You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: doc/crypt.tex
+32-2Lines changed: 32 additions & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -7002,7 +7002,7 @@ \subsection{PKCS \#5}
7002
7002
7003
7003
The OpenSSL project implemented an extension to Algorithm One that allows for arbitrary keylengths; we have a compatible implementation described below.
7004
7004
7005
-
\subsection{Algorithm One}
7005
+
\subsubsection{Algorithm One}
7006
7006
Algorithm One accepts as input a password, an 8--byte salt, and an iteration counter. The iteration counter is meant to act as delay for
7007
7007
people trying to brute force guess the password. The higher the iteration counter the longer the delay. This algorithm also requires a hash
7008
7008
algorithm and produces an output no longer than the output of the hash.
@@ -7035,7 +7035,7 @@ \subsection{Algorithm One}
7035
7035
unsigned long *outlen)
7036
7036
\end{alltt}
7037
7037
As above, but we generate as many bytes as requested in outlen per the OpenSSL extension to Algorithm One. If you are trying to be compatible with OpenSSL's EVP\_BytesToKey() or the "openssl enc" command line (or variants such as perl's Crypt::CBC), then use this function with MD5 as your hash (ick!) and iteration\_count=1 (double-ick!!).
7038
-
\subsection{Algorithm Two}
7038
+
\subsubsection{Algorithm Two}
7039
7039
7040
7040
Algorithm Two is the recommended algorithm for this task. It allows variable length salts, and can produce outputs larger than the
7041
7041
hash functions output. As such, it can easily be used to derive session keys for ciphers and MACs as well initialization vectors as required
@@ -7091,6 +7091,35 @@ \subsection{Algorithm Two}
7091
7091
}
7092
7092
\end{verbatim}
7093
7093
7094
+
7095
+
\subsection{bcrypt}
7096
+
\index{bcrypt}
7097
+
7098
+
bcrypt is a password hashing function, similar to PKCS \#5, but it is based on the blowfish symmetric cipher.
7099
+
It is widely used in e.g. OpenBSD as default password hash algorithm, or in encrypted OpenSSH key files.
7100
+
7101
+
This implementation provides the PBKDF version as used in OpenSSH key files.
7102
+
7103
+
The OpenBSD implementation is fixed to SHA512 as hashing algorithm, but this generalized implementation works with any hashing algorithm.
7104
+
7105
+
To hash a password with the bcrypt PBKDF algorithm, the following API function is provided.
7106
+
7107
+
\index{bcrypt()}
7108
+
\begin{alltt}
7109
+
int bcrypt_pbkdf_openbsd(const void *secret, unsigned long secret_len,
7110
+
const unsigned char *salt, unsigned long salt_len,
7111
+
unsigned int rounds, int hash_idx,
7112
+
unsigned char *out, unsigned long *outlen);
7113
+
\end{alltt}
7114
+
7115
+
The \textit{secret} parameter is the secret of length \textit{secret\_len} (most of the time a utf-8 encoded user password).
7116
+
The \textit{salt} parameter is a pointer to the array of octets of length \textit{salt\_len} containing the salt.
7117
+
The \textit{rounds} parameter defines the number of iterations of the expensive key setup that shall be executed.
7118
+
The \textit{hash\_idx} parameter defines the hash algorithm that shall be used.
7119
+
The \textit{out} parameter shall be a pointer to a buffer of at least 32 octets,
7120
+
where \textit{outlen} contains the available buffer size on input and the written size after the invocation.
7121
+
7122
+
7094
7123
\mysection{PKCS \#8}
7095
7124
\index{PKCS \#8}
7096
7125
@@ -7127,6 +7156,7 @@ \subsection{Algorithm Two}
7127
7156
The PKCS \#8 import has no direct API endpoints, but it is available through Public Key Algorithm-specific
0 commit comments