diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2019-05-03 13:04:58 +1000 |
|---|---|---|
| committer | Shane Lontis <shane.lontis@oracle.com> | 2019-06-11 20:40:07 +1000 |
| commit | f0efeea29eca6e528a976f62ae2422eee34ea0eb (patch) | |
| tree | 468ae2e94d4aaf2cd9bc2972d97f447117da68af /crypto/evp/p5_crpt2.c | |
| parent | 83b4a24384e62ed8cf91f51bf9a303f98017e13e (diff) | |
PBKDF2 updates to conform to SP800-132
The existing code used PKCS5 specifications.
SP800-132 adds the following additional constraints for:
- the range of the key length.
- the minimum iteration count (1000 recommended).
- salt length (at least 128 bits).
These additional constraints may cause errors (in scrypt, and
some PKCS5 related test vectors). To disable the new
constraints use the new ctrl string "pkcs5".
For backwards compatability, the checks are only enabled by
default for fips mode.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8868)
Diffstat (limited to 'crypto/evp/p5_crpt2.c')
| -rw-r--r-- | crypto/evp/p5_crpt2.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index c231a32c05..a7d4cafaf9 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -40,6 +40,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, if (kctx == NULL) return 0; if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, pass, (size_t)passlen) != 1 + || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE, 1) != 1 || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt, (size_t)saltlen) != 1 || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, iter) != 1 |