View Source Charon.Utils.KeyGenerator (Charon v3.2.0)

Derive a key from a base secret using PBKDF2.

Summary

Types

opts()

Functions

derive_key(base_secret, salt, opts \\ [])

Derive a new key from base_secret using salt. The result is cached using :persistent_term with key Elixir.Charon.Utils.KeyGenerator.

Types

opts()

@type opts() :: [
  length: pos_integer(),
  iterations: pos_integer(),
  digest: :sha | :sha224 | :sha256 | :sha384 | :sha512
]

Functions

derive_key(base_secret, salt, opts \\ [])

@spec derive_key(binary(), binary(), opts()) :: binary()

Derive a new key from base_secret using salt. The result is cached using :persistent_term with key Elixir.Charon.Utils.KeyGenerator.

Options

:length key length in bytes, default 32 (256 bits)
:iterations hash iterations to derive new key, default 250_000
:digest hashing algorithm used as pseudo-random function, default :sha256

Doctests

iex> derive_key("secret", "salt", length: 5, iterations: 1)
<<56, 223, 66, 139, 48>>

# key is returned from cache based on function args
iex> :persistent_term.put(KeyGenerator, %{{"secret", "salt", [length: 5, iterations: 1]} => "supersecret"})
iex> derive_key("secret", "salt", length: 5, iterations: 1)
"supersecret"