Charon.Utils.KeyGenerator (Charon v4.2.0)

View Source

Derive a key from a base secret using PBKDF2.

Summary

Types

opts()

Functions

derive_key(base_secret, salt, opts \\ [])

Derive a new key from base_secret using salt.

Types

opts()

@type opts() :: [
  length: pos_integer(),
  iterations: pos_integer(),
  digest: :sha | :sha224 | :sha256 | :sha384 | :sha512,
  log: false | :debug | :info | :warning | :error
]

Functions

derive_key(base_secret, salt, opts \\ [])

@spec derive_key(binary(), binary(), opts()) :: binary()

Derive a new key from base_secret using salt.

Options

  • :length key length in bytes, default 32 (256 bits)
  • :iterations hash iterations to derive new key, default 250_000
  • :digest hashing algorithm used as pseudo-random function, default :sha256
  • :log log level for this operation (default :warning), or false to disable logging. Logging helps identify call sites that may need caching after the v4 breaking change removed the built-in cache.

Doctests

iex> derive_key("secret", "salt", length: 5, iterations: 1)
<<56, 223, 66, 139, 48>>