Well I discovered one thing this constant EVP_MAX_KEY_LENGTH changed when using FIPS from 32 to 64. The story is
I am using 0.9.8 and this constant to assure the password a person may use by a user is not larger than this for AES128 ciphering as undetermined results happen on other platforms in other words I may cipher a file on one platform and decipher on another and if my key I used was greater than this constant I have issues (it don't work). Well makes sense there is a limit in password size. Well I was on Redhat linux and it had 1.0.x openssl and I had to define FIPS to use an ECDSA curve I was using to sign things. This constant EVP_MAX_KEY_LENGTH changed in size and when a user decided to use their password which was well above 32 bytes it accepted all of it and tried to use it to decipher something that had been ciphered a while back; well it did not work. So we have our own constant now and only accept passwords that are 32 bytes long though you can type in as much as you want we will only use 32 bytes. Also I hope the openssl 1.0.x is on all platforms including iOS. Well thats my experience. -- View this message in context: http://openssl.6102.n7.nabble.com/0-9-8-vs-1-0-x-tp44547p44549.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
