Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DOC] remove top-level example for OpenSSL::Cipher#pkcs5_keyivgen #647

Merged
merged 1 commit into from