Enclosed the patch for openssl version 1.0.0l which I mentioned in the email below to openssl-dev
Note this is not a duplicate of my previous email, it's a patch against a different version Jonathan Buhacoff > ---------- Original Message ---------- > From: "[email protected]" <[email protected]> > To: [email protected] > Date: January 21, 2014 at 3:12 AM > Subject: Re: OpenSSL support for RFC2898 / PBKDF2 > > Oops I meant 1.0.1f not 1.0.0l but I don't mind doing both. My work is > currently against 1.0.1e. > > Jonathan > > > On January 21, 2014 at 3:04 AM "[email protected]" > > <[email protected]> > > wrote: > > > > > > Hi everyone, in my application I have a need for using PBKDF2 and an > > iteration > > count > 1 and it's not possible to specify either of these on the enc > > command > > line as of 1.0.1e. > > > > I found an old thread from 2008 where Marek Marcola provided an example of > > how > > to use the PKCS5_PBKDF2_HMAC_SHA1 function: > > http://www.mail-archive.com/[email protected]/msg54143.html > > > > I added two arguments to the enc command: > > > > -pbkdf2 use PBKDF2 > > -c iteration count (default 1) > > > > Using -c by itself specifies an iteration count for EVP_BytesToKey, and > > using > > -c > > together with -pbkdf2 specifies an iteration count for PKCS5_PBKDF2_HMAC. > > When > > using -pbkdf2, the digest selected by -md is used. > > > > Anyone using the enc command without the new options would not be affected. > > > > I would like to submit the patch. I would I re-do it against 1.0.0l before > > submitting. > > > > Does this look ok? > > > > Jonathan > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [email protected] > Automated List Manager [email protected]
openssl-1.0.0l.pbkdf2.src.patch
Description: Binary data
