); ### use Exporter 5.57 'import';
8				our %EXPORT_TAGS = ( all => [qw(pbkdf1 pbkdf1_openssl pbkdf2 hkdf hkdf_expand hkdf_extract bcrypt_pbkdf scrypt_pbkdf argon2_pbkdf)] );
9				our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
10				our @EXPORT = qw();
11
12	2	2	10	use Carp;
	2		2
	2		110
13				$Carp::Internal{(__PACKAGE__)}++;
14	2	2	314	use CryptX;
	2		3
	2		126
15
16				1;
17
18				=pod
19
20				=head1 NAME
21
22				Crypt::KeyDerivation - PBKDF1, PBKDF2, HKDF, Bcrypt, Scrypt, Argon2 key derivation functions
23
24				=head1 SYNOPSIS
25
26				use Crypt::KeyDerivation ':all';
27
28				### PBKDF1/2
29				$derived_key1 = pbkdf1($password, $salt, $iteration_count, $hash_name, $len);
30				$derived_key2 = pbkdf1_openssl($password, $salt, $iteration_count, $hash_name, $len);
31				$derived_key3 = pbkdf2($password, $salt, $iteration_count, $hash_name, $len);
32
33				### HKDF & co.
34				$derived_key4 = hkdf($keying_material, $salt, $hash_name, $len, $info);
35				$prk = hkdf_extract($keying_material, $salt, $hash_name);
36				$okm1 = hkdf_expand($prk, $hash_name, $len, $info);
37
38				### bcrypt / scrypt / argon2
39				$derived_key4 = bcrypt_pbkdf($password, $salt, $rounds, $hash_name, $len);
40				$derived_key5 = scrypt_pbkdf($password, $salt, $N, $r, $p, $len);
41				$derived_key6 = argon2_pbkdf($type, $password, $salt, $t_cost, $m_factor, $parallelism, $len, $secret, $ad);
42
43				=head1 DESCRIPTION
44
45				Provides an interface to key derivation functions:
46
47				=over
48
49				=item * PBKDF1 and PBKDF2 according to PKCS#5 v2.0 L
50
51				=item * HKDF (+ related) according to L
52
53				=item * Bcrypt-PBKDF as defined by the OpenBSD project
54
55				=item * Scrypt according to L
56
57				=item * Argon2 according to L
58
59				=back
60
61				While primarily designed for key derivation, the functions PBKDF2, Bcrypt, Scrypt and Argon2
62				are also widely used for password hashing. In that use case the derived key serves as the
63				stored password hash.
64
65				=head1 FUNCTIONS
66
67				=head2 pbkdf1
68
69				B if you are not sure, do not use C but rather choose C.
70
71				$derived_key = pbkdf1($password, $salt, $iteration_count, $hash_name, $len);
72				#or
73				$derived_key = pbkdf1($password, $salt, $iteration_count, $hash_name);
74				#or
75				$derived_key = pbkdf1($password, $salt, $iteration_count);
76				#or
77				$derived_key = pbkdf1($password, $salt);
78
79				# $password ......... input keying material (password)
80				# $salt ............. salt/nonce (expected length: 8)
81				# $iteration_count .. optional, DEFAULT: 5000
82				# $hash_name ........ optional, DEFAULT: 'SHA256'
83				# $len .............. optional, derived key len, DEFAULT: 32
84
85				=head2 pbkdf1_openssl
86
87				I
88
89				OpenSSL-compatible variant of PBKDF1 (implements C). Unlike strict
90				C, the output length is not limited to the hash size -- it can be arbitrarily
91				long by chaining hash blocks. OpenSSL defaults: C hash, C.
