Главная Обзор Помощь
Регистрация Вход
Apq
/
winscp
зеркало из https://github.com/winscp/winscp.git
1
0
Ответвить 0
Файлы Задачи 0 Вики
Дерево: 14676b4f16
Ветки Метки
winscp
/
libs
/
openssl
/
doc
/
man7
/
EVP_KDF-PKCS12KDF.pod

EVP_KDF-PKCS12KDF.pod 2.3 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990 
  1. =pod
    2. 

  2. 

  3. =head1 NAME
    4. 

  4. 

  5. EVP_KDF-PKCS12KDF - The PKCS#12 EVP_KDF implementation
    6. 

  6. 

  7. =head1 DESCRIPTION
    8. 

  8. 

  9. Support for computing the B<PKCS#12> password-based KDF through the B<EVP_KDF>
    10. 

  10. API.
    11. 

  11. 

  12. The EVP_KDF-PKCS12KDF algorithm implements the PKCS#12 password-based key
    13. 

  13. derivation function, as described in appendix B of RFC 7292 (PKCS #12:
    14. 

  14. Personal Information Exchange Syntax); it derives a key from a password
    15. 

  15. using a salt, iteration count and the intended usage.
    16. 

  16. 

  17. =head2 Identity
    18. 

  18. 

  19. "PKCS12KDF" is the name for this implementation; it
    20. 

  20. can be used with the EVP_KDF_fetch() function.
    21. 

  21. 

  22. =head2 Supported parameters
    23. 

  23. 

  24. The supported parameters are:
    25. 

  25. 

  26. =over 4
    27. 

  27. 

  28. =item "pass" (B<OSSL_KDF_PARAM_PASSWORD>) <octet string>
    29. 

  29. 

  30. =item "salt" (B<OSSL_KDF_PARAM_SALT>) <octet string>
    31. 

  31. 

  32. =item "iter" (B<OSSL_KDF_PARAM_ITER>) <unsigned integer>
    33. 

  33. 

  34. =item "properties" (B<OSSL_KDF_PARAM_PROPERTIES>) <UTF8 string>
    35. 

  35. 

  36. =item "digest" (B<OSSL_KDF_PARAM_DIGEST>) <UTF8 string>
    37. 

  37. 

  38. These parameters work as described in L<EVP_KDF(3)/PARAMETERS>.
    39. 

  39. 

  40. =item "id" (B<OSSL_KDF_PARAM_PKCS12_ID>) <integer>
    41. 

  41. 

  42. This parameter is used to specify the intended usage of the output bits, as per
    43. 

  43. RFC 7292 section B.3.
    44. 

  44. 

  45. =back
    46. 

  46. 

  47. =head1 NOTES
    48. 

  48. 

  49. This algorithm is not available in the FIPS provider as it is not FIPS
    50. 

  50. approvable.
    51. 

  51. 

  52. A typical application of this algorithm is to derive keying material for an
    53. 

  53. encryption algorithm from a password in the "pass", a salt in "salt",
    54. 

  54. and an iteration count.
    55. 

  55. 

  56. Increasing the "iter" parameter slows down the algorithm which makes it
    57. 

  57. harder for an attacker to perform a brute force attack using a large number
    58. 

  58. of candidate passwords.
    59. 

  59. 

  60. No assumption is made regarding the given password; it is simply treated as a
    61. 

  61. byte sequence.
    62. 

  62. 

  63. =head1 CONFORMING TO
    64. 

  64. 

  65. RFC7292
    66. 

  66. 

  67. =head1 SEE ALSO
    68. 

  68. 

  69. L<EVP_KDF(3)>,
    70. 

  70. L<EVP_KDF_CTX_new(3)>,
    71. 

  71. L<EVP_KDF_CTX_free(3)>,
    72. 

  72. L<EVP_KDF_CTX_set_params(3)>,
    73. 

  73. L<EVP_KDF_derive(3)>,
    74. 

  74. L<EVP_KDF(3)/PARAMETERS>,
    75. 

  75. L<OSSL_PROVIDER-FIPS(7)>
    76. 

  76. 

  77. =head1 HISTORY
    78. 

  78. 

  79. This functionality was added in OpenSSL 3.0.
    80. 

  80. 

  81. =head1 COPYRIGHT
    82. 

  82. 

  83. Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
    84. 

  84. 

  85. Licensed under the Apache License 2.0 (the "License").  You may not use
    86. 

  86. this file except in compliance with the License.  You can obtain a copy
    87. 

  87. in the file LICENSE in the source distribution or at
    88. 

  88. L<https://www.openssl.org/source/license.html>.
    89. 

  89. 

  90. =cut
    91.