EVP_KDF-PVKKDF.7ossl - Man Page
The PVK EVP_KDF implementation
Description
Support for computing the PVK KDF PIN-based KDF through the EVP_KDF API.
The EVP_KDF-PVKKDF algorithm implements a PVK PIN-based key derivation function; it derives a key from a password using a salt.
Identity
"PVKKDF" is the name for this implementation; it can be used with the EVP_KDF_fetch() function.
Supported parameters
The supported parameters are:
- "pass" (OSSL_KDF_PARAM_PASSWORD) <octet string>
- "salt" (OSSL_KDF_PARAM_SALT) <octet string>
- "properties" (OSSL_KDF_PARAM_PROPERTIES) <UTF8 string>
- "digest" (OSSL_KDF_PARAM_DIGEST) <UTF8 string>
These parameters work as described in "PARAMETERS" in EVP_KDF(3).
Notes
A typical application of this algorithm is to derive keying material for an encryption algorithm from a password in the "pass" and a salt in "salt".
No assumption is made regarding the given password; it is simply treated as a byte sequence.
The legacy provider needs to be available in order to access this algorithm.
See Also
EVP_KDF(3), EVP_KDF_CTX_new(3), EVP_KDF_CTX_free(3), EVP_KDF_CTX_set_params(3), EVP_KDF_derive(3), "PARAMETERS" in EVP_KDF(3), OSSL_PROVIDER-legacy(7)
History
This functionality was added in OpenSSL 3.2.
Copyright
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.