.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.43) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] \fP .\} .if t \{\ . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff .if n \{\ . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} .if t \{\ . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' .ds 8 \h'\*(#H'\(*b\h'-\*(#H' .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] .ds ae a\h'-(\w'a'u*4/10)'e .ds Ae A\h'-(\w'A'u*4/10)'E . \" corrections for vroff .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' . \" for low resolution devices (crt and lpr) .if \n(.H>23 .if \n(.V>19 \ \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} .rm #[ #] #H #V #F C .\" ======================================================================== .\" .IX Title "Crypt::Argon2 3pm" .TH Crypt::Argon2 3pm "2023-02-11" "perl v5.36.0" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" Crypt::Argon2 \- Perl interface to the Argon2 key derivation functions .SH "VERSION" .IX Header "VERSION" version 0.013 .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 1 \& use Crypt::Argon2 qw/argon2id_pass argon2id_verify/; \& \& sub add_pass { \& my ($user, $password) = @_; \& my $salt = get_random(16); \& my $encoded = argon2id_pass($password, $salt, 3, \*(Aq32M\*(Aq, 1, 16); \& store_password($user, $encoded); \& } \& \& sub check_password { \& my ($user, $password) = @_; \& my $encoded = fetch_encoded($user); \& return argon2id_verify($encoded, $password); \& } .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" This module implements the Argon2 key derivation function, which is suitable to convert any password into a cryptographic key. This is most often used to for secure storage of passwords but can also be used to derive a encryption key from a password. It offers variable time and memory costs as well as output size. .PP To find appropriate parameters, the bundled program \f(CW\*(C`argon2\-calibrate\*(C'\fR can be used. .SH "FUNCTIONS" .IX Header "FUNCTIONS" .ie n .SS "argon2id_pass($password, $salt, $t_cost, $m_factor, $parallelism, $tag_size)" .el .SS "argon2id_pass($password, \f(CW$salt\fP, \f(CW$t_cost\fP, \f(CW$m_factor\fP, \f(CW$parallelism\fP, \f(CW$tag_size\fP)" .IX Subsection "argon2id_pass($password, $salt, $t_cost, $m_factor, $parallelism, $tag_size)" This function processes the \f(CW$password\fR with the given \f(CW$salt\fR and parameters. It encodes the resulting tag and the parameters as a password string (e.g. \f(CW\*(C`$argon2id$v=19$m=65536,t=2,p=1$c29tZXNhbHQ$wWKIMhR9lyDFvRz9YTZweHKfbftvj+qf+YFY4NeBbtA\*(C'\fR). .IP "\(bu" 4 \&\f(CW$password\fR .Sp This is the password that is to be turned into a cryptographic key. .IP "\(bu" 4 \&\f(CW$salt\fR .Sp This is the salt that is used. It must be long enough to be unique. .IP "\(bu" 4 \&\f(CW$t_cost\fR .Sp This is the time-cost factor, typically a small integer that can be derived as explained above. .IP "\(bu" 4 \&\f(CW$m_factor\fR .Sp This is the memory costs factor. This must be given as a integer followed by an order of magnitude (\f(CW\*(C`k\*(C'\fR, \f(CW\*(C`M\*(C'\fR or \f(CW\*(C`G\*(C'\fR for kilobytes, megabytes or gigabytes respectively), e.g. \f(CW\*(Aq64M\*(Aq\fR. .IP "\(bu" 4 \&\f(CW$parallelism\fR .Sp This is the number of threads that are used in computing it. .IP "\(bu" 4 \&\f(CW$tag_size\fR .Sp This is the size of the raw result in bytes. Typical values are 16 or 32. .ie n .SS "argon2id_verify($encoded, $password)" .el .SS "argon2id_verify($encoded, \f(CW$password\fP)" .IX Subsection "argon2id_verify($encoded, $password)" This verifies that the \f(CW$password\fR matches \f(CW$encoded\fR. All parameters and the tag value are extracted from \f(CW$encoded\fR, so no further arguments are necessary. .ie n .SS "argon2id_raw($password, $salt, $t_cost, $m_factor, $parallelism, $tag_size)" .el .SS "argon2id_raw($password, \f(CW$salt\fP, \f(CW$t_cost\fP, \f(CW$m_factor\fP, \f(CW$parallelism\fP, \f(CW$tag_size\fP)" .IX Subsection "argon2id_raw($password, $salt, $t_cost, $m_factor, $parallelism, $tag_size)" This function processes the \f(CW$password\fR with the given \f(CW$salt\fR and parameters much like \f(CW\*(C`argon2i_pass\*(C'\fR, but returns the binary tag instead of a formatted string. .ie n .SS "argon2i_pass($password, $salt, $t_cost, $m_factor, $parallelism, $tag_size)" .el .SS "argon2i_pass($password, \f(CW$salt\fP, \f(CW$t_cost\fP, \f(CW$m_factor\fP, \f(CW$parallelism\fP, \f(CW$tag_size\fP)" .IX Subsection "argon2i_pass($password, $salt, $t_cost, $m_factor, $parallelism, $tag_size)" This function