Cryptokit.KDSourcekdf1 hash ?otherinfo secret len derives a key of length len bytes from the given secret. The optional otherinfo parameter defaults to the empty string but can be given other values to derive multiple keys from the same secret. hash is the hash function used for derivation. Cryptokit.Hash.sha1 and Cryptokit.Hash.sha256 are popular choices. The derivation algorithm used is KDF1 from ISO-18033-2.
Like kdf1, but uses algorithm KDF2 from ISO-18033-2.
Like kdf1, but uses algorithm KDF from NIST SP800-56A, which is algorithm KDF3 from ISO-18033-2 with the pAmt parameter equal to 4.
pbkdf2 hash password salt count len derives a key of length len bytes for the given password and the given salt. hash is a MAC / keyed hash function such as Cryptokit.MAC.hmac_sha1. The password is used as the key to the hash function. The hash function is iterated count times in order to increase the running time of pbkdf2. For example, WPA2 uses pbkdf2 MAC.hacm_sha1 passphrase ssid 4096 256.