mirror of
https://github.com/openssl/openssl.git
synced 2024-11-21 01:15:20 +08:00
f0efeea29e
The existing code used PKCS5 specifications. SP800-132 adds the following additional constraints for: - the range of the key length. - the minimum iteration count (1000 recommended). - salt length (at least 128 bits). These additional constraints may cause errors (in scrypt, and some PKCS5 related test vectors). To disable the new constraints use the new ctrl string "pkcs5". For backwards compatability, the checks are only enabled by default for fips mode. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8868) |
||
---|---|---|
.. | ||
build.info | ||
hkdf.c | ||
kdf_err.c | ||
kdf_local.h | ||
kdf_util.c | ||
pbkdf2.c | ||
scrypt.c | ||
sshkdf.c | ||
sskdf.c | ||
tls1_prf.c |