cryptography-core/dev.whyoleg.cryptography.algorithms/PBKDF2

PBKDF2

@SubclassOptInRequired(markerClass = [CryptographyProviderApi::class])
interface PBKDF2 : CryptographyAlgorithm(source)

Password-Based Key Derivation Function 2 (PBKDF2) as defined in RFC 8018.

PBKDF2 derives cryptographic keys from passwords by repeatedly applying a pseudorandom function. The iteration count controls the computational cost, making brute-force attacks more expensive. A random salt prevents precomputed rainbow table attacks.

val derivation = provider.get(PBKDF2).secretDerivation(SHA256, iterations = 210_000, outputSize = 32.bytes, salt = salt)
val derivedKey = derivation.deriveSecret(password)
Content copied to clipboard

For deriving keys from already-strong keying material, see HKDF.

Types

Link copied to clipboard

Properties

Link copied to clipboard
open override val id: CryptographyAlgorithmId<PBKDF2>

The typed identifier that uniquely distinguishes this algorithm and is used to look it up from a CryptographyProvider.

Functions

Link copied to clipboard
abstract fun secretDerivation(digest: CryptographyAlgorithmId<Digest>, iterations: Int, outputSize: BinarySize, salt: ByteArray): SecretDerivation
open fun secretDerivation(digest: CryptographyAlgorithmId<Digest>, iterations: Int, outputSize: BinarySize, salt: ByteString): SecretDerivation

Returns a SecretDerivation that derives secrets of the given outputSize from a password using the digest hash function over iterations HMAC rounds.

Generated by Dokka
© 2026 Copyright