- update OpenSSL to 0.9.8
[dragonfly.git] / secure / lib / libcrypto / man / EVP_BytesToKey.3
CommitLineData
8b0cefbb
JR
1.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14
2.\"
3.\" Standard preamble:
4.\" ========================================================================
5.de Sh \" Subsection heading
984263bc
MD
6.br
7.if t .Sp
8.ne 5
9.PP
10\fB\\$1\fR
11.PP
12..
8b0cefbb 13.de Sp \" Vertical space (when we can't use .PP)
984263bc
MD
14.if t .sp .5v
15.if n .sp
16..
8b0cefbb 17.de Vb \" Begin verbatim text
984263bc
MD
18.ft CW
19.nf
20.ne \\$1
21..
8b0cefbb 22.de Ve \" End verbatim text
984263bc 23.ft R
984263bc
MD
24.fi
25..
8b0cefbb
JR
26.\" Set up some character translations and predefined strings. \*(-- will
27.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
28.\" double quote, and \*(R" will give a right double quote. | will give a
29.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
30.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
31.\" expand to `' in nroff, nothing in troff, for use with C<>.
984263bc 32.tr \(*W-|\(bv\*(Tr
8b0cefbb 33.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
984263bc 34.ie n \{\
8b0cefbb
JR
35. ds -- \(*W-
36. ds PI pi
37. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
38. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
39. ds L" ""
40. ds R" ""
41. ds C` ""
42. ds C' ""
984263bc
MD
43'br\}
44.el\{\
8b0cefbb
JR
45. ds -- \|\(em\|
46. ds PI \(*p
47. ds L" ``
48. ds R" ''
984263bc 49'br\}
8b0cefbb
JR
50.\"
51.\" If the F register is turned on, we'll generate index entries on stderr for
52.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
53.\" entries marked with X<> in POD. Of course, you'll have to process the
54.\" output yourself in some meaningful fashion.
55.if \nF \{\
56. de IX
57. tm Index:\\$1\t\\n%\t"\\$2"
984263bc 58..
8b0cefbb
JR
59. nr % 0
60. rr F
984263bc 61.\}
8b0cefbb
JR
62.\"
63.\" For nroff, turn off justification. Always turn off hyphenation; it makes
64.\" way too many mistakes in technical documents.
65.hy 0
984263bc 66.if n .na
8b0cefbb
JR
67.\"
68.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
69.\" Fear. Run. Save yourself. No user-serviceable parts.
70. \" fudge factors for nroff and troff
984263bc 71.if n \{\
8b0cefbb
JR
72. ds #H 0
73. ds #V .8m
74. ds #F .3m
75. ds #[ \f1
76. ds #] \fP
984263bc
MD
77.\}
78.if t \{\
8b0cefbb
JR
79. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
80. ds #V .6m
81. ds #F 0
82. ds #[ \&
83. ds #] \&
984263bc 84.\}
8b0cefbb 85. \" simple accents for nroff and troff
984263bc 86.if n \{\
8b0cefbb
JR
87. ds ' \&
88. ds ` \&
89. ds ^ \&
90. ds , \&
91. ds ~ ~
92. ds /
984263bc
MD
93.\}
94.if t \{\
8b0cefbb
JR
95. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
96. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
97. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
98. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
99. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
100. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
984263bc 101.\}
8b0cefbb 102. \" troff and (daisy-wheel) nroff accents
984263bc
MD
103.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
104.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
105.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
106.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
107.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
108.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
109.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
110.ds ae a\h'-(\w'a'u*4/10)'e
