diff options
Diffstat (limited to 'lib/libcrypto/doc/PKCS5_PBKDF2_HMAC.pod')
-rw-r--r-- | lib/libcrypto/doc/PKCS5_PBKDF2_HMAC.pod | 64 |
1 files changed, 0 insertions, 64 deletions
diff --git a/lib/libcrypto/doc/PKCS5_PBKDF2_HMAC.pod b/lib/libcrypto/doc/PKCS5_PBKDF2_HMAC.pod deleted file mode 100644 index 0c164a0ed6b..00000000000 --- a/lib/libcrypto/doc/PKCS5_PBKDF2_HMAC.pod +++ /dev/null @@ -1,64 +0,0 @@ -=pod - -=head1 NAME - -PKCS5_PBKDF2_HMAC, PKCS5_PBKDF2_HMAC_SHA1 - password based derivation routines with salt and iteration count - -=head1 SYNOPSIS - - #include <openssl/evp.h> - - int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, - const unsigned char *salt, int saltlen, int iter, - const EVP_MD *digest, - int keylen, unsigned char *out); - -int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, - const unsigned char *salt, int saltlen, int iter, - int keylen, unsigned char *out); - -=head1 DESCRIPTION - -PKCS5_PBKDF2_HMAC() derives a key from a password using a salt and iteration count -as specified in RFC 2898. - -B<pass> is the password used in the derivation of length B<passlen>. B<pass> -is an optional parameter and can be NULL. If B<passlen> is -1, then the -function will calculate the length of B<pass> using strlen(). - -B<salt> is the salt used in the derivation of length B<saltlen>. If the -B<salt> is NULL, then B<saltlen> must be 0. The function will not -attempt to calculate the length of the B<salt> because it is not assumed to -be NULL terminated. - -B<iter> is the iteration count and its value should be greater than or -equal to 1. RFC 2898 suggests an iteration count of at least 1000. Any -B<iter> less than 1 is treated as a single iteration. - -B<digest> is the message digest function used in the derivation. Values include -any of the EVP_* message digests. PKCS5_PBKDF2_HMAC_SHA1() calls -PKCS5_PBKDF2_HMAC() with EVP_sha1(). - -The derived key will be written to B<out>. The size of the B<out> buffer -is specified via B<keylen>. - -=head1 NOTES - -A typical application of this function is to derive keying material for an -encryption algorithm from a password in the B<pass>, a salt in B<salt>, -and an iteration count. - -Increasing the B<iter> parameter slows down the algorithm which makes it -harder for an attacker to perform a brute force attack using a large number -of candidate passwords. - -=head1 RETURN VALUES - -PKCS5_PBKDF2_HMAC() and PBKCS5_PBKDF2_HMAC_SHA1() return 1 on success or 0 on error. - -=head1 SEE ALSO - -L<evp(3)|evp(3)>, L<rand(3)|rand(3)>, -L<EVP_BytesToKey(3)|EVP_BytesToKey(3)> - -=cut |