1 .\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32
4 .\" ========================================================================
5 .de Sh \" Subsection heading
13 .de Sp \" Vertical space (when we can't use .PP)
17 .de Vb \" Begin verbatim text
22 .de Ve \" End verbatim text
26 .\" Set up some character translations and predefined strings. \*(-- will
27 .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
28 .\" double quote, and \*(R" will give a right double quote. | will give a
29 .\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
30 .\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
31 .\" expand to `' in nroff, nothing in troff, for use with C<>.
33 .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
37 . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
38 . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
51 .\" If the F register is turned on, we'll generate index entries on stderr for
52 .\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
53 .\" entries marked with X<> in POD. Of course, you'll have to process the
54 .\" output yourself in some meaningful fashion.
57 . tm Index:\\$1\t\\n%\t"\\$2"
63 .\" For nroff, turn off justification. Always turn off hyphenation; it makes
64 .\" way too many mistakes in technical documents.
68 .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
69 .\" Fear. Run. Save yourself. No user-serviceable parts.
70 . \" fudge factors for nroff and troff
79 . ds #H ((1u-(\\\\n(.fu%2u))*.13m)
85 . \" simple accents for nroff and troff
95 . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
96 . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
97 . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
98 . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
99 . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
100 . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
102 . \" troff and (daisy-wheel) nroff accents
103 .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
104 .ds 8 \h'\*(#H'\(*b\h'-\*(#H'
105 .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
106 .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
107 .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
108 .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
109 .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
110 .ds ae a\h'-(\w'a'u*4/10)'e
111 .ds Ae A\h'-(\w'A'u*4/10)'E
112 . \" corrections for vroff
113 .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
114 .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
115 . \" for low resolution devices (crt and lpr)
116 .if \n(.H>23 .if \n(.V>19 \
129 .\" ========================================================================
131 .IX Title "EVP_BytesToKey 3"
132 .TH EVP_BytesToKey 3 "2008-09-06" "0.9.8h" "OpenSSL"
134 EVP_BytesToKey \- password based encryption routine
136 .IX Header "SYNOPSIS"
138 \& #include <openssl/evp.h>
142 \& int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
143 \& const unsigned char *salt,
144 \& const unsigned char *data, int datal, int count,
145 \& unsigned char *key,unsigned char *iv);
148 .IX Header "DESCRIPTION"
149 \&\fIEVP_BytesToKey()\fR derives a key and \s-1IV\s0 from various parameters. \fBtype\fR is
150 the cipher to derive the key and \s-1IV\s0 for. \fBmd\fR is the message digest to use.
151 The \fBsalt\fR paramter is used as a salt in the derivation: it should point to
152 an 8 byte buffer or \s-1NULL\s0 if no salt is used. \fBdata\fR is a buffer containing
153 \&\fBdatal\fR bytes which is used to derive the keying data. \fBcount\fR is the
154 iteration count to use. The derived key and \s-1IV\s0 will be written to \fBkey\fR
155 and \fBiv\fR respectively.
158 A typical application of this function is to derive keying material for an
159 encryption algorithm from a password in the \fBdata\fR parameter.
161 Increasing the \fBcount\fR parameter slows down the algorithm which makes it
162 harder for an attacker to peform a brute force attack using a large number
163 of candidate passwords.
165 If the total key and \s-1IV\s0 length is less than the digest length and
166 \&\fB\s-1MD5\s0\fR is used then the derivation algorithm is compatible with PKCS#5 v1.5
167 otherwise a non standard extension is used to derive the extra data.
169 Newer applications should use more standard algorithms such as PKCS#5
170 v2.0 for key derivation.
171 .SH "KEY DERIVATION ALGORITHM"
172 .IX Header "KEY DERIVATION ALGORITHM"
173 The key and \s-1IV\s0 is derived by concatenating D_1, D_2, etc until
174 enough data is available for the key and \s-1IV\s0. D_i is defined as:
177 \& D_i = HASH^count(D_(i-1) || data || salt)
180 where || denotes concatentaion, D_0 is empty, \s-1HASH\s0 is the digest
181 algorithm in use, HASH^1(data) is simply \s-1HASH\s0(data), HASH^2(data)
182 is \s-1HASH\s0(\s-1HASH\s0(data)) and so on.
184 The initial bytes are used for the key and the subsequent bytes for
187 .IX Header "RETURN VALUES"
188 \&\fIEVP_BytesToKey()\fR returns the size of the derived key in bytes.
190 .IX Header "SEE ALSO"
191 \&\fIevp\fR\|(3), \fIrand\fR\|(3),
192 \&\fIEVP_EncryptInit\fR\|(3)