[openssl/openssl] 3859a0: Change PBES2 KDF default salt length to 16 bytes.

Shane noreply at github.com
Mon Sep 4 04:17:15 UTC 2023 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 3859a027259b5b571eaf5e8cf4c0704611950c2c
      https://github.com/openssl/openssl/commit/3859a027259b5b571eaf5e8cf4c0704611950c2c
  Author: slontis <shane.lontis at oracle.com>
  Date:   2023-09-04 (Mon, 04 Sep 2023)

  Changed paths:
    M CHANGES.md
    M crypto/asn1/p5_pbe.c
    M crypto/asn1/p5_pbev2.c
    M crypto/asn1/p5_scrypt.c
    M doc/man3/PKCS5_PBE_keyivgen.pod
    M include/crypto/evp.h
    M test/recipes/15-test_genrsa.t
    M test/recipes/25-test_pkcs8.t

  Log Message:
  -----------
  Change PBES2 KDF default salt length to 16 bytes.

The PKCS5 (RFC 8018) standard uses a 64 bit salt length for PBE, and
recommends a minimum of 64 bits for PBES2. For FIPS compliance PBKDF2
requires a salt length of 128 bits.
This affects OpenSSL command line applications such as "genrsa" and "pkcs8"
and API's such as PEM_write_bio_PrivateKey() that are reliant on the
default salt length.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21858)


  Commit: 9f679bdc71aac83e89cc5aacb42855f3657ace39
      https://github.com/openssl/openssl/commit/9f679bdc71aac83e89cc5aacb42855f3657ace39
  Author: slontis <shane.lontis at oracle.com>
  Date:   2023-09-04 (Mon, 04 Sep 2023)

  Changed paths:
    M apps/pkcs8.c
    M doc/man1/openssl-pkcs8.pod.in
    M test/recipes/25-test_pkcs8.t

  Log Message:
  -----------
  Added a 'saltlen' option to the openssl pkcs8 command line app.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21858)


  Commit: e3994583a1e4bde9a589c379520d216bc0a0c515
      https://github.com/openssl/openssl/commit/e3994583a1e4bde9a589c379520d216bc0a0c515
  Author: slontis <shane.lontis at oracle.com>
  Date:   2023-09-04 (Mon, 04 Sep 2023)

  Changed paths:
    M CHANGES.md
    M apps/enc.c
    M doc/man1/openssl-enc.pod.in
    M test/recipes/20-test_enc.t
    M test/recipes/25-test_pkcs8.t

  Log Message:
  -----------
  Added 'saltlen' option to the OpenSSL enc command line app.

This allows PBKDF2 to change the saltlen to something other than the
new default value of 16. Previously this app hardwired the salt length
to a maximum of 8 bytes. Non PBKDF2 mode uses EVP_BytesToKey()
internally, which is documented to only allow 8 bytes.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21858)


Compare: https://github.com/openssl/openssl/compare/61cfc22b60e3...e3994583a1e4

More information about the openssl-commits mailing list