111.ds Ae A\h'-(\w'A'u*4/10)'E
8b0cefbb 112. \" corrections for vroff
984263bc
MD
113.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
114.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
8b0cefbb 115. \" for low resolution devices (crt and lpr)
984263bc
MD
116.if \n(.H>23 .if \n(.V>19 \
117\{\
8b0cefbb
JR
118. ds : e
119. ds 8 ss
120. ds o a
121. ds d- d\h'-1'\(ga
122. ds D- D\h'-1'\(hy
123. ds th \o'bp'
124. ds Th \o'LP'
125. ds ae ae
126. ds Ae AE
984263bc
MD
127.\}
128.rm #[ #] #H #V #F C
8b0cefbb
JR
129.\" ========================================================================
130.\"
131.IX Title "EVP_BytesToKey 3"
a561f9ff 132.TH EVP_BytesToKey 3 "2005-07-06" "0.9.8" "OpenSSL"
984263bc 133.SH "NAME"
74dab6c2 134EVP_BytesToKey \- password based encryption routine
984263bc 135.SH "SYNOPSIS"
8b0cefbb 136.IX Header "SYNOPSIS"
984263bc
MD
137.Vb 1
138\& #include <openssl/evp.h>
139.Ve
8b0cefbb 140.PP
984263bc
MD
141.Vb 4
142\& int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
143\& const unsigned char *salt,
144\& const unsigned char *data, int datal, int count,
145\& unsigned char *key,unsigned char *iv);
146.Ve
147.SH "DESCRIPTION"
8b0cefbb
JR
148.IX Header "DESCRIPTION"
149\&\fIEVP_BytesToKey()\fR derives a key and \s-1IV\s0 from various parameters. \fBtype\fR is
150the cipher to derive the key and \s-1IV\s0 for. \fBmd\fR is the message digest to use.
984263bc 151The \fBsalt\fR paramter is used as a salt in the derivation: it should point to
8b0cefbb
JR
152an 8 byte buffer or \s-1NULL\s0 if no salt is used. \fBdata\fR is a buffer containing
153\&\fBdatal\fR bytes which is used to derive the keying data. \fBcount\fR is the
154iteration count to use. The derived key and \s-1IV\s0 will be written to \fBkey\fR
984263bc
MD
155and \fBiv\fR respectively.
156.SH "NOTES"
8b0cefbb 157.IX Header "NOTES"
984263bc
MD
158A typical application of this function is to derive keying material for an
159encryption algorithm from a password in the \fBdata\fR parameter.
160.PP
161Increasing the \fBcount\fR parameter slows down the algorithm which makes it
162harder for an attacker to peform a brute force attack using a large number
163of candidate passwords.
164.PP
8b0cefbb
JR
165If the total key and \s-1IV\s0 length is less than the digest length and
166\&\fB\s-1MD5\s0\fR is used then the derivation algorithm is compatible with PKCS#5 v1.5
984263bc
MD
167otherwise a non standard extension is used to derive the extra data.
168.PP
169Newer applications should use more standard algorithms such as PKCS#5
170v2.0 for key derivation.
171.SH "KEY DERIVATION ALGORITHM"
8b0cefbb
JR
172.IX Header "KEY DERIVATION ALGORITHM"
173The key and \s-1IV\s0 is derived by concatenating D_1, D_2, etc until
174enough data is available for the key and \s-1IV\s0. D_i is defined as:
984263bc
MD
175.PP
176.Vb 1
177\& D_i = HASH^count(D_(i-1) || data || salt)
178.Ve
8b0cefbb
JR
179.PP
180where || denotes concatentaion, D_0 is empty, \s-1HASH\s0 is the digest
181algorithm in use, HASH^1(data) is simply \s-1HASH\s0(data), HASH^2(data)
182is \s-1HASH\s0(\s-1HASH\s0(data)) and so on.
984263bc
MD
183.PP
184The initial bytes are used for the key and the subsequent bytes for
8b0cefbb 185the \s-1IV\s0.
984263bc 186.SH "RETURN VALUES"
74dab6c2 187.IX Header "RETURN VALUES"
8b0cefbb
JR
188\&\fIEVP_BytesToKey()\fR returns the size of the derived key in bytes.
189.SH "SEE ALSO"
74dab6c2 190.IX Header "SEE ALSO"
8b0cefbb 191\&\fIevp\fR\|(3), \fIrand\fR\|(3),
a561f9ff 192\&\fIEVP_EncryptInit\fR\|(3)
8b0cefbb 193.SH "HISTORY"
984263bc 194.IX Header "HISTORY"