wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
23953 commits 20 branches 302 tags 153 MiB
Commit graph

2 commits

Author SHA1 Message Date
Shane Lontis
f0efeea29e PBKDF2 updates to conform to SP800-132 
The existing code used PKCS5 specifications.
SP800-132 adds the following additional constraints for:
  - the range of the key length.
  - the minimum iteration count (1000 recommended).
  - salt length (at least 128 bits).
These additional constraints may cause errors (in scrypt, and
some PKCS5 related test vectors). To disable the new
constraints use the new ctrl string "pkcs5".
For backwards compatability, the checks are only enabled by
default for fips mode.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8868)
 2019-06-11 20:40:07 +10:00
David Makepeace
5a285addbf Added new EVP/KDF API. 
Changed PKEY/KDF API to call the new API.
Added wrappers for PKCS5_PBKDF2_HMAC() and EVP_PBE_scrypt() to call the new EVP KDF APIs.
Documentation updated.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6674)
 2019-02-13 12:11:49 +01:00