=pod =head1 NAME PKCS5_PBKDF2_HMAC, PKCS5_PBKDF2_HMAC_SHA1 - password based derivation routines with salt and iteration count =head1 SYNOPSIS #include int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out); int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, int keylen, unsigned char *out); =head1 DESCRIPTION PKCS5_PBKDF2_HMAC() derives a key from a password using a salt and iteration count as specified in RFC 2898. B is the password used in the derivation of length B. B is an optional parameter and can be NULL. If B is -1, then the function will calculate the length of B using strlen(). B is the salt used in the derivation of length B. If the B is NULL, then B must be 0. The function will not attempt to calculate the length of the B because it is not assumed to be NULL terminated. B is the iteration count and its value should be greater than or equal to 1. RFC 2898 suggests an iteration count of at least 1000. Any B less than 1 is treated as a single iteration. B is the message digest function used in the derivation. Values include any of the EVP_* message digests. PKCS5_PBKDF2_HMAC_SHA1() calls PKCS5_PBKDF2_HMAC() with EVP_sha1(). The derived key will be written to B. The size of the B buffer is specified via B. =head1 NOTES A typical application of this function is to derive keying material for an encryption algorithm from a password in the B, a salt in B, and an iteration count. Increasing the B parameter slows down the algorithm which makes it harder for an attacker to perform a brute force attack using a large number of candidate passwords. These functions make no assumption regarding the given password. It will simply be treated as a byte sequence. =head1 RETURN VALUES PKCS5_PBKDF2_HMAC() and PBKCS5_PBKDF2_HMAC_SHA1() return 1 on success or 0 on error. =head1 SEE ALSO L, L, L, L =head1 COPYRIGHT Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at L. =cut