[−][src]Module orion::hazardous::kdf::pbkdf2

PBKDF2-HMAC-SHA512 (Password-Based Key Derivation Function 2) as specified in the RFC 8018.

Parameters:

password: Password.
salt: Salt value.
iterations: Iteration count.
dst_out: Destination buffer for the derived key. The length of the derived key is implied by the length of dst_out.
expected: The expected derived key.

Errors:

An error will be returned if:

The length of dst_out is less than 1.
The specified iteration count is less than 1.
The hashed password does not match the expected when verifying.

Panics:

A panic will occur if:

The length of dst_out is greater than (2^32 - 1) * 64.

Security:

Use Password::generate() to randomly generate a password of 128 bytes.
Salts should always be generated using a CSPRNG. util::secure_rand_bytes() can be used for this.
The recommended length for a salt is 64 bytes.
The iteration count should be set as high as feasible. The recommended minimum is 100000.

Example:

use orion::{hazardous::kdf::pbkdf2, util};

let mut salt = [0u8; 64];
util::secure_rand_bytes(&mut salt)?;
let password = pbkdf2::Password::from_slice("Secret password".as_bytes())?;
let mut dst_out = [0u8; 64];

pbkdf2::derive_key(&password, &salt, 10000, &mut dst_out)?;

let expected_dk = dst_out;

assert!(pbkdf2::verify(&expected_dk, &password, &salt, 10000, &mut dst_out).is_ok());

Structs

Password

A type to represent the Password that PBKDF2 hashes.

Functions

derive_key	PBKDF2-SHA512 (Password-Based Key Derivation Function 2) as specified in the RFC 8018.
verify	Verify PBKDF2-HMAC-SHA512 derived key in constant time.