PBKDF2 source code

Password-Based Key Derivation Function 2

The source code for PBFDK2 in C, also called the Password-Based Key Derivation Function 2, is part of PKCS#5 v2.0 and defined in RFC2898. This source code is part of the PolarSSL library and represents the most current version in the trunk of the library.
Download PolarSSL

The full standard for PBKDF2 is described in the RFC2898.

The code has a dependency on config.h in the pbkdf2.c source code file and on md.h in the pbkdf2.h header file. You can remove the inclusion of config.h or just create a simple header file to define one or more of the configuration options that the PBKDF2 source code has. In addition md.h depends on the hashing functions you intend to use within PBKDF2.

Full documentation on the PBKDF2 source code can be found in the API documentation for the PBKDF2.

You can also download it as part of the latest release of PolarSSL.

Header - pbkdf2.h

The pbkdf2.h header can also be found in the trunk on: pbkdf2.h.

/**
 * \file pbkdf2.h
 *
 * \brief Password-Based Key Derivation Function 2 (from PKCS#5)
 *        DEPRECATED: use pkcs5.h instead.
 *
 * \author Mathias Olsson <mathias@kompetensum.com>
 *
 *  Copyright (C) 2006-2012, Brainspark B.V.
 *
 *  This file is part of PolarSSL (http://www.polarssl.org)
 *  Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
 *
 *  All rights reserved.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License along
 *  with this program; if not, write to the Free Software Foundation, Inc.,
 *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#ifndef POLARSSL_PBKDF2_H
#define POLARSSL_PBKDF2_H

#include <string.h>

#include "md.h"

#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif

#define POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA                 -0x007C  /**< Bad input parameters to function. */

#ifdef __cplusplus
extern "C" {
#endif

/**
 * \brief          PKCS#5 PBKDF2 using HMAC
 *                 DEPRECATED: Use pkcs5_pbkdf2_hmac() instead!
 *
 * \param ctx      Generic HMAC context
 * \param password Password to use when generating key
 * \param plen     Length of password
 * \param salt     Salt to use when generating key
 * \param slen     Length of salt
 * \param iteration_count       Iteration count
 * \param key_length            Length of generated key
 * \param output   Generated key. Must be at least as big as key_length
 *
 * \returns        0 on success, or a PolarSSL error code if verification fails.
 */
int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password,
                 size_t plen, const unsigned char *salt, size_t slen,
                 unsigned int iteration_count,
                 uint32_t key_length, unsigned char *output );

/**
 * \brief          Checkup routine
 *                 DEPRECATED: Use pkcs5_self_test() instead!
 *
 * \return         0 if successful, or 1 if the test failed
 */
int pbkdf2_self_test( int verbose );

#ifdef __cplusplus
}
#endif

#endif /* pbkdf2.h */

Source - pbkdf2.c

The pbkdf2.c source code can also be found in the trunk on: pbkdf2.c.

/**
 * \file pbkdf2.c
 *
 * \brief Password-Based Key Derivation Function 2 (from PKCS#5)
 *        DEPRECATED: Use pkcs5.c instead
 *
 * \author Mathias Olsson <mathias@kompetensum.com>
 *
 *  Copyright (C) 2006-2012, Brainspark B.V.
 *
 *  This file is part of PolarSSL (http://www.polarssl.org)
 *  Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
 *
 *  All rights reserved.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License along
 *  with this program; if not, write to the Free Software Foundation, Inc.,
 *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
/*
 * PBKDF2 is part of PKCS#5
 *
 * http://tools.ietf.org/html/rfc2898 (Specification)
 * http://tools.ietf.org/html/rfc6070 (Test vectors)
 */

#include "polarssl/config.h"

#if defined(POLARSSL_PBKDF2_C)

#include "polarssl/pbkdf2.h"
#include "polarssl/pkcs5.h"

int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, size_t plen,
                 const unsigned char *salt, size_t slen,
                 unsigned int iteration_count,
                 uint32_t key_length, unsigned char *output )
{
    return pkcs5_pbkdf2_hmac( ctx, password, plen, salt, slen, iteration_count,
                              key_length, output );
}

#if defined(POLARSSL_SELF_TEST)
int pbkdf2_self_test( int verbose )
{
    return pkcs5_self_test( verbose );
}
#endif /* POLARSSL_SELF_TEST */

#endif /* POLARSSL_PBKDF2_C */