module JOSE::JWA::PBES2

Overview

PBES2 key derivation for PBES2-HS256+A128KW, PBES2-HS384+A192KW, and PBES2-HS512+A256KW per RFC 7518 §4.8.

The PBKDF2 salt is constructed as UTF8(alg) || 0x00 || p2s where p2s is the raw salt-input bytes (decoded from the header's base64url p2s field). The HMAC digest and output key length depend on the algorithm:

PBES2-HS256+A128KW — SHA-256, 16-byte key
PBES2-HS384+A192KW — SHA-384, 24-byte key
PBES2-HS512+A256KW — SHA-512, 32-byte key

Defined in:

jose/jwa/pbes2.cr

Class Method Summary

.derive_key(password_bytes : Bytes, alg : String, p2s : Bytes, iterations : Int32) : Bytes
Derives a key-encryption key (KEK) from password_bytes using PBKDF2-HMAC with the parameters encoded in alg.

Class Method Detail

def self.derive_key(password_bytes : Bytes, alg : String, p2s : Bytes, iterations : Int32) : Bytes #

Derives a key-encryption key (KEK) from password_bytes using PBKDF2-HMAC with the parameters encoded in alg.

p2s is the raw (decoded) salt input — the algorithm prefix is prepended internally. iterations maps to p2c in the JWE header.

[View source]