2 releases
Uses new Rust 2024
| 0.1.0-rc.2 | Apr 8, 2026 |
|---|---|
| 0.1.0-rc.1 | Apr 7, 2026 |
#2706 in Authentication
115KB
2.5K
SLoC
PBES2 password-based encryption algorithms for JWE (RFC 7518 §4.8):
Pbes2Hs256A128Kw, Pbes2Hs384A192Kw, Pbes2Hs512A256Kw.
Derives a key from a password using PBKDF2-HMAC, then wraps a random CEK
with AES Key Wrap. The salt (p2s) and iteration count (p2c) are stored
in the JWE protected header.
no-way-jose-pbes2
PBES2 password-based JWE key management for no-way-jose.
| Algorithm | KDF | Key Wrap |
|---|---|---|
| PBES2-HS256+A128KW | PBKDF2-SHA-256 | AES-128 |
| PBES2-HS384+A192KW | PBKDF2-SHA-384 | AES-192 |
| PBES2-HS512+A256KW | PBKDF2-SHA-512 | AES-256 |
Derives a key encryption key from a password using PBKDF2, then wraps the CEK with AES Key Wrap (RFC 7518 §4.8). #![no_std] compatible.
See the workspace README for JWE examples.
Dependencies
~2.1–3.5MB
~71K SLoC