0

I'm looking at this page: http://www.openssl.org/docs/crypto/EVP_BytesToKey.html

There, it says the following:

If the total key and IV length is less than the digest length and MD5 is used then the derivation algorithm is compatible with PKCS#5 v1.5 otherwise a non standard extension is used to derive the extra data.

I'm using the AES-256-CBC cipher and MD5. What does that tell me judging from the above excerpt? Does it mean that I'm compatible with PKCS#5 v1.5, or does it mean that it's using some non-standard things?

pf85
  • 195
  • 2
  • 12

1 Answers1

5

It means what it says. PKCS5 version 1.5 assumes that the number of key bytes plus the number of IV bytes is less than or equal to the size of the hash function output. PKCS5 version version 2 fixes these issues but it came out after the EVP_BytesToKey function was defined, so EVP_BytesToKey generates key bytes for larger key size in a non-standard way.

OpenSSL 1.1.0c changed the digest algorithm used in some internal components. Formerly, MD5 was used, and 1.1.0 switched to SHA256. Be careful the change is not affecting you in both EVP_BytesToKey and commands like openssl enc.

Community
  • 1
  • 1
President James K. Polk
  • 40,516
  • 21
  • 95
  • 125