|
Packit |
c4476c |
=pod
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 NAME
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
EVP_KDF_PBKDF2 - The PBKDF2 EVP_KDF implementation
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 DESCRIPTION
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
Support for computing the B<PBKDF2> password-based KDF through the B<EVP_KDF>
|
|
Packit |
c4476c |
API.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
The EVP_KDF_PBKDF2 algorithm implements the PBKDF2 password-based key
|
|
Packit |
c4476c |
derivation function, as described in RFC 2898; it derives a key from a password
|
|
Packit |
c4476c |
using a salt and iteration count.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head2 Numeric identity
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
B<EVP_KDF_PBKDF2> is the numeric identity for this implementation; it
|
|
Packit |
c4476c |
can be used with the EVP_KDF_CTX_new_id() function.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head2 Supported controls
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
The supported controls are:
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=over 4
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=item B<EVP_KDF_CTRL_SET_PASS>
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=item B<EVP_KDF_CTRL_SET_SALT>
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=item B<EVP_KDF_CTRL_SET_ITER>
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=item B<EVP_KDF_CTRL_SET_MD>
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
These controls work as described in L<EVP_KDF_CTX(3)/CONTROLS>.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
B<iter> is the iteration count and its value should be greater than or equal to
|
|
Packit |
c4476c |
1. RFC 2898 suggests an iteration count of at least 1000. The default value is
|
|
Packit |
c4476c |
2048. Any B<iter> less than 1 is treated as a single iteration.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=back
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 NOTES
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
A typical application of this algorithm is to derive keying material for an
|
|
Packit |
c4476c |
encryption algorithm from a password in the B<pass>, a salt in B<salt>,
|
|
Packit |
c4476c |
and an iteration count.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
Increasing the B<iter> parameter slows down the algorithm which makes it
|
|
Packit |
c4476c |
harder for an attacker to perform a brute force attack using a large number
|
|
Packit |
c4476c |
of candidate passwords.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
No assumption is made regarding the given password; it is simply treated as a
|
|
Packit |
c4476c |
byte sequence.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 CONFORMING TO
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
RFC 2898
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 SEE ALSO
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
L<EVP_KDF_CTX>,
|
|
Packit |
c4476c |
L<EVP_KDF_CTX_new_id(3)>,
|
|
Packit |
c4476c |
L<EVP_KDF_CTX_free(3)>,
|
|
Packit |
c4476c |
L<EVP_KDF_ctrl(3)>,
|
|
Packit |
c4476c |
L<EVP_KDF_derive(3)>,
|
|
Packit |
c4476c |
L<EVP_KDF_CTX(3)/CONTROLS>
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 COPYRIGHT
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
Packit |
c4476c |
this file except in compliance with the License. You can obtain a copy
|
|
Packit |
c4476c |
in the file LICENSE in the source distribution or at
|
|
Packit |
c4476c |
L<https://www.openssl.org/source/license.html>.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=cut
|