I should have added that modifying PEM_ASN1_write_bio to use the PKCS #5-generated IV, not the salt as the IV, would cause problems reading encrypted files written prior to this change. So I should have really asked, "Is there any value in complying with PKCS #5?"
Frank ---------------------------------------- Message History ---------------------------------------- From: "Frank Balluffi" <[EMAIL PROTECTED]>@openssl.org on 05/31/2002 03:14 PM AST Please respond to [EMAIL PROTECTED] DELEGATED - Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: PEM_ASN1_write_bio: PKCS #5 compliance PEM_ASN1_write_bio calls RAND_pseudo_bytes to generate iv, skipping the message digesting process described in section 6.1 of PKCS #5, which EVP_BytesToKey optionally supports. Should PEM_ASN1_write_bio be modified to get its iv via EVP_BytesToKey's last argument? Thanks. Frank -- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] -- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
