Browse Source

various fixes;

OPENBSD_5_3
jmc 12 years ago
parent
commit
b9881c9c7b
1 changed files with 12 additions and 7 deletions
  1. +12
    -7
      src/lib/libutil/pkcs5_pbkdf2.3

+ 12
- 7
src/lib/libutil/pkcs5_pbkdf2.3 View File

@ -1,4 +1,4 @@
.\" $OpenBSD: pkcs5_pbkdf2.3,v 1.2 2012/09/06 19:48:12 tedu Exp $
.\" $OpenBSD: pkcs5_pbkdf2.3,v 1.3 2012/09/07 05:48:20 jmc Exp $
.\" .\"
.\" Copyright (c) 2012 Ted Unangst <tedu@openbsd.org> .\" Copyright (c) 2012 Ted Unangst <tedu@openbsd.org>
.\" .\"
@ -14,12 +14,12 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" .\"
.Dd $Mdocdate: September 6 2012 $
.Dt pkcs5_pbkdf2 3
.Dd $Mdocdate: September 7 2012 $
.Dt PKCS5_PBKDF2 3
.Os .Os
.Sh NAME .Sh NAME
.Nm pkcs5_pbkdf2 .Nm pkcs5_pbkdf2
.Nd password based key derivation function
.Nd password-based key derivation function
.Sh SYNOPSIS .Sh SYNOPSIS
.Fd #include <util.h> .Fd #include <util.h>
.Ft int .Ft int
@ -29,7 +29,7 @@
The The
.Nm .Nm
function converts a password into a byte array suitable for use as function converts a password into a byte array suitable for use as
encryption key.
an encryption key.
The password and salt values are combined and repeatedly hashed The password and salt values are combined and repeatedly hashed
.Ar rounds .Ar rounds
times. times.
@ -37,7 +37,7 @@ The salt value should be randomly generated beforehand.
The repeated hashing is designed to thwart discovery of the key via The repeated hashing is designed to thwart discovery of the key via
password guessing attacks. password guessing attacks.
The higher the number of rounds, the slower each attempt will be. The higher the number of rounds, the slower each attempt will be.
A minumum value of at least 1000 is recommended.
A minimum value of at least 1000 is recommended.
.Sh RETURN VALUES .Sh RETURN VALUES
The The
.Fn pkcs5_pbkdf2 .Fn pkcs5_pbkdf2
@ -47,7 +47,12 @@ function returns 0 to indicate success and -1 for failure.
.Sh SEE ALSO .Sh SEE ALSO
.Xr sha1 1 .Xr sha1 1
.Sh STANDARDS .Sh STANDARDS
RFC 2898
.Rs
.%A B. Kaliski
.%D September 2000
.%R RFC 2898
.%T PKCS #5: Password-Based Cryptography Specification Version 2.0
.Re
.\" .Sh HISTORY .\" .Sh HISTORY
.\" .Sh AUTHORS .\" .Sh AUTHORS
.Sh CAVEATS .Sh CAVEATS


Loading…
Cancel
Save