Struct orion::pbkdf2::Pbkdf2
[−]
[src]
pub struct Pbkdf2 {
pub password: Vec<u8>,
pub salt: Vec<u8>,
pub iterations: usize,
pub length: usize,
pub hmac: ShaVariantOption,
}PBKDF2 (Password-Based Key Derivation Function 2) as specified in the RFC 8018.
Fields
password: Vec<u8>
salt: Vec<u8>
iterations: usize
length: usize
hmac: ShaVariantOption
Methods
impl Pbkdf2[src]
PBKDF2 (Password-Based Key Derivation Function 2) as specified in the RFC 8018.
Exceptions:
An exception will be thrown if:
- The specified length is less than 1
- The specified length is greater than (2^32 - 1) * hLen
- The specified iteration count is less than 1
Usage examples:
Generating derived key:
use orion::pbkdf2::Pbkdf2; use orion::util::gen_rand_key; use orion::options::ShaVariantOption; let password = gen_rand_key(16).unwrap(); let salt = gen_rand_key(16).unwrap(); let dk = Pbkdf2 { password: password, salt: salt, iterations: 10000, length: 64, hmac: ShaVariantOption::SHA512 }; dk.pbkdf2_compute().unwrap();
Verifying derived key:
use orion::pbkdf2::Pbkdf2; use orion::util::gen_rand_key; use orion::options::ShaVariantOption; let password = gen_rand_key(16).unwrap(); let salt = gen_rand_key(16).unwrap(); let dk = Pbkdf2 { password: password, salt: salt, iterations: 10000, length: 64, hmac: ShaVariantOption::SHA512 }; let derived_key = dk.pbkdf2_compute().unwrap(); assert_eq!(dk.pbkdf2_compare(&derived_key).unwrap(), true);
pub fn function_f(&self, index: u32, ipad: &[u8], opad: &[u8]) -> Vec<u8>[src]
Function F as described in the RFC.
pub fn pbkdf2_compute(&self) -> Result<Vec<u8>, UnknownCryptoError>[src]
PBKDF2 function. Return a derived key.
pub fn pbkdf2_compare(
&self,
received_dk: &[u8]
) -> Result<bool, UnknownCryptoError>[src]
&self,
received_dk: &[u8]
) -> Result<bool, UnknownCryptoError>
Check derived key validity by computing one from the current struct fields and comparing this to the passed derived key. Comparison is done in constant time.