]>
Commit | Line | Data |
---|---|---|
6bcc4475 MC |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
b5450d63 | 5 | PKCS5_PBKDF2_HMAC, PKCS5_PBKDF2_HMAC_SHA1 - password based derivation routines with salt and iteration count |
6bcc4475 MC |
6 | |
7 | =head1 SYNOPSIS | |
8 | ||
9 | #include <openssl/evp.h> | |
10 | ||
11 | int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, | |
12 | const unsigned char *salt, int saltlen, int iter, | |
13 | const EVP_MD *digest, | |
14 | int keylen, unsigned char *out); | |
15 | ||
e9b77246 BB |
16 | int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, |
17 | const unsigned char *salt, int saltlen, int iter, | |
18 | int keylen, unsigned char *out); | |
b5450d63 | 19 | |
6bcc4475 MC |
20 | =head1 DESCRIPTION |
21 | ||
22 | PKCS5_PBKDF2_HMAC() derives a key from a password using a salt and iteration count | |
23 | as specified in RFC 2898. | |
24 | ||
25 | B<pass> is the password used in the derivation of length B<passlen>. B<pass> | |
26 | is an optional parameter and can be NULL. If B<passlen> is -1, then the | |
27 | function will calculate the length of B<pass> using strlen(). | |
28 | ||
29 | B<salt> is the salt used in the derivation of length B<saltlen>. If the | |
30 | B<salt> is NULL, then B<saltlen> must be 0. The function will not | |
b5450d63 | 31 | attempt to calculate the length of the B<salt> because it is not assumed to |
6bcc4475 MC |
32 | be NULL terminated. |
33 | ||
1bc74519 | 34 | B<iter> is the iteration count and its value should be greater than or |
6bcc4475 MC |
35 | equal to 1. RFC 2898 suggests an iteration count of at least 1000. Any |
36 | B<iter> less than 1 is treated as a single iteration. | |
37 | ||
b5450d63 | 38 | B<digest> is the message digest function used in the derivation. Values include |
6bcc4475 MC |
39 | any of the EVP_* message digests. PKCS5_PBKDF2_HMAC_SHA1() calls |
40 | PKCS5_PBKDF2_HMAC() with EVP_sha1(). | |
41 | ||
42 | The derived key will be written to B<out>. The size of the B<out> buffer | |
43 | is specified via B<keylen>. | |
44 | ||
45 | =head1 NOTES | |
46 | ||
47 | A typical application of this function is to derive keying material for an | |
48 | encryption algorithm from a password in the B<pass>, a salt in B<salt>, | |
49 | and an iteration count. | |
50 | ||
51 | Increasing the B<iter> parameter slows down the algorithm which makes it | |
186bb907 | 52 | harder for an attacker to perform a brute force attack using a large number |
6bcc4475 MC |
53 | of candidate passwords. |
54 | ||
84814344 RL |
55 | These functions make no assumption regarding the given password. |
56 | It will simply be treated as a byte sequence. | |
57 | ||
6bcc4475 MC |
58 | =head1 RETURN VALUES |
59 | ||
b5450d63 | 60 | PKCS5_PBKDF2_HMAC() and PBKCS5_PBKDF2_HMAC_SHA1() return 1 on success or 0 on error. |
6bcc4475 MC |
61 | |
62 | =head1 SEE ALSO | |
63 | ||
b97fdb57 | 64 | L<evp(7)>, L<RAND_bytes(3)>, |
84814344 RL |
65 | L<EVP_BytesToKey(3)>, |
66 | L<passphrase-encoding(7)> | |
6bcc4475 | 67 | |
e2f92610 RS |
68 | =head1 COPYRIGHT |
69 | ||
83cf7abf | 70 | Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 71 | |
4746f25a | 72 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
73 | this file except in compliance with the License. You can obtain a copy |
74 | in the file LICENSE in the source distribution or at | |
75 | L<https://www.openssl.org/source/license.html>. | |
76 | ||
77 | =cut |