Pkcs12KdfBuilder

native_ossl::kdf

Struct Pkcs12KdfBuilder 

Source 
pub struct Pkcs12KdfBuilder<'a> { /* private fields */ }
Expand description

PKCS#12 (RFC 7292 Appendix B) key/IV/MAC derivation builder.

Legacy — only needed for interoperability with PKCS#12 files encrypted with deprecated algorithms such as PBEWithSHAAnd3-KeyTripleDES-CBC. New PKCS#12 files should use PBES2/PBKDF2 instead.

let sha1 = DigestAlg::fetch(c"SHA1", None).unwrap();
let key = Pkcs12KdfBuilder::new(&sha1, b"password", &salt, Pkcs12KdfId::Key)
    .iterations(2048)
    .derive_to_vec(24)?;

Implementations§

Source§

impl<'a> Pkcs12KdfBuilder<'a>

Source

pub fn new( md: &'a DigestAlg, password: &'a [u8], salt: &'a [u8], id: Pkcs12KdfId, ) -> Self

Create a PKCS#12 KDF builder.

  • md — hash algorithm (SHA-1 for legacy 3DES; SHA-256 for PBES2).
  • password — UTF-8 passphrase bytes.
  • salt — random salt (typically 8 bytes per RFC 7292).
  • id — output type: Key, Iv, or Mac.

The iteration count defaults to 2048.

Source

pub fn iterations(self, n: u32) -> Self

Override the iteration count.

Source

pub fn derive(&self, out: &mut [u8]) -> Result<(), ErrorStack>

Derive key material into out.

§Panics

Panics if the password, salt, or output buffer length exceeds i32::MAX bytes, which is not a practical concern for cryptographic inputs.

§Errors
Source

pub fn derive_to_vec(&self, len: usize) -> Result<Vec<u8>, ErrorStack>

Derive len bytes of key material, returning them in a freshly allocated Vec<u8>.

§Errors

Auto Trait Implementations§

§

impl<'a> Freeze for Pkcs12KdfBuilder<'a>

§

impl<'a> RefUnwindSafe for Pkcs12KdfBuilder<'a>

§

impl<'a> Send for Pkcs12KdfBuilder<'a>

§

impl<'a> Sync for Pkcs12KdfBuilder<'a>

§

impl<'a> Unpin for Pkcs12KdfBuilder<'a>

§

impl<'a> UnwindSafe for Pkcs12KdfBuilder<'a>

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.