pub fn verify(
algorithm: Algorithm,
iterations: NonZeroU32,
salt: &[u8],
secret: &[u8],
previously_derived: &[u8],
) -> Result<(), Unspecified>
Expand description
Verifies that a previously-derived (e.g., using derive
) PBKDF2 value
matches the PBKDF2 value derived from the other inputs.
The comparison is done in constant time to prevent timing attacks. The
comparison will fail if previously_derived
is empty (has a length of
zero).
Parameter | RFC 2898 Section 5.2 Term |
---|---|
digest_alg | PRF (HMAC with the given digest algorithm). |
iterations | c (iteration count) |
salt | S (salt) |
secret | P (password) |
previously_derived | dk (derived key) |
previously_derived.len() | dkLen (derived key length) |
§Errors
error::Unspecified
is the inputs were not verified.
§Panics
verify
panics if previously_derived.len()
is larger than (2**32 - 1) * the digest
algorithm’s output length, per the PBKDF2 specification.