Riccardo Scussat
and 1 contributors


Crypt::OpenSSL::PBKDF2 - wrapper for PBKDF2 keys derivation function of the OpenSSL library


  use Crypt::OpenSSL::PBKDF2;

  $key1 = Crypt::OpenSSL::PBKDF2::derive($pass, $salt, $salt_len, $iter, $key_len);
  $key2 = Crypt::OpenSSL::PBKDF2::derive_bin($pass_bin, $pass_len, $salt, $salt_len, $iter, $key_len);


Crypt::OpenSSL::PBKDF2 provides the ability to derive a key from a passphrase using OpenSSL library's PBKDF2 function


None by default.

Static Methods


This function returns a derived key that is supposed to be cryptographically strong. The key will be generated from a passphrase $pass, a salt block $salt (usually binary data) of a given length $salt_len, and a number of iterations $iter (usually > 1000, suggested 4096). If the salt is empty (null) the salt length must be 0. The output is a binary data string of requested length $out_len; the derive function croaks if any error occurs.


This function is like derive, but accepts a binary password $pass_bin of a given length $pass_len. It's useful if you want to use an already hashed password for password. If password length is set to -1, then the password is assumed to be a string (like derive) and length is automatically calculated; if used this way binary password are not allowed (or will be truncated on the first NUL occurrence).


To get some help or report bugs you should try the forum on the offical project site at


or you may try to contact the author.


Riccardo Scussat - OpenDiogene Project <rscussat@dsplabs.net>


Crypt::OpenSSL::PBKDF2 is free software; you may redistribute it and/or modify it under the terms of GNU GPLv2 (or later version) or Artistic License.

The full text of the license can be found in the LICENSE file included with this module.


Copyright 2009-2015 R.Scussat - OpenDiogene Project.