Extended maintenance of Ruby versions 1.8.7 and 1.9.2 will end on July 31, 2014. Read more

In Files

  • openssl/ossl.c

Class/Module Index [+]

Quicksearch

OpenSSL::PKCS5

Password-based Encryption

Public Class Methods

pbkdf2_hmac(pass, salt, iter, keylen, digest) => string click to toggle source

Parameters

  • pass - string

  • salt - string

  • iter - integer - should be greater than 1000. 2000 is better.

  • keylen - integer

  • digest - a string or OpenSSL::Digest object.

Available in OpenSSL 0.9.9?.

Digests other than SHA1 may not be supported by other cryptography libraries.

 
               static VALUE
ossl_pkcs5_pbkdf2_hmac(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE keylen, VALUE digest)
{
#ifdef HAVE_PKCS5_PBKDF2_HMAC
    VALUE str;
    const EVP_MD *md;
    int len = NUM2INT(keylen);
    unsigned char* salt_p;
    unsigned char* str_p;

    StringValue(pass);
    StringValue(salt);
    md = GetDigestPtr(digest);
    str = rb_str_new(0, len);
    salt_p = (unsigned char*)RSTRING_PTR(salt);
    str_p = (unsigned char*)RSTRING_PTR(str);

    if (PKCS5_PBKDF2_HMAC(RSTRING_PTR(pass), RSTRING_LEN(pass), salt_p, RSTRING_LEN(salt), NUM2INT(iter), md, len, str_p) != 1)
        ossl_raise(ePKCS5, "PKCS5_PBKDF2_HMAC");

    return str;
#else
    rb_notimplement();
#endif
}
            
pbkdf2_hmac_sha1(pass, salt, iter, keylen) => string click to toggle source

Parameters

  • pass - string

  • salt - string

  • iter - integer - should be greater than 1000. 2000 is better.

  • keylen - integer

This method is available almost any version OpenSSL.

Conforms to rfc2898.

 
               static VALUE
ossl_pkcs5_pbkdf2_hmac_sha1(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE keylen)
{
#ifdef HAVE_PKCS5_PBKDF2_HMAC_SHA1
    VALUE str;
    int len = NUM2INT(keylen);

    StringValue(pass);
    StringValue(salt);

    str = rb_str_new(0, len);

    if (PKCS5_PBKDF2_HMAC_SHA1(RSTRING_PTR(pass), RSTRING_LEN(pass), RSTRING_PTR(salt), RSTRING_LEN(salt), NUM2INT(iter), len, RSTRING_PTR(str)) != 1)
        ossl_raise(ePKCS5, "PKCS5_PBKDF2_HMAC_SHA1");

    return str;
#else
    rb_notimplement();
#endif
}
            

Commenting is here to help enhance the documentation. For example, code samples, or clarification of the documentation.

If you have questions about Ruby or the documentation, please post to one of the Ruby mailing lists. You will get better, faster, help that way.

If you wish to post a correction of the docs, please do so, but also file bug report so that it can be corrected for the next release. Thank you.

If you want to help improve the Ruby documentation, please visit Documenting-ruby.org.

blog comments powered by Disqus