@@ -1480,13 +1480,40 @@ Interface
14801480 supplied password.
14811481 :return: The new key.
14821482 :raises cryptography.exceptions.AlreadyFinalized: This is raised when
1483- :meth: `derive ` or
1483+ :meth: `derive `,
1484+ :meth: `derive_into `, or
14841485 :meth: `verify ` is
14851486 called more than
14861487 once.
14871488
14881489 This generates and returns a new key from the supplied key material.
14891490
1491+ .. method :: derive_into(key_material, buffer)
1492+
1493+ .. versionadded :: 47.0.0
1494+
1495+ :param key_material: The input key material. Depending on what
1496+ key derivation function you are using this
1497+ could be either random bytes, or a user
1498+ supplied password.
1499+ :type key_material: :term: `bytes-like `
1500+ :param buffer: A writable buffer to write the derived key into.
1501+ :return int: the number of bytes written to the buffer.
1502+ :raises ValueError: This exception is raised if the buffer length does
1503+ not match the expected key length.
1504+ :raises TypeError: This exception is raised if ``key_material `` or
1505+ ``buffer `` is not ``bytes ``.
1506+ :raises cryptography.exceptions.AlreadyFinalized: This is raised when
1507+ :meth: `derive `,
1508+ :meth: `derive_into `, or
1509+ :meth: `verify ` is
1510+ called more than
1511+ once.
1512+
1513+ This generates a new key from the supplied key material and writes it
1514+ directly into the provided buffer. This is useful when you want to
1515+ avoid allocating new memory for the derived key.
1516+
14901517 .. method :: verify(key_material, expected_key)
14911518
14921519 :param bytes key_material: The input key material. This is the same as
@@ -1498,7 +1525,8 @@ Interface
14981525 derived key does not match
14991526 the expected key.
15001527 :raises cryptography.exceptions.AlreadyFinalized: This is raised when
1501- :meth: `derive ` or
1528+ :meth: `derive `,
1529+ :meth: `derive_into `, or
15021530 :meth: `verify ` is
15031531 called more than
15041532 once.
0 commit comments