Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / b6d764c3f28837ed8854dfa836029a0b4650246f^! / . / docs / hazmat
commitb6d764c3f28837ed8854dfa836029a0b4650246f[log] [tgz]
authorPaul Kehrer <paul.l.kehrer@gmail.com>Mon Jan 27 22:32:11 2014 -0600
committerPaul Kehrer <paul.l.kehrer@gmail.com>Tue Jan 28 11:18:26 2014 -0600
tree20350ecfa9b0f671f2f74bde0ecafa33679b2bc2
parent1050ddf44f0713a587cd0ba239e23c95064a39bc [diff]
pbkdf2 docs

diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst
index fa4f800..14ca688 100644
--- a/docs/hazmat/backends/interfaces.rst
+++ b/docs/hazmat/backends/interfaces.rst

@@ -159,7 +159,7 @@
         :param int length: The desired length of the derived key. Maximum is
         2\ :sup:`31` - 1.
 
-        :param bytes salt: A salt. `RFC 2898`_ recommends 64-bits or longer.
+        :param bytes salt: A salt.
 
         :param int iterations: The number of iterations to perform of the hash
             function.
@@ -169,4 +169,3 @@
 
         :return bytes: Derived key.
 
-.. _`RFC 2898`: https://www.ietf.org/rfc/rfc2898.txt

diff --git a/docs/hazmat/primitives/index.rst b/docs/hazmat/primitives/index.rst
index b115fdb..2a29bd8 100644
--- a/docs/hazmat/primitives/index.rst
+++ b/docs/hazmat/primitives/index.rst

@@ -9,6 +9,7 @@
     cryptographic-hashes
     hmac
     symmetric-encryption
+    key-derivation-functions
     padding
     constant-time
     interfaces

diff --git a/docs/hazmat/primitives/key-derivation-functions.rst b/docs/hazmat/primitives/key-derivation-functions.rst
new file mode 100644
index 0000000..af2d910
--- /dev/null
+++ b/docs/hazmat/primitives/key-derivation-functions.rst

@@ -0,0 +1,40 @@
+.. hazmat::
+
+Key Derivation Functions
+========================
+
+.. currentmodule:: cryptography.hazmat.primitives.kdf
+
+Key derivation functions derive key material from information such as passwords
+using a pseudo-random function (PRF).
+
+.. class:: PBKDF2(algorithm, length, salt, iterations, backend):
+
+    .. doctest::
+
+        >>> from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2
+        >>> from cryptography.hazmat.backends import default_backend
+        >>> backend = default_backend()
+        >>> salt = os.urandom(16)
+        >>> # derive
+        >>> kdf = PBKDF2(hashes.SHA1(), 20, salt, 10000, backend)
+        >>> key = kdf.derive(b"my great password")
+        >>> # verify
+        >>> kdf = PBKDF2(hashes.SHA1(), 20, salt, 10000, backend)
+        >>> kdf.verify(b"my great password", key)
+        None
+
+        :param algorithm: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            provider.
+
+        :param int length: The desired length of the derived key. Maximum is
+        2\ :sup:`31` - 1.
+
+        :param bytes salt: A salt. `NIST SP 800-132`_ recommends 128-bits or
+            longer.
+
+        :param int iterations: The number of iterations to perform of the hash
+            function.
+
+.. _`NIST SP 800-132`: http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf