On Mon, 7 Jan 2002, Mack Stevenson wrote: > Hi Bear, > > Thank you for replying. > > > > > - I gather that it's a bad idea to just encrypt all the files with the > > > passphrase chosen by the user, right? > > > >You don't use the passphrase *directly*, but you should certainly > >use the user's passphrase. Run it through a cryptographic hash > >and use the results as your encryption key. > > Can I use either the SHA or RIPEMD-160 hashes from openssl for this purpose?
You should use the PBE (Password Based Encryption) routines instead of hashing directly. They are based on PKCS#5 (1.5 and 2.0) and PKCS#12. You can take a look at my EVP tutorial (sorry but i don't know any other :-P)... http://spisa.act.uji.es/~juan/tutoriales/openssl/evp/ Unfortunately by now it's in spanish, but the code could help you. Hope you can find it useful. Juan. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
