Reputation: 195
Clarifying the EVP_BytesToKey() function in OpenSSL
I'm looking at this page: http://www.openssl.org/docs/crypto/EVP_BytesToKey.html
There, it says the following:
If the total key and IV length is less than the digest length and MD5 is used then the derivation algorithm is compatible with PKCS#5 v1.5 otherwise a non standard extension is used to derive the extra data.
I'm using the AES-256-CBC cipher and MD5. What does that tell me judging from the above excerpt? Does it mean that I'm compatible with PKCS#5 v1.5, or does it mean that it's using some non-standard things?
Upvotes: 0
Views: 3812
Answers (1)
Reputation: 41958
It means what it says. PKCS5 version 1.5 assumes that the number of key bytes plus the number of IV bytes is less than or equal to the size of the hash function output. PKCS5 version version 2 fixes these issues but it came out after the EVP_BytesToKey function was defined, so EVP_BytesToKey generates key bytes for larger key size in a non-standard way.
OpenSSL 1.1.0c changed the digest algorithm used in some internal components. Formerly, MD5 was used, and 1.1.0 switched to SHA256. Be careful the change is not affecting you in both EVP_BytesToKey and commands like openssl enc.
Upvotes: 5
Related Questions
- Openssl C API "EVP_BytesToKey()" returns wrong key and iv when used
- Purpose of EVP_EncryptFinal_ex function in OpenSSL
- How to decrypt using openssl EVP?
- What does OpenSSL's EVP mean?
- What is the ENGINE in OpenSSL and what is it used for?
- EVP_BytesToKey implementation in PHP
- EVP_PKEY_keygen() generate key pair into a string?
- Working with EVP and OpenSSL, coding in C
- OpenSSL using EVP vs. algorithm API for symmetric crypto
- OpenSSL EVP AES/DES Encryption Implementation