On 26/02/18 01:15, pratyush parimal wrote: > Hi everyone, > > I'm trying to find a way to convert a string password to an AES-256 > encryption key. I came across EVP_BytesToKey(), but the man-page says at > the end: > > "Newer applications should use a more modern algorithm such as PBKDF2 as > defined in PKCS#5v2.1 and provided by PKCS5_PBKDF2_HMAC". > > Does this mean I shouldn't use EVP_BytesToKey(), and should instead find > out how to use PBKDF2 ? Or do I need to find out how to > get EVP_BytesToKey() to use PBKDF2?
Don't use EVP_BytesToKey(). Details on the PKCS5_PBKDF2_HMAC function are here: https://www.openssl.org/docs/man1.1.0/crypto/PKCS5_PBKDF2_HMAC.html Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
