xref: /openbsd/lib/libutil/pkcs5_pbkdf2.3 (revision 73471bf0) 
1.\"	$OpenBSD: pkcs5_pbkdf2.3,v 1.5 2013/06/05 03:40:26 tedu Exp $
2.\"
3.\" Copyright (c) 2012 Ted Unangst <tedu@openbsd.org>
4.\"
5.\" Permission to use, copy, modify, and distribute this software for any
6.\" purpose with or without fee is hereby granted, provided that the above
7.\" copyright notice and this permission notice appear in all copies.
8.\"
9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\"
17.Dd $Mdocdate: June 5 2013 $
18.Dt PKCS5_PBKDF2 3
19.Os
20.Sh NAME
21.Nm pkcs5_pbkdf2
22.Nd password-based key derivation function
23.Sh SYNOPSIS
24.In util.h
25.Ft int
26.Fn pkcs5_pbkdf2 "const char *pass" "size_t pass_len" "const char *salt" \
27    "size_t salt_len" "u_int8_t *key" "size_t key_len" "u_int rounds"
28.Sh DESCRIPTION
29The
30.Nm
31function converts a password into a byte array suitable for use as
32an encryption key.
33The password and salt values are combined and repeatedly hashed
34.Ar rounds
35times.
36The salt value should be randomly generated beforehand.
37The repeated hashing is designed to thwart discovery of the key via
38password guessing attacks.
39The higher the number of rounds, the slower each attempt will be.
40A minimum value of at least 1000 is recommended.
41.Sh RETURN VALUES
42The
43.Fn pkcs5_pbkdf2
44function returns 0 to indicate success and -1 for failure.
45.\" .Sh EXAMPLES
46.\" .Sh ERRORS
47.Sh SEE ALSO
48.Xr sha1 1 ,
49.Xr bcrypt_pbkdf 3
50.Sh STANDARDS
51.Rs
52.%A B. Kaliski
53.%D September 2000
54.%R RFC 2898
55.%T PKCS #5: Password-Based Cryptography Specification Version 2.0
56.Re
57.\" .Sh HISTORY
58.\" .Sh AUTHORS
59.Sh CAVEATS
60The standard allows for different hash functions to be used.
61This implementation only uses
62.Xr sha1 1 .
63.\" .Sh BUGS
64