Re: Question about password-based encryption key generation

[Brian Candler]

On Thu, Mar 09, 2006 at 05:33:42AM -0600, uno wand wrote:
 I have a java application that uses HmacSHA to generate encryption key from 
 a
 password, and the encrypted msg is send to the C application. Both Java and
 C apps shared the same password and salt, and the Java app is using 
 AES/128/CBC
 to do the encryption.
 
 I just want an example on how to generate key using Openssl, especially on 
 how
 to get to same result as in Java.

HMAC-SHA1 is explained in RFC 2104, with some test cases in RFC 2202, so you
can check both your Java and C implementations are correct independently.

HMAC does not define how to use a salt. Therefore, you will need to take
apart your Java application, and work out exactly how it combines the
password and salt before passing them to the HMAC function. Then you can
implement the same in your C program.

HTH,

Brian.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

RE: Question about password-based encryption key generation

[uno wand]

Never mind, I found the function PKCS5_PBKDF2_HMAC_SHA1().




Hi,

Could someone point me to an example on how to generate encryption from 
password

using Openssl?

I have a java application that uses HmacSHA to generate encryption key from 
a

password, and the encrypted msg is send to the C application. Both Java and
C apps shared the same password and salt, and the Java app is using 
AES/128/CBC

to do the encryption.

I just want an example on how to generate key using Openssl, especially on 
how

to get to same result as in Java.

Thanks in advance for any hint.



_
Don’t just search. Find. Check out the new MSN Search! 
http://search.msn.click-url.com/go/onm00200636ave/direct/01/


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]