diff options
author | slontis <shane.lontis@oracle.com> | 2023-08-28 12:47:51 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2023-09-04 14:15:34 +1000 |
commit | 3859a027259b5b571eaf5e8cf4c0704611950c2c (patch) | |
tree | 4abfb601d0be8a7ca2bf0b4032693f01865a3774 /test/recipes/15-test_genrsa.t | |
parent | 61cfc22b60e33bc77b1e1944759af48c8e58f0d2 (diff) |
Change PBES2 KDF default salt length to 16 bytes.
The PKCS5 (RFC 8018) standard uses a 64 bit salt length for PBE, and
recommends a minimum of 64 bits for PBES2. For FIPS compliance PBKDF2
requires a salt length of 128 bits.
This affects OpenSSL command line applications such as "genrsa" and "pkcs8"
and API's such as PEM_write_bio_PrivateKey() that are reliant on the
default salt length.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21858)
Diffstat (limited to 'test/recipes/15-test_genrsa.t')
-rw-r--r-- | test/recipes/15-test_genrsa.t | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/test/recipes/15-test_genrsa.t b/test/recipes/15-test_genrsa.t index fe99f33694..5632efe5fc 100644 --- a/test/recipes/15-test_genrsa.t +++ b/test/recipes/15-test_genrsa.t @@ -25,7 +25,7 @@ my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); plan tests => ($no_fips ? 0 : 5) # Extra FIPS related tests - + 15; + + 16; # We want to know that an absurdly small number of bits isn't support is(run(app([ 'openssl', 'genpkey', '-out', 'genrsatest.pem', @@ -106,6 +106,13 @@ ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])), ok(run(app([ 'openssl', 'rsa', '-in', 'genrsatest.pem', '-out', 'genrsatest-enc.pem', '-aes256', '-passout', 'pass:x' ])), "rsa encrypt"); +# Check the default salt length for PBKDF2 is 16 bytes +# We expect the output to be of the form "0:d=0 hl=2 l= 16 prim: OCTET STRING [HEX DUMP]:FAC7F37508E6B7A805BF4B13861B3687" +# i.e. 2 byte header + 16 byte salt. +ok(run(app(([ 'openssl', 'asn1parse', + '-in', 'genrsatest-enc.pem', + '-offset', '34', '-length', '18']))), + "Check the default size of the PBKDF2 PARAM 'salt length' is 16"); ok(run(app([ 'openssl', 'rsa', '-in', 'genrsatest-enc.pem', '-passin', 'pass:x' ])), "rsa decrypt"); |