Hi,
I'm doing password encryption (and decryption) in Java. I need to port this
to C.
In Java, I'm doing this:
PBEKeySpec ("somepassphrase", some_salt, some iterations, 128
/*key_length*/);
Algorithm is "PBKDF2WithHmacSHA1"
If I generate a secret key with the above data, I get the same output with
multiple runs of the program.
In C, I tried doing something similar using OpenSSL:
EVP_BytesToKey(EVP_aes_128_cbc(), EVP_sha1(), salt, passphrase,
strlen(passphrase), nrounds, key, NULL /*iv*/);
I used the same salt, passphrase and iv in C as in Java and I get a
consistent secret key in C as well in multiple runs of the program.
However, the secret key is not the same as Java's.
Does it mean C with OpenSSL can never produce the same secret key as Java?
I did some googling and I have a few points: OpenSSL uses PKCS5 v1.5,
whereas Java uses v2.0.
Also, I found somewhere a recommendation to use PKCS5_PBKDF2_HMAC_SHA1.
However, it doesn't generate the same output between runs. So, I concluded
that I can't use it.
Any help/pointers appreciated.
Thanks!
