openssl

wbrawner/openssl

Fork 0

Commit graph

Author	SHA1	Message	Date
Shane Lontis	f0efeea29e	PBKDF2 updates to conform to SP800-132 The existing code used PKCS5 specifications. SP800-132 adds the following additional constraints for: - the range of the key length. - the minimum iteration count (1000 recommended). - salt length (at least 128 bits). These additional constraints may cause errors (in scrypt, and some PKCS5 related test vectors). To disable the new constraints use the new ctrl string "pkcs5". For backwards compatability, the checks are only enabled by default for fips mode. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8868)	2019-06-11 20:40:07 +10:00
Simo Sorce	4679345149	Change the digest string from "md" to "digest" Conform to other modules which were changed at the last minute and this discrepancy was not noticed. Retain "md" as an alias so not to break 3rd party backports/tests scripts. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/8783)	2019-05-03 23:47:43 +02:00
Shane Lontis	c54492ecf8	Added app for EVP_KDF Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8762)	2019-04-24 11:56:47 +02:00

Author

SHA1

Message

Date

Shane Lontis

f0efeea29e

PBKDF2 updates to conform to SP800-132

The existing code used PKCS5 specifications.
SP800-132 adds the following additional constraints for:
  - the range of the key length.
  - the minimum iteration count (1000 recommended).
  - salt length (at least 128 bits).
These additional constraints may cause errors (in scrypt, and
some PKCS5 related test vectors). To disable the new
constraints use the new ctrl string "pkcs5".
For backwards compatability, the checks are only enabled by
default for fips mode.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8868)

2019-06-11 20:40:07 +10:00

Simo Sorce

4679345149

Change the digest string from "md" to "digest"

Conform to other modules which were changed at the last minute and this
discrepancy was not noticed.
Retain "md" as an alias so not to break 3rd party backports/tests scripts.

Signed-off-by: Simo Sorce <simo@redhat.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8783)

2019-05-03 23:47:43 +02:00

Shane Lontis

c54492ecf8

Added app for EVP_KDF

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8762)

2019-04-24 11:56:47 +02:00

3 commits