92
93				$derived_key = pbkdf1_openssl($password, $salt, $iteration_count, $hash_name, $len);
94				#or
95				$derived_key = pbkdf1_openssl($password, $salt, $iteration_count, $hash_name);
96				#or
97				$derived_key = pbkdf1_openssl($password, $salt, $iteration_count);
98				#or
99				$derived_key = pbkdf1_openssl($password, $salt);
100
101				# $password ......... input keying material (password)
102				# $salt ............. salt/nonce (expected length: 8)
103				# $iteration_count .. optional, DEFAULT: 5000
104				# $hash_name ........ optional, DEFAULT: 'SHA256'
105				# $len .............. optional, derived key len, DEFAULT: 32
106
107				=head2 pbkdf2
108
109				$derived_key = pbkdf2($password, $salt, $iteration_count, $hash_name, $len);
110				#or
111				$derived_key = pbkdf2($password, $salt, $iteration_count, $hash_name);
112				#or
113				$derived_key = pbkdf2($password, $salt, $iteration_count);
114				#or
115				$derived_key = pbkdf2($password, $salt);
116
117				# $password ......... input keying material (password)
118				# $salt ............. salt/nonce
119				# $iteration_count .. optional, DEFAULT: 5000
120				# $hash_name ........ optional, DEFAULT: 'SHA256'
121				# $len .............. optional, derived key len, DEFAULT: 32
122
123				=head2 hkdf
124
125				$okm2 = hkdf($password, $salt, $hash_name, $len, $info);
126				#or
127				$okm2 = hkdf($password, $salt, $hash_name, $len);
128				#or
129				$okm2 = hkdf($password, $salt, $hash_name);
130				#or
131				$okm2 = hkdf($password, $salt);
132
133				# $password ... input keying material (password)
134				# $salt ....... salt/nonce, if undef defaults to HashLen zero octets
135				# $hash_name .. optional, DEFAULT: 'SHA256'
136				# $len ........ optional, derived key len, DEFAULT: 32
137				# $info ....... optional context and application specific information, DEFAULT: ''
138
139				=head2 hkdf_extract
140
141				$prk = hkdf_extract($password, $salt, $hash_name);
142				#or
143				$prk = hkdf_extract($password, $salt, $hash_name);
144
145				# $password ... input keying material (password)
146				# $salt ....... salt/nonce, if undef defaults to HashLen zero octets
147				# $hash_name .. optional, DEFAULT: 'SHA256'
148
149
150				=head2 hkdf_expand
151
152				$okm = hkdf_expand($pseudokey, $hash_name, $len, $info);
153				#or
154				$okm = hkdf_expand($pseudokey, $hash_name, $len);
155				#or
156				$okm = hkdf_expand($pseudokey, $hash_name);
157				#or
158				$okm = hkdf_expand($pseudokey);
159
160				# $pseudokey .. input keying material
161				# $hash_name .. optional, DEFAULT: 'SHA256'
162				# $len ........ optional, derived key len, DEFAULT: 32
163				# $info ....... optional context and application specific information, DEFAULT: ''
164
165				=head2 bcrypt_pbkdf
166
167				bcrypt-based key derivation as defined by the OpenBSD project.
168
169				I
170
171
172				$derived_key = bcrypt_pbkdf($password, $salt, $rounds, $hash_name, $len);
173				#or
174				$derived_key = bcrypt_pbkdf($password, $salt, $rounds, $hash_name);
175				#or
176				$derived_key = bcrypt_pbkdf($password, $salt, $rounds);
177				#or
178				$derived_key = bcrypt_pbkdf($password, $salt);
179
180				# $password ... input keying material (password)
181				# $salt ....... salt/nonce
182				# $rounds ..... optional, number of rounds, DEFAULT: 16
183				# $hash_name .. optional, DEFAULT: 'SHA512'
184				# $len ........ optional, derived key len, DEFAULT: 32
185
186				=head2 scrypt_pbkdf
187
188				scrypt key derivation according to L.
189
190				I
191
192
193				$derived_key = scrypt_pbkdf($password, $salt, $N, $r, $p, $len);
194				#or
195				$derived_key = scrypt_pbkdf($password, $salt, $N, $r, $p);
196				#or
197				$derived_key = scrypt_pbkdf($password, $salt, $N);
198				#or
199				$derived_key = scrypt_pbkdf($password, $salt);
200
201				# $password ... input keying material (password)
202				# $salt ....... salt/nonce
203				# $N .......... optional, CPU/memory cost parameter (power of 2), DEFAULT: 1024
204				# $r .......... optional, block size, DEFAULT: 8
205				# $p .......... optional, parallelization parameter, DEFAULT: 1
206				# $len ........ optional, derived key len, DEFAULT: 32
207
208				=head2 argon2_pbkdf
209
210				Argon2 key derivation according to L.
211
212				I
213
214
215				$derived_key = argon2_pbkdf($type, $password, $salt, $t_cost, $m_factor, $parallelism, $len, $secret, $ad);
216				#or
217				$derived_key = argon2_pbkdf($type, $password, $salt, $t_cost, $m_factor, $parallelism, $len);
218				#or
219				$derived_key = argon2_pbkdf($type, $password, $salt, $t_cost, $m_factor, $parallelism);
220				#or
221				$derived_key = argon2_pbkdf($type, $password, $salt);
222
223				# $type ... one of 'argon2d', 'argon2i', 'argon2id'
224				# $password ... input keying material (password)
225				# $salt ... salt/nonce
226				# $t_cost ... optional, time cost (number of iterations), DEFAULT: 3
227				# $m_factor ... optional, memory cost in kibibytes, DEFAULT: 65536
228				# $parallelism ... optional, degree of parallelism, DEFAULT: 1
229				# $len ... optional, derived key len, DEFAULT: 32
230				# $secret ... optional, secret value, DEFAULT: ''
231				# $ad ... optional, associated data, DEFAULT: ''
232
233				=cut