As I acknowledged in my prev email, I had a coding error and once corrected, I confirm that c/OpenSSL is able to decrypt the ciphertext that's generated by Java using PKCS5.
I may be dumb, but not an ingrate. The help I got on this forum is incredible - so fast, so thorough. I appreciate it all. On Sat, Apr 26, 2014 at 4:58 PM, Tom Francis <thomas.francis...@pobox.com>wrote: > > > On Apr 26, 2014, at 6:25 PM, Anant Rao <a...@noknok.com> wrote: > > Hi, > > I see the doc. But, I'm afraid to say my question is still unanswered. Is > this function (PKCS5_PBKDF2_HMAC) supposed to generate same or diff > output over multiple calls with the same input? I see the latter and I want > to know what, if any, I'm doing incorrect. > > > Yes, the PBKDF2 implementation will output a consistent key with the same > inputs. It would be rather pointless otherwise. :). It will also output the > same key as the Java implementation it they have matching inputs (I write > from experience here). If you post your code (more than just the actual > call) for both, someone can tell what's wrong. > > Thanks a lot for your help/favor! > Anant > > > On Sat, Apr 26, 2014 at 2:12 PM, Matt Caswell <fr...@baggins.org> wrote: > >> On 26 April 2014 20:38, Jeffrey Walton <noloa...@gmail.com> wrote: >> > On Sat, Apr 26, 2014 at 3:18 PM, Anant Rao <a...@noknok.com> wrote: >> >> I'm doing password encryption (and decryption) in Java. I need to port >> this >> >> to C. >> >> In Java, I'm doing this: >> >> >> >> PBEKeySpec ("somepassphrase", some_salt, some iterations, 128 >> >> /*key_length*/); >> >> Algorithm is "PBKDF2WithHmacSHA1" >> >> >> >> If I generate a secret key with the above data, I get the same output >> with >> >> multiple runs of the program. >> >> >> >> In C, I tried doing something similar using OpenSSL: >> >> >> >> EVP_BytesToKey(EVP_aes_128_cbc(), EVP_sha1(), salt, passphrase, >> >> strlen(passphrase), nrounds, key, NULL /*iv*/); >> > How about PKCS5_PBKDF2_HMAC? >> > >> > There are no docs on it, but a patch is sitting in RT at >> > >> https://rt.openssl.org/Ticket/Display.html?id=3293&user=guest&pass=guest. >> > Download the POD file and open it with a text editor. >> > >> >> This is now in git: >> >> >> http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6bcc4475fcdb2ea5daae80cbb2a5a5fcf677ac23 >> >> Matt >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager majord...@openssl.org >> > > > > -- > > *Anant* *Rao* > Server Lead > D / a...@noknok.com > > *Nok Nok Labs Inc.* > 4151 Middlefield Road, Suite 200 > Palo Alto, CA 94303 > T +1 650 433 1300 > i...@noknok.com > > *www.noknok.com* <http://www.noknok.com> > > > > > <http://www.linkedin.com/company/nok-nok-labs> > <http://www.twitter.com/noknoklabs> > <https://plus.google.com/108217184383559859585> > <http://www.facebook.com/NokNokLabs> > > -- *Anant* *Rao* Server Lead D / a...@noknok.com *Nok Nok Labs Inc.* 4151 Middlefield Road, Suite 200 Palo Alto, CA 94303 T +1 650 433 1300 i...@noknok.com *www.noknok.com* <http://www.noknok.com> <http://www.linkedin.com/company/nok-nok-labs> <http://www.twitter.com/noknoklabs> <https://plus.google.com/108217184383559859585> <http://www.facebook.com/NokNokLabs>