This class provides an implementation of Grub’s PBKDF2-HMAC-SHA512 password hash , as generated by the grub-mkpasswd-pbkdf2 command, and may be found in Grub2 configuration files. PBKDF2 is a key derivation function  that is ideally suited as the basis for a password hash, as it provides variable length salts, variable number of rounds.
This class implements Grub’s pbkdf2-hmac-sha512 hash, and follows the Password Hash Interface.
It supports a variable-length salt, and a variable number of rounds.
A example hash (of password) is
grub.pbkdf2.sha512.10000.4483972AD2C52E1F590B3E2260795FDA9CA0B07B 96FF492814CA9775F08C4B59CD1707F10B269E09B61B1E2D11729BCA8D62B7827 B25B093EC58C4C1EAC23137.DF4FCB5DD91340D6D31E33423E4210AD47C7A4DF9 FA16F401663BF288C20BF973530866178FE6D134256E4DBEFBD984B652332EED3 ACAED834FEA7B73CAE851D
All of this scheme’s hashes have the format grub.pbkdf2.sha512.rounds.salt.checksum, where rounds is the number of iteration stored in decimal, salt is the salt string encoded using upper-case hexdecimal, and checksum is the resulting 64-byte derived key, also encoded in upper-case hexidecimal. It can be identified by the prefix grub.pdkdf2.sha512..
The algorithm used is the same as pbkdf2_sha1: the password is encoded into UTF-8 if not already encoded, and passed through pbkdf2() along with the decoded salt, and the number of rounds. The result is then encoded into hexidecimal.
|||Information about Grub’s password hashes - http://grub.enbug.org/Authentication.|
|||The specification for the PBKDF2 algorithm - http://tools.ietf.org/html/rfc2898#section-5.2.|