Hello,
> Given a password,salt and iteration count how can I generate a PKCS5V2
> key using SHA1?
>
> It would be helpful if somebody can give a pointer to an example using
> openssl .
Use PKCS5_PBKDF2_HMAC_SHA1(), example attached.
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
#include <string.h>
#include <openssl/x509.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
int print_hex(unsigned char *buf, int len)
{
int i;
int n;
for(i=0,n=0;i<len;i++){
if(n > 7){
printf("\n");
n = 0;
}
printf("0x%02x, ",buf[i]);
n++;
}
printf("\n");
return(0);
}
int main()
{
char *pass = "password";
char *salt = "12340000";
int ic = 1;
unsigned char buf[1024];
ic = 1;
PKCS5_PBKDF2_HMAC_SHA1(pass, strlen(pass), (unsigned char*)salt, strlen(salt), ic, 32+16, buf);
printf("PKCS5_PBKDF2_HMAC_SHA1(\"%s\", \"%s\", %d)=\n", pass, salt, ic);
print_hex(buf, 32+16);
ic = 1;
EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(), (unsigned char*)salt, (unsigned char*)pass, strlen(pass), ic, buf, buf+32);
printf("EVP_BytesToKey(\"%s\", \"%s\", %d)=\n", pass, salt, ic);
print_hex(buf, 32+16);
return(0);
}
