Function tindercrypt::pbkdf2::derive_key

pub fn derive_key(
    digest_algo: Algorithm, 
    iterations: usize, 
    salt: &[u8], 
    secret: &[u8], 
    key: &mut [u8]
) -> Result<(), Error>

Cryptographically create a symmetric key from a secret value.

Create a symmetric key from a secret value, based on various PBKDF2 parameters; an HMAC function, a salt and a number of iterations.

This method returns an error if the parameters are too weak, e.g., a SHA-1 digest function, zero number of iterations or no salt. Also, it returns an error if the user has not provided a buffer for the key or a secret value.

Examples

A safe method to derive a key with PBKDF2 is the following:

use tindercrypt::pbkdf2::derive_key;
use tindercrypt::rand::fill_buf;
use ring::pbkdf2;

let digest_algo = pbkdf2::PBKDF2_HMAC_SHA256;
let iterations = 100000;
let mut salt = [0u8; 32];
let secret = "My secret password".as_bytes();
let mut key = [0u8; 32];

fill_buf(&mut salt);
derive_key(digest_algo, iterations, &salt, &secret, &mut key);