diff options
author | David Reid <dreid@dreid.org> | 2014-01-29 15:09:49 -0800 |
---|---|---|
committer | David Reid <dreid@dreid.org> | 2014-01-29 15:09:49 -0800 |
commit | b2ff87737ca27a171ce0034e100841782d19dd7b (patch) | |
tree | fde20b858f07d70a1dcc3f8f2b78bc02480630e5 /docs/hazmat/backends/interfaces.rst | |
parent | babc4d50f42edc1e16c414e4008114d882b4c999 (diff) | |
parent | 0b181182aef574c436a92a175937af32e54a2378 (diff) | |
download | cryptography-b2ff87737ca27a171ce0034e100841782d19dd7b.tar.gz cryptography-b2ff87737ca27a171ce0034e100841782d19dd7b.tar.bz2 cryptography-b2ff87737ca27a171ce0034e100841782d19dd7b.zip |
Merge pull request #520 from reaperhulk/pbkdf2-openssl
PBKDF2 Support (OpenSSL backend)
Diffstat (limited to 'docs/hazmat/backends/interfaces.rst')
-rw-r--r-- | docs/hazmat/backends/interfaces.rst | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index dc24f84d..49e4c88c 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -131,3 +131,44 @@ A specific ``backend`` may provide one or more of these interfaces. :returns: :class:`~cryptography.hazmat.primitives.interfaces.HashContext` + + +.. class:: PBKDF2HMACBackend + + .. versionadded:: 0.2 + + A backend with methods for using PBKDF2 using HMAC as a PRF. + + .. method:: pbkdf2_hmac_supported(algorithm) + + Check if the specified ``algorithm`` is supported by this backend. + + :param algorithm: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + provider. + + :returns: ``True`` if the specified ``algorithm`` is supported for + PBKDF2 HMAC by this backend, otherwise ``False``. + + .. method:: derive_pbkdf2_hmac(self, algorithm, length, salt, iterations, + key_material) + + :param algorithm: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + provider. + + :param int length: The desired length of the derived key. Maximum is + (2\ :sup:`32` - 1) * ``algorithm.digest_size`` + + :param bytes salt: A salt. + + :param int iterations: The number of iterations to perform of the hash + function. This can be used to control the length of time the + operation takes. Higher numbers help mitigate brute force attacks + against derived keys. + + :param bytes key_material: The key material to use as a basis for + the derived key. This is typically a password. + + :return bytes: Derived key. + |