root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
37,099 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
slontis 3859a02725 Change PBES2 KDF default salt length to 16 bytes. 
The PKCS5 (RFC 8018) standard uses a 64 bit salt length for PBE, and
recommends a minimum of 64 bits for PBES2. For FIPS compliance PBKDF2
requires a salt length of 128 bits.
This affects OpenSSL command line applications such as "genrsa" and "pkcs8"
and API's such as PEM_write_bio_PrivateKey() that are reliant on the
default salt length.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21858)
 2023-09-04 14:15:34 +10:00
Jon Spillett 8bb6fdfc99 Added PKCS5_PBE_keyivgen_ex() to allow PBKDF1 algorithms to be fetched for a specific library context 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14326)
 2021-05-24 15:21:25 +10:00
Jon Spillett 0f183675b8 Add PBKDF1 to the legacy provider 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14326)
 2021-05-24 15:21:25 +10:00
Jon Spillett b536880c45 Add library context and property query support into the PKCS12 API 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14434)
 2021-04-30 09:15:50 +10:00