xref: /freebsd-src/crypto/openssl/doc/man3/EVP_PKEY_CTX_set_scrypt_N.pod (revision b077aed33b7b6aefca7b17ddb250cf521f938613) 
1e71b7053SJung-uk Kim=pod
2e71b7053SJung-uk Kim
3e71b7053SJung-uk Kim=head1 NAME
4e71b7053SJung-uk Kim
5e71b7053SJung-uk KimEVP_PKEY_CTX_set1_scrypt_salt,
6e71b7053SJung-uk KimEVP_PKEY_CTX_set_scrypt_N,
7e71b7053SJung-uk KimEVP_PKEY_CTX_set_scrypt_r,
8e71b7053SJung-uk KimEVP_PKEY_CTX_set_scrypt_p,
9e71b7053SJung-uk KimEVP_PKEY_CTX_set_scrypt_maxmem_bytes
10e71b7053SJung-uk Kim- EVP_PKEY scrypt KDF support functions
11e71b7053SJung-uk Kim
12e71b7053SJung-uk Kim=head1 SYNOPSIS
13e71b7053SJung-uk Kim
14e71b7053SJung-uk Kim #include <openssl/kdf.h>
15e71b7053SJung-uk Kim
16e71b7053SJung-uk Kim int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX *pctx, unsigned char *salt,
17e71b7053SJung-uk Kim                                   int saltlen);
18e71b7053SJung-uk Kim
19e71b7053SJung-uk Kim int EVP_PKEY_CTX_set_scrypt_N(EVP_PKEY_CTX *pctx, uint64_t N);
20e71b7053SJung-uk Kim
21e71b7053SJung-uk Kim int EVP_PKEY_CTX_set_scrypt_r(EVP_PKEY_CTX *pctx, uint64_t r);
22e71b7053SJung-uk Kim
23e71b7053SJung-uk Kim int EVP_PKEY_CTX_set_scrypt_p(EVP_PKEY_CTX *pctx, uint64_t p);
24e71b7053SJung-uk Kim
25e71b7053SJung-uk Kim int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *pctx,
26e71b7053SJung-uk Kim                                          uint64_t maxmem);
27e71b7053SJung-uk Kim
28e71b7053SJung-uk Kim=head1 DESCRIPTION
29e71b7053SJung-uk Kim
30e71b7053SJung-uk KimThese functions are used to set up the necessary data to use the
31e71b7053SJung-uk Kimscrypt KDF.
32*b077aed3SPierre ProncheryFor more information on scrypt, see L<EVP_KDF-SCRYPT(7)>.
33e71b7053SJung-uk Kim
34e71b7053SJung-uk KimEVP_PKEY_CTX_set1_scrypt_salt() sets the B<saltlen> bytes long salt
35e71b7053SJung-uk Kimvalue.
36e71b7053SJung-uk Kim
37e71b7053SJung-uk KimEVP_PKEY_CTX_set_scrypt_N(), EVP_PKEY_CTX_set_scrypt_r() and
38e71b7053SJung-uk KimEVP_PKEY_CTX_set_scrypt_p() configure the work factors N, r and p.
39e71b7053SJung-uk Kim
40e71b7053SJung-uk KimEVP_PKEY_CTX_set_scrypt_maxmem_bytes() sets how much RAM key
41e71b7053SJung-uk Kimderivation may maximally use, given in bytes.
42e71b7053SJung-uk KimIf RAM is exceeded because the load factors are chosen too high, the
43e71b7053SJung-uk Kimkey derivation will fail.
44e71b7053SJung-uk Kim
45e71b7053SJung-uk Kim=head1 STRING CTRLS
46e71b7053SJung-uk Kim
47e71b7053SJung-uk Kimscrypt also supports string based control operations via
48e71b7053SJung-uk KimL<EVP_PKEY_CTX_ctrl_str(3)>.
49e71b7053SJung-uk KimSimilarly, the B<salt> can either be specified using the B<type>
50e71b7053SJung-uk Kimparameter "salt" or in hex encoding by using the "hexsalt" parameter.
51e71b7053SJung-uk KimThe work factors B<N>, B<r> and B<p> as well as B<maxmem_bytes> can be
52e71b7053SJung-uk Kimset by using the parameters "N", "r", "p" and "maxmem_bytes",
53e71b7053SJung-uk Kimrespectively.
54e71b7053SJung-uk Kim
55e71b7053SJung-uk Kim=head1 NOTES
56e71b7053SJung-uk Kim
57*b077aed3SPierre ProncheryThere is a newer generic API for KDFs, L<EVP_KDF(3)>, which is
58*b077aed3SPierre Proncherypreferred over the EVP_PKEY method.
59*b077aed3SPierre Pronchery
60e71b7053SJung-uk KimThe scrypt KDF also uses EVP_PKEY_CTX_set1_pbe_pass() as well as
61e71b7053SJung-uk Kimthe value from the string controls "pass" and "hexpass".
62e71b7053SJung-uk KimSee L<EVP_PKEY_CTX_set1_pbe_pass(3)>.
63e71b7053SJung-uk Kim
64e71b7053SJung-uk Kim=head1 RETURN VALUES
65e71b7053SJung-uk Kim
66e71b7053SJung-uk KimAll these functions return 1 for success and 0 or a negative value for
67e71b7053SJung-uk Kimfailure.
68e71b7053SJung-uk KimIn particular a return value of -2 indicates the operation is not
69e71b7053SJung-uk Kimsupported by the public key algorithm.
70e71b7053SJung-uk Kim
71e71b7053SJung-uk Kim=head1 SEE ALSO
72e71b7053SJung-uk Kim
73*b077aed3SPierre ProncheryL<EVP_KDF(3)>
74e71b7053SJung-uk KimL<EVP_PKEY_CTX_new(3)>,
75e71b7053SJung-uk KimL<EVP_PKEY_CTX_ctrl_str(3)>,
76e71b7053SJung-uk KimL<EVP_PKEY_derive(3)>
77e71b7053SJung-uk Kim
78*b077aed3SPierre Pronchery=head1 HISTORY
79*b077aed3SPierre Pronchery
80*b077aed3SPierre ProncheryAll of the functions described here were converted from macros to functions in
81*b077aed3SPierre ProncheryOpenSSL 3.0.
82*b077aed3SPierre Pronchery
83e71b7053SJung-uk Kim=head1 COPYRIGHT
84e71b7053SJung-uk Kim
85*b077aed3SPierre ProncheryCopyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
86e71b7053SJung-uk Kim
87*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License").  You may not use
88e71b7053SJung-uk Kimthis file except in compliance with the License.  You can obtain a copy
89e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at
90e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>.
91e71b7053SJung-uk Kim
92e71b7053SJung-uk Kim=cut
93