As I acknowledged in my prev email, I had a coding error and once
corrected, I confirm that c/OpenSSL is able to decrypt the ciphertext
that's generated by Java using PKCS5.
I may be dumb, but not an ingrate.
The help I got on this forum is incredible - so fast, so thorough.
I appreciate it all.
On Sat, Apr 26, 2014 at 4:58 PM, Tom Francis <thomas.francis...@pobox.com>wrote:
>
>
> On Apr 26, 2014, at 6:25 PM, Anant Rao <a...@noknok.com> wrote:
>
> Hi,
>
> I see the doc. But, I'm afraid to say my question is still unanswered. Is
> this function (PKCS5_PBKDF2_HMAC) supposed to generate same or diff
> output over multiple calls with the same input? I see the latter and I want
> to know what, if any, I'm doing incorrect.
>
>
> Yes, the PBKDF2 implementation will output a consistent key with the same
> inputs. It would be rather pointless otherwise. :). It will also output the
> same key as the Java implementation it they have matching inputs (I write
> from experience here). If you post your code (more than just the actual
> call) for both, someone can tell what's wrong.
>
> Thanks a lot for your help/favor!
> Anant
>
>
> On Sat, Apr 26, 2014 at 2:12 PM, Matt Caswell <fr...@baggins.org> wrote:
>
>> On 26 April 2014 20:38, Jeffrey Walton <noloa...@gmail.com> wrote:
>> > On Sat, Apr 26, 2014 at 3:18 PM, Anant Rao <a...@noknok.com> wrote:
>> >> I'm doing password encryption (and decryption) in Java. I need to port
>> this
>> >> to C.
>> >> In Java, I'm doing this:
>> >>
>> >> PBEKeySpec ("somepassphrase", some_salt, some iterations, 128
>> >> /*key_length*/);
>> >> Algorithm is "PBKDF2WithHmacSHA1"
>> >>
>> >> If I generate a secret key with the above data, I get the same output
>> with
>> >> multiple runs of the program.
>> >>
>> >> In C, I tried doing something similar using OpenSSL:
>> >>
>> >> EVP_BytesToKey(EVP_aes_128_cbc(), EVP_sha1(), salt, passphrase,
>> >> strlen(passphrase), nrounds, key, NULL /*iv*/);
>> > How about PKCS5_PBKDF2_HMAC?
>> >
>> > There are no docs on it, but a patch is sitting in RT at
>> >
>> https://rt.openssl.org/Ticket/Display.html?id=3293&user=guest&pass=guest.
>> > Download the POD file and open it with a text editor.
>> >
>>
>> This is now in git:
>>
>>
>> http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6bcc4475fcdb2ea5daae80cbb2a5a5fcf677ac23
>>
>> Matt
>> ______________________________________________________________________
>> OpenSSL Project http://www.openssl.org
>> User Support Mailing List openssl-users@openssl.org
>> Automated List Manager majord...@openssl.org
>>
>
>
>
> --
>
> *Anant* *Rao*
> Server Lead
> D / a...@noknok.com
>
> *Nok Nok Labs Inc.*
> 4151 Middlefield Road, Suite 200
> Palo Alto, CA 94303
> T +1 650 433 1300
> i...@noknok.com
>
> *www.noknok.com* <http://www.noknok.com>
>
>
>
>
> <http://www.linkedin.com/company/nok-nok-labs>
> <http://www.twitter.com/noknoklabs>
> <https://plus.google.com/108217184383559859585>
> <http://www.facebook.com/NokNokLabs>
>
>
--
*Anant* *Rao*
Server Lead
D / a...@noknok.com
*Nok Nok Labs Inc.*
4151 Middlefield Road, Suite 200
Palo Alto, CA 94303
T +1 650 433 1300
i...@noknok.com
*www.noknok.com* <http://www.noknok.com>
<http://www.linkedin.com/company/nok-nok-labs>
<http://www.twitter.com/noknoklabs>
<https://plus.google.com/108217184383559859585>
<http://www.facebook.com/NokNokLabs>
