Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 1277bc7e993dec8bbe64f1b5aeaaae6cff6429dd / . / docs / hazmat / primitives / key-derivation-functions.rst
blob: 4cb67701d8508bbca7ddfb1b40b425683f025cd5 [file] [log] [blame]
Paul Kehrerb6d764c2014-01-27 22:32:11 -0600[diff] [blame]1.. hazmat::
2
3Key Derivation Functions
4========================
5
6.. currentmodule:: cryptography.hazmat.primitives.kdf
7
8Key derivation functions derive key material from information such as passwords
9using a pseudo-random function (PRF).
10
Paul Kehrerb3f763f2014-01-28 16:42:15 -0600[diff] [blame]11.. class:: PBKDF2HMAC(algorithm, length, salt, iterations, backend):
Paul Kehrerb6d764c2014-01-27 22:32:11 -0600[diff] [blame]12
Paul Kehrer5d1af212014-01-28 12:19:32 -0600[diff] [blame]13 .. versionadded:: 0.2
14
15 This class conforms to the
16 :class:`~cryptography.hazmat.primitives.interfaces.KeyDerivationFunction`
17 interface.
18
Paul Kehrerb6d764c2014-01-27 22:32:11 -0600[diff] [blame]19 .. doctest::
20
Paul Kehrer5d1af212014-01-28 12:19:32 -0600[diff] [blame]21 >>> import os
22 >>> from cryptography.hazmat.primitives import hashes
Paul Kehrerb3f763f2014-01-28 16:42:15 -0600[diff] [blame]23 >>> from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
Paul Kehrerb6d764c2014-01-27 22:32:11 -0600[diff] [blame]24 >>> from cryptography.hazmat.backends import default_backend
25 >>> backend = default_backend()
26 >>> salt = os.urandom(16)
27 >>> # derive
Paul Kehrerb3f763f2014-01-28 16:42:15 -0600[diff] [blame]28 >>> kdf = PBKDF2HMAC(
29 ... algorithm=hashes.SHA256(),
30 ... length=32,
31 ... salt=salt,
Paul Kehrer1277bc72014-01-28 17:09:59 -0600[diff] [blame^]32 ... iterations=100000,
Paul Kehrerb3f763f2014-01-28 16:42:15 -0600[diff] [blame]33 ... backend=backend
34 ... )
Paul Kehrerb6d764c2014-01-27 22:32:11 -0600[diff] [blame]35 >>> key = kdf.derive(b"my great password")
36 >>> # verify
Paul Kehrerb3f763f2014-01-28 16:42:15 -0600[diff] [blame]37 >>> kdf = PBKDF2HMAC(
38 ... algorithm=hashes.SHA256(),
39 ... length=32,
40 ... salt=salt,
Paul Kehrer1277bc72014-01-28 17:09:59 -0600[diff] [blame^]41 ... iterations=100000,
Paul Kehrerb3f763f2014-01-28 16:42:15 -0600[diff] [blame]42 ... backend=backend
43 ... )
Paul Kehrerb6d764c2014-01-27 22:32:11 -0600[diff] [blame]44 >>> kdf.verify(b"my great password", key)
Paul Kehrerb6d764c2014-01-27 22:32:11 -0600[diff] [blame]45
Paul Kehrer5d1af212014-01-28 12:19:32 -0600[diff] [blame]46 :param algorithm: An instance of a
47 :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
48 provider.
49 :param int length: The desired length of the derived key. Maximum is
Paul Kehrerb3f763f2014-01-28 16:42:15 -0600[diff] [blame]50 (2\ :sup:`32` - 1) * ``algorithm.digest_size``.
Paul Kehrer5d1af212014-01-28 12:19:32 -0600[diff] [blame]51 :param bytes salt: A salt. `NIST SP 800-132`_ recommends 128-bits or
52 longer.
53 :param int iterations: The number of iterations to perform of the hash
Paul Kehrerb3f763f2014-01-28 16:42:15 -0600[diff] [blame]54 function. See OWASP's `Password Storage Cheat Sheet`_ for more
55 detailed recommendations.
Paul Kehrer5d1af212014-01-28 12:19:32 -0600[diff] [blame]56 :param backend: A
57 :class:`~cryptography.hazmat.backends.interfaces.CipherBackend`
58 provider.
Paul Kehrerb6d764c2014-01-27 22:32:11 -0600[diff] [blame]59
60.. _`NIST SP 800-132`: http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf
Paul Kehrerb3f763f2014-01-28 16:42:15 -0600[diff] [blame]61.. _`Password Storage Cheat Sheet`: https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet