Enclosed the patch for openssl version 1.0.1f which I mentioned in the email below to openssl-dev
Jonathan Buhacoff > ---------- Original Message ---------- > From: "jonat...@buhacoff.net" <jonat...@buhacoff.net> > To: openssl-dev@openssl.org > Date: January 21, 2014 at 3:12 AM > Subject: Re: OpenSSL support for RFC2898 / PBKDF2 > > Oops I meant 1.0.1f not 1.0.0l but I don't mind doing both. My work is > currently against 1.0.1e. > > Jonathan > > > On January 21, 2014 at 3:04 AM "jonat...@buhacoff.net" > > <jonat...@buhacoff.net> > > wrote: > > > > > > Hi everyone, in my application I have a need for using PBKDF2 and an > > iteration > > count > 1 and it's not possible to specify either of these on the enc > > command > > line as of 1.0.1e. > > > > I found an old thread from 2008 where Marek Marcola provided an example of > > how > > to use the PKCS5_PBKDF2_HMAC_SHA1 function: > > http://www.mail-archive.com/openssl-users@openssl.org/msg54143.html > > > > I added two arguments to the enc command: > > > > -pbkdf2 use PBKDF2 > > -c iteration count (default 1) > > > > Using -c by itself specifies an iteration count for EVP_BytesToKey, and > > using > > -c > > together with -pbkdf2 specifies an iteration count for PKCS5_PBKDF2_HMAC. > > When > > using -pbkdf2, the digest selected by -md is used. > > > > Anyone using the enc command without the new options would not be affected. > > > > I would like to submit the patch. I would I re-do it against 1.0.0l before > > submitting. > > > > Does this look ok? > > > > Jonathan > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager majord...@openssl.org
openssl-1.0.1f.pbkdf2.src.patch
Description: Binary data
