mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-30 14:01:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

openssl-kdf.pod.in: add text on 'salt' and 'info' parameters; small further improvements

Browse Source 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21469)
This commit is contained in:
Dr. David von Oheimb 2023-07-16 15:06:18 +02:00 committed by Pauli
parent 61c8146aa3
commit 7b2a3a1e9d
1 changed files with 32 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
doc/man1/openssl-kdf.pod.in
View File

@ -66,8 +66,7 @@ cases.
=item B<-kdfopt> I<nm>:I<v>
Passes options to the KDF algorithm.
A comprehensive list of parameters can be found in the EVP_KDF_CTX
implementation documentation.
A comprehensive list of parameters can be found in L<EVP_KDF(3)/PARAMETERS>.
Common parameter names used by EVP_KDF_CTX_set_params() are:
=over 4
@ -81,9 +80,8 @@ A key must be specified for most KDF algorithms.
=item B<hexkey:>I<string>
Specifies the secret key in hexadecimal form (two hex digits per byte).
The key length must conform to any restrictions of the KDF algorithm.
A key must be specified for most KDF algorithms.
Alternative to the B<key:> option where
the secret key is specified in hexadecimal form (two hex digits per byte).
=item B<pass:>I<string>
@ -93,8 +91,35 @@ The password must be specified for PBKDF2 and scrypt.
=item B<hexpass:>I<string>
Specifies the password in hexadecimal form (two hex digits per byte).
The password must be specified for PBKDF2 and scrypt.
Alternative to the B<pass:> option where
the password is specified in hexadecimal form (two hex digits per byte).
=item B<salt:>I<string>
Specifies a non-secret unique cryptographic salt as an alphanumeric string
(use if it contains printable characters only).
The length must conform to any restrictions of the KDF algorithm.
A salt parameter is required for several KDF algorithms,
such as L<EVP_KDF-PBKDF2(7)>.
=item B<hexsalt:>I<string>
Alternative to the B<salt:> option where
the salt is specified in hexadecimal form (two hex digits per byte).
=item B<info:>I<string>
Some KDF implementations, such as L<EVP_KDF-HKDF(7)>, take an 'info' parameter
for binding the derived key material
to application- and context-specific information.
Specifies the info, fixed info, other info or shared info argument
as an alphanumeric string (use if it contains printable characters only).
The length must conform to any restrictions of the KDF algorithm.
=item B<hexinfo:>I<string>
Alternative to the B<info:> option where
the info is specified in hexadecimal form (two hex digits per byte).
=item B<digest:>I<string>