processes the \f(CW$password\fR with the given \f(CW$salt\fR and parameters much like argon2id_pass, but uses the argon2i variant instead. .ie n .SS "argon2i_verify($encoded, $password)" .el .SS "argon2i_verify($encoded, \f(CW$password\fP)" .IX Subsection "argon2i_verify($encoded, $password)" This verifies that the \f(CW$password\fR matches \f(CW$encoded\fR. All parameters and the tag value are extracted from \f(CW$encoded\fR, so no further arguments are necessary. .ie n .SS "argon2i_raw($password, $salt, $t_cost, $m_factor, $parallelism, $tag_size)" .el .SS "argon2i_raw($password, \f(CW$salt\fP, \f(CW$t_cost\fP, \f(CW$m_factor\fP, \f(CW$parallelism\fP, \f(CW$tag_size\fP)" .IX Subsection "argon2i_raw($password, $salt, $t_cost, $m_factor, $parallelism, $tag_size)" This function processes the \f(CW$password\fR with the given \f(CW$salt\fR and parameters much like \f(CW\*(C`argon2i_pass\*(C'\fR, but returns the binary tag instead of a formatted string. .ie n .SS "argon2d_pass($password, $salt, $t_cost, $m_factor, $parallelism, $tag_size)" .el .SS "argon2d_pass($password, \f(CW$salt\fP, \f(CW$t_cost\fP, \f(CW$m_factor\fP, \f(CW$parallelism\fP, \f(CW$tag_size\fP)" .IX Subsection "argon2d_pass($password, $salt, $t_cost, $m_factor, $parallelism, $tag_size)" This function processes the \f(CW$password\fR with the given \f(CW$salt\fR and parameters much like argon2id_pass, but uses the argon2d variant instead. .ie n .SS "argon2d_verify($encoded, $password" .el .SS "argon2d_verify($encoded, \f(CW$password\fP" .IX Subsection "argon2d_verify($encoded, $password" This verifies that the \f(CW$password\fR matches \f(CW$encoded\fR. All parameters and the tag value are extracted from \f(CW$encoded\fR, so no further arguments are necessary. .ie n .SS "argon2d_raw($password, $salt, $t_cost, $m_factor, $parallelism, $tag_size)" .el .SS "argon2d_raw($password, \f(CW$salt\fP, \f(CW$t_cost\fP, \f(CW$m_factor\fP, \f(CW$parallelism\fP, \f(CW$tag_size\fP)" .IX Subsection "argon2d_raw($password, $salt, $t_cost, $m_factor, $parallelism, $tag_size)" This function processes the \f(CW$password\fR with the given \f(CW$salt\fR and parameters much like \f(CW\*(C`argon2i_pass\*(C'\fR, but returns a binary tag for argon2d instead of a formatted string for argon2i. .ie n .SS "argon2_needs_rehash($encoded, $type, $t_cost, $m_cost, $parallelism, $salt_length, $output_length)" .el .SS "argon2_needs_rehash($encoded, \f(CW$type\fP, \f(CW$t_cost\fP, \f(CW$m_cost\fP, \f(CW$parallelism\fP, \f(CW$salt_length\fP, \f(CW$output_length\fP)" .IX Subsection "argon2_needs_rehash($encoded, $type, $t_cost, $m_cost, $parallelism, $salt_length, $output_length)" This function checks if a password-encoded string needs a rehash. It will return true if the \f(CW$type\fR (valid values are \f(CW\*(C`argon2i\*(C'\fR, \f(CW\*(C`argon2id\*(C'\fR or \f(CW\*(C`argon2d\*(C'\fR), \f(CW$t_cost\fR, \f(CW$m_cost\fR, \f(CW$parallelism\fR, \f(CW$salt_length\fR or \f(CW$output_length\fR arguments mismatches or any of the parameters of the password-encoded hash. .SS "\s-1ACKNOWLEDGEMENTS\s0" .IX Subsection "ACKNOWLEDGEMENTS" This module is based on the reference implementation as can be found at . .SS "\s-1SEE ALSO\s0" .IX Subsection "SEE ALSO" You will also need a good source of randomness to generate good salts. Some possible solutions include: .IP "\(bu" 4 Net::SSLeay .Sp Its RAND_bytes function is OpenSSL's pseudo-randomness source. .IP "\(bu" 4 Crypt::URandom .Sp A minimalistic abstraction around OS-provided non-blocking (pseudo\-)randomness. .IP "\(bu" 4 \&\f(CW\*(C`/dev/random\*(C'\fR / \f(CW\*(C`/dev/urandom\*(C'\fR .Sp A Linux/BSD specific pseudo-file that will allow you to read random bytes. .PP Implementations of other similar algorithms include: .IP "\(bu" 4 Crypt::Bcrypt .Sp An implementation of bcrypt, a battle-tested algorithm that tries to be \s-1CPU\s0 but not particularly memory intensive. .IP "\(bu" 4 Crypt::ScryptKDF .Sp An implementation of scrypt, a older scheme that also tries to be memory hard. .SH "AUTHOR" .IX Header "AUTHOR" Leon Timmermans .SH "COPYRIGHT AND LICENSE" .IX Header "COPYRIGHT AND LICENSE" Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, Samuel Neves, Thomas Pornin and Leon Timmermans has dedicated the work to the Commons by waiving all of his or her rights to the work worldwide under copyright law and all related or neighboring legal rights he or she had in the work, to the extent allowable by law. .PP Works under \s-1CC0\s0 do not require attribution. When citing the work, you should not imply endorsement by the author.