Module: Botan::KDF

Defined in:
lib/botan/kdf.rb

Overview

Key Derivation Functions

Examples

examples/kdf.rb

Class Method Summary collapse

Class Method Details

.kdf(secret:, key_length:, label: '', algo: DEFAULT_KDF_ALGO, salt: RNG.get(DEFAULT_KDF_SALT_LENGTH)) ⇒ String

Derives a key using the given KDF algorithm.

Parameters:

  • secret (String)

    the secret input

  • key_length (Integer)

    the desired length of the key to produce

  • label (String) (defaults to: '')

    purpose for the derived keying material

  • algo (String) (defaults to: DEFAULT_KDF_ALGO)

    the KDF algorithm name

  • salt (String) (defaults to: RNG.get(DEFAULT_KDF_SALT_LENGTH))

    the randomly chosen salt

Returns:

  • (String)

    the derived key



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
 
# File 'lib/botan/kdf.rb', line 25

def self.kdf(secret:, key_length:,
             label: '',
             algo: DEFAULT_KDF_ALGO,
             salt: RNG.get(DEFAULT_KDF_SALT_LENGTH))
  out_buf = FFI::MemoryPointer.new(:uint8, key_length)

  secret_buf = FFI::MemoryPointer.from_data(secret)
  salt_buf = FFI::MemoryPointer.from_data(salt)
  label_buf = FFI::MemoryPointer.from_data(label)
  Botan.call_ffi(:botan_kdf,
                 algo, out_buf, out_buf.size,
                 secret_buf, secret_buf.size,
                 salt_buf, salt_buf.size,
                 label_buf, label_buf.size)
  out_buf.read_bytes(key_length)
end

.pbkdf(password:, key_length:, algo: DEFAULT_PBKDF_ALGO, iterations: DEFAULT_KDF_ITERATIONS, salt: RNG.get(DEFAULT_KDF_SALT_LENGTH)) ⇒ String

Derives a key using the given PBKDF algorithm.

Parameters:

  • password (String)

    the password to derive the key from

  • key_length (Integer)

    the desired length of the key to produce

  • algo (String) (defaults to: DEFAULT_PBKDF_ALGO)

    the PBKDF algorithm name

  • iterations (Integer) (defaults to: DEFAULT_KDF_ITERATIONS)

    the number of iterations to use

  • salt (String) (defaults to: RNG.get(DEFAULT_KDF_SALT_LENGTH))

    the randomly chosen salt

Returns:

  • (String)

    the derived key



50
51
52
53
54
55
56
57
58
59
60
 
# File 'lib/botan/kdf.rb', line 50

def self.pbkdf(password:, key_length:,
               algo: DEFAULT_PBKDF_ALGO,
               iterations: DEFAULT_KDF_ITERATIONS,
               salt: RNG.get(DEFAULT_KDF_SALT_LENGTH))
  out_buf = FFI::MemoryPointer.new(:uint8, key_length)
  salt_buf = FFI::MemoryPointer.from_data(salt)
  Botan.call_ffi(:botan_pbkdf,
                 algo, out_buf, key_length,
                 password, salt_buf, salt_buf.size, iterations)
  out_buf.read_bytes(key_length)
end

.pbkdf_timed(password:, key_length:, milliseconds:, algo: DEFAULT_PBKDF_ALGO, salt: RNG.get(DEFAULT_KDF_SALT_LENGTH)) ⇒ Hash<Symbol>

Derives a key using the given PBKDF algorithm.

Parameters:

  • password (String)

    the password to derive the key from

  • key_length (Integer)

    teh desired length of the key to rpoduce

  • milliseconds (Integer)

    the number of milliseconds to run

  • algo (String) (defaults to: DEFAULT_PBKDF_ALGO)

    the PBKDF algorithm name

  • salt (String) (defaults to: RNG.get(DEFAULT_KDF_SALT_LENGTH))

    the randomly chosen salt

Returns:

  • (Hash<Symbol>)

    • :iterations [Integer] the iteration count used

    • :key [String] the derived key



72
73
74
75
76
77
78
79
80
81
82
83
84
 
# File 'lib/botan/kdf.rb', line 72

def self.pbkdf_timed(password:, key_length:, milliseconds:,
                     algo: DEFAULT_PBKDF_ALGO,
                     salt: RNG.get(DEFAULT_KDF_SALT_LENGTH))
  out_buf = FFI::MemoryPointer.new(:uint8, key_length)
  salt_buf = FFI::MemoryPointer.from_data(salt)
  iterations_ptr = FFI::MemoryPointer.new(:size_t)
  Botan.call_ffi(:botan_pbkdf_timed,
                 algo, out_buf, key_length,
                 password, salt_buf, salt_buf.size,
                 milliseconds, iterations_ptr)
  { iterations: iterations_ptr.read(:size_t),
    key: out_buf.read_bytes(key_length) }
end