Hi everyone, in my application I have a need for using PBKDF2 and an iteration count > 1 and it's not possible to specify either of these on the enc command line as of 1.0.1e. I found an old thread from 2008 where Marek Marcola provided an example of how to use the PKCS5_PBKDF2_HMAC_SHA1 function: http://www.mail-archive.com/openssl-users@openssl.org/msg54143.html I added two arguments to the enc command:
-pbkdf2 use PBKDF2 -c iteration count (default 1) Using -c by itself specifies an iteration count for EVP_BytesToKey, and using -c together with -pbkdf2 specifies an iteration count for PKCS5_PBKDF2_HMAC. When using -pbkdf2, the digest selected by -md is used. Anyone using the enc command without the new options would not be affected. I would like to submit the patch. I would I re-do it against 1.0.0l before submitting. Does this look ok? Jonathan ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
