I want to store password hashes in a database. Hashes will be generated with
my $PBKDF2 = Crypt::PBKDF2->new(
hash_class => 'HMACSHA2',
hash_args => {
sha_size => 512,
},
iterations => 10000,
salt_len => 10,
);
In the Pod of Crypt::PBKDF2 I find:
The default size (in bytes, not bits) of the output hash. If a value isn't provided, the output size depends on the hash_class / hasher selected, and will equal the output size of the backend hash (e.g. 20 bytes for HMACSHA1).
But what actually IS the default output size?
32 bytes
You can find this information in the source code of Crypt::PBKDF2::Hash::HMACSHA2. The code defining the default size is:
has 'sha_size' => (
is => 'ro',
isa => Type::Tiny->new(
name => 'SHASize',
parent => Enum[qw( 224 256 384 512 )],
display_name => 'valid number of bits for SHA-2',
),
default => 256,
);
The function used to return the size divides sha_size by 8:
sub hash_len {
my $self = shift;
return $self->sha_size() / 8;
}
Thus returning 256/8 = 32 by default.