1/*
2 *  ccpbkdf.h
3 *  corecrypto
4 *
5 *  Copyright 1999-2001, 2010 Apple Inc. All rights reserved.
6 *
7 *  Derived from pbkdf2.h by Mitch Adler on 09-12-2010.
8 *
9 */
10
11#ifndef _CORECRYPTO_CCPBKDF2_H_
12#define _CORECRYPTO_CCPBKDF2_H_
13
14
15#include <corecrypto/ccdigest.h>
16
17/*! @function ccpbkdf2_hmac
18    @abstract perform a pbkdf2 using HMAC(di) for the PRF (see PKCS#5 for specification)
19    @discussion This performs a standard PBKDF2 transformation of password and salt through
20an HMAC PRF of the callers slection (any Digest, typically SHA-1) returning dkLen bytes
21containing the entropy.
22
23Considerations:
24The salt used should be at least 8 bytes long. Each session should use it's own salt.
25We use the password as the key for the HMAC and the running data as the text for the HMAC to make a PRF.
26SHA-1 is a good hash to use for the core of the HMAC PRF.
27    @param di           digest info defining the digest type to use in the PRF.
28    @param passwordLen  amount of data to be fed in
29    @param password     data to be fed into the PBKDF
30    @param saltLen      length of the salt
31    @param salt         salt to be used in pbkdf
32    @param iterations   itrations to go
33    @param dkLen        length of the results
34    @param dk           buffer for the results of the PBKDF tranformation, must be dkLen big
35
36 */
37int ccpbkdf2_hmac(const struct ccdigest_info *di,
38                   unsigned long passwordLen, const void *password,
39                   unsigned long saltLen, const void *salt,
40                   unsigned long iterations,
41                   unsigned long dkLen, void *dk);
42
43#endif /* _CORECRYPTO_CCPBKDF2_H_ */
44