Function tindercrypt::pbkdf2::derive_key [−][src]
pub fn derive_key(
digest_algo: Algorithm,
iterations: usize,
salt: &[u8],
secret: &[u8],
key: &mut [u8]
) -> Result<(), Error>
Expand description
Cryptographically create a symmetric key from a secret value.
Create a symmetric key from a secret value, based on various PBKDF2 parameters; an HMAC function, a salt and a number of iterations.
This method returns an error if the parameters are too weak, e.g., a SHA-1 digest function, zero number of iterations or no salt. Also, it returns an error if the user has not provided a buffer for the key or a secret value.
Examples
A safe method to derive a key with PBKDF2 is the following:
use tindercrypt::pbkdf2::derive_key; use tindercrypt::rand::fill_buf; use ring::pbkdf2; let digest_algo = pbkdf2::PBKDF2_HMAC_SHA256; let iterations = 100000; let mut salt = [0u8; 32]; let secret = "My secret password".as_bytes(); let mut key = [0u8; 32]; fill_buf(&mut salt); derive_key(digest_algo, iterations, &salt, &secret, &mut key);