From 36cf2f0ff6da245b7f1d705bc516da5ef775eeeb Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Fri, 9 Dec 2016 20:16:59 +0900
Subject: kdf: introduce OpenSSL::KDF module

Introduce a new OpenSSL::KDF module as a namespace for to-be-added
KDFs. This makes it easier to add new KDFs in future.

We already have a stand-alone KDF, OpenSSL::PKCS5.pbkdf2_hmac. This is
migrated to the new namespace. The backwards compatibility is retained
by the method defined in the newly added lib/openssl/pkcs5.rb.
---
 lib/openssl.rb       |  1 +
 lib/openssl/pkcs5.rb | 22 ++++++++++++++++++++++
 2 files changed, 23 insertions(+)
 create mode 100644 lib/openssl/pkcs5.rb

(limited to 'lib')

diff --git a/lib/openssl.rb b/lib/openssl.rb
index 26d167a9..09142829 100644
--- a/lib/openssl.rb
+++ b/lib/openssl.rb
@@ -19,3 +19,4 @@ require 'openssl/config'
 require 'openssl/digest'
 require 'openssl/x509'
 require 'openssl/ssl'
+require 'openssl/pkcs5'
diff --git a/lib/openssl/pkcs5.rb b/lib/openssl/pkcs5.rb
new file mode 100644
index 00000000..959447df
--- /dev/null
+++ b/lib/openssl/pkcs5.rb
@@ -0,0 +1,22 @@
+# frozen_string_literal: false
+#--
+# Ruby/OpenSSL Project
+# Copyright (C) 2017 Ruby/OpenSSL Project Authors
+#++
+
+module OpenSSL
+  module PKCS5
+    module_function
+
+    # OpenSSL::PKCS5.pbkdf2_hmac has been renamed to OpenSSL::KDF.pbkdf2_hmac.
+    # This method is provided for backwards compatibility.
+    def pbkdf2_hmac(pass, salt, iter, keylen, digest)
+      OpenSSL::KDF.pbkdf2_hmac(pass, salt: salt, iterations: iter,
+                               length: keylen, hash: digest)
+    end
+
+    def pbkdf2_hmac_sha1(pass, salt, iter, keylen)
+      pbkdf2_hmac(pass, salt, iter, keylen, "sha1")
+    end
+  end
+end
-- 
cgit v1.2.3