[openssl-users] Anecdotes of OpenSSL China Tour

2018-02-26 Thread Paul Yang 
Hi there,

Some people may know that five then OMC members had a tour in China last 
September. You can find some official media articles reporting the event in 
Tim’s blogs: https://www.openssl.org/blog/blog/2017/09/28/china/ 
 and 
https://www.openssl.org/blog/blog/2017/10/18/china/ 


Here comes another article depicting the tour from a different aspect - the 
interesting stuffs during the 7 days without business: 
https://paulyang.cn/2018/02/26/the-untold-story-en.html 


I shared this link on facebook yesterday and Rich suggested to post it to the 
mailing list either, thus more people could have the stories. Happy reading!

Regards,

Paul


signature.asc
Description: Message signed with OpenPGP
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Is EVP_BytesToKey() still recommended ?

2018-02-26 Thread Matt Caswell 


On 26/02/18 01:15, pratyush parimal wrote:
> Hi everyone,
> 
> I'm trying to find a way to convert a string password to an AES-256
> encryption key. I came across EVP_BytesToKey(), but the man-page says at
> the end:
> 
> "Newer applications should use a more modern algorithm such as PBKDF2 as
> defined in PKCS#5v2.1 and provided by PKCS5_PBKDF2_HMAC".
> 
> Does this mean I shouldn't use EVP_BytesToKey(), and should instead find
> out how to use PBKDF2 ? Or do I need to find out how to
> get EVP_BytesToKey() to use PBKDF2?

Don't use EVP_BytesToKey().

Details on the PKCS5_PBKDF2_HMAC function are here:

https://www.openssl.org/docs/man1.1.0/crypto/PKCS5_PBKDF2_HMAC.html


Matt
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Is EVP_BytesToKey() still recommended ?

2018-02-26 Thread pratyush parimal 
Hi everyone,

I'm trying to find a way to convert a string password to an AES-256
encryption key. I came across EVP_BytesToKey(), but the man-page says at
the end:

"Newer applications should use a more modern algorithm such as PBKDF2 as
defined in PKCS#5v2.1 and provided by PKCS5_PBKDF2_HMAC".

Does this mean I shouldn't use EVP_BytesToKey(), and should instead find
out how to use PBKDF2 ? Or do I need to find out how to get EVP_BytesToKey()
to use PBKDF2?

Any clarifications will be appreciated!
-Pratyush.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users