crypto_api/pbkdf.rs
1use std::{ error::Error, ops::Range };
2
3
4/// Information about a PBKDF implementation
5#[derive(Debug, Eq, PartialEq, Clone)]
6pub struct PbkdfInfo {
7 /// The name
8 pub name: &'static str,
9
10 /// The supported output lengths
11 pub output_len_r: Range<usize>,
12 /// The supported password lengths
13 pub password_len_r: Range<usize>,
14 /// The supported password lengths
15 pub salt_len_r: Range<usize>,
16
17 /// The default CPU cost
18 pub cpu_cost: u64,
19 /// The supported CPU costs
20 pub cpu_cost_r: Range<usize>,
21
22 /// The default memory cost (is `0` if the PBKDF is not memory hard)
23 pub memory_cost: u64,
24 /// The supported memory costs (is `0..0` if the PBKDF is not memory hard)
25 pub memory_cost_r: Range<u64>,
26
27 /// The default parallelism (is `0` if the PBKDF does not support parallelism)
28 pub parallelism: u64,
29 /// The supported parallelism (is `0..0` if the PBKDF does not support parallelism)
30 pub parallelism_r: Range<u64>
31}
32
33
34/// A stateless (oneshot) PBKDF interface
35pub trait Pbkdf {
36 /// Returns information about the PBKDF
37 fn info(&self) -> PbkdfInfo;
38
39 /// Fills `buf` with key bytes derived from `password` parametrized by `cpu_cost`
40 fn derive(&self, buf: &mut[u8], password: &[u8], salt: &[u8], cpu_cost: u64)
41 -> Result<(), Box<dyn Error + 'static>>;
42}
43
44/// A stateless (oneshot) memory-hard PBKDF interface
45pub trait MemoryHardPbkdf: Pbkdf {
46 /// Fills `buf` with key bytes derived from `password` parametrized by `cpu_cost`
47 fn derive_memory_hard(&self, buf: &mut[u8], password: &[u8], salt: &[u8], cpu_cost: u64,
48 memory_cost: u64, parallelism: u64) -> Result<(), Box<dyn Error + 'static>>;
49}