source: project/wiki/eggref/4/pbkdf2

Last change on this file was 36687, checked in by off_world, 2 months ago
File size: 5.0 KB
Line 
1== PBKDF2
2
3[[toc:]]
4
5=== Description
6
7Password-Based Key Derivation Function as defined in [[https://tools.ietf.org/html/rfc2898#section-5.2|RFC2898]]
8
9Note that PBKDF2 is recommended for new applications while PBKDF1 is recommended only for backwards compatibility with existing applications since the keys it produces may not be large enough for some applications.
10
11=== Author
12
13Tobias Heilig
14
15<0x70b1 at web . de>
16
17=== Repository
18
19[[https://github.com/off-world/pbkdf2]]
20
21=== Requirements
22
23* [[/eggref/4/message-digest|message-digest]]
24* [[/eggref/4/hmac|hmac]]
25* [[/eggref/4/sha1|sha2]]
26* [[/eggref/4/sha2|sha1]]
27* [[/eggref/4/md5|md5]]
28* [[/eggref/4/md2|md2]]
29
30=== API
31
32==== Common Argument Definitions
33
34===== password
35password as a string
36
37===== salt
38salt as a string
39
40===== count
41iteration count as a positive exact integer
42
43===== dklen
44length in bytes of the derived key as a positive exact integer
45
46===== result-type
47; {{'blob}} : return resulting bytes as a blob
48; {{'hex}} : return resulting bytes as a string of lower-case hexadecimal digits
49; {{'string}} : return resulting bytes as a byte-string
50; {{'u8vector}} : return resulting bytes as a u8vector
51
52==== Procedures
53
54===== {{pbkdf1-md2}}
55<procedure>(pbkdf1-md2 password salt count dklen #!optional (result-type 'blob))</procedure>
56
57Derives a key of {{dklen}} bytes from the given {{password}} and {{salt}} using PBKDF1 with MD2. The maximum length of the derived key is bounded by the length of the hash function output which is 16 bytes for MD2.
58
59===== {{pbkdf1-md5}}
60<procedure>(pbkdf1-md5 password salt count dklen #!optional (result-type 'blob))</procedure>
61
62Derives a key of {{dklen}} bytes from the given {{password}} and {{salt}} using PBKDF1 with MD5. The maximum length of the derived key is bounded by the length of the hash function output which is 16 bytes for MD5.
63
64===== {{pbkdf1-sha1}}
65<procedure>(pbkdf1-sha1 password salt count dklen #!optional (result-type 'blob))</procedure>
66
67Derives a key of {{dklen}} bytes from the given {{password}} and {{salt}} using PBKDF1 with SHA1. The maximum length of the derived key is bounded by the length of the hash function output which is 20 bytes for SHA1.
68
69===== {{pbkdf2-hmac-sha1}}
70<procedure>(pbkdf2-hmac-sha1 password salt count dklen #!optional (result-type 'blob))</procedure>
71
72Derives a key of {{dklen}} bytes from the given {{password}} and {{salt}} using PBKDF2 with HMAC-SHA1. The maximum length of the derived key is 2^32 - 1.
73
74===== {{pbkdf2-hmac-sha256}}
75<procedure>(pbkdf2-hmac-sha256 password salt count dklen #!optional (result-type 'blob))</procedure>
76
77
78Derives a key of {{dklen}} bytes from the given {{password}} and {{salt}} using PBKDF2 with HMAC-SHA256. The maximum length of the derived key is 2^32 - 1.
79
80===== {{pbkdf2-hmac-sha384}}
81<procedure>(pbkdf2-hmac-sha384 password salt count dklen #!optional (result-type 'blob))</procedure>
82
83
84Derives a key of {{dklen}} bytes from the given {{password}} and {{salt}} using PBKDF2 with HMAC-SHA384. The maximum length of the derived key is 2^32 - 1.
85
86===== {{pbkdf2-hmac-sha512}}
87<procedure>(pbkdf2-hmac-sha512 password salt count dklen #!optional (result-type 'blob))</procedure>
88
89
90Derives a key of [[dklen]] bytes from the given [[password]] and [[salt]] using PBKDF2 with HMAC-SHA512. The maximum length of the derived key is 2^32 - 1.
91
92=== Examples
93
94<enscript highlight=scheme>
95(use pbkdf2)
96 
97(pbkdf2-hmac-sha1 "password" "salt" 4096 20)
98;=> #${4b007901b765489abead49d926f721d065a429c1}
99
100(pbkdf2-hmac-sha1 "password" "salt" 4096 20 'hex)
101;=> "4b007901b765489abead49d926f721d065a429c1"
102</enscript>
103
104=== License
105
106 Copyright (c) 2018, Tobias Heilig
107 All rights reserved.
108 
109 Redistribution and use in source and binary forms, with or without
110 modification, are permitted provided that the following conditions
111 are met:
112 
113 1. Redistributions of source code must retain the above copyright
114    notice, this list of conditions and the following disclaimer.
115 2. Redistributions in binary form must reproduce the above copyright
116    notice, this list of conditions and the following disclaimer in the
117    documentation and/or other materials provided with the distribution.
118 3. The name of the authors may not be used to endorse or promote products
119    derived from this software without specific prior written permission.
120 
121 THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS
122 OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
123 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
124 ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
125 DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
126 DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
127 GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
128 INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
129 IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
130 OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
131 IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
132
133=== Version History
134; 1.2 : added MD2 support for PBKDF1
135; 1.1 : added PBKDF1 implementation
136; 1.0 : initial release
Note: See TracBrowser for help on using the repository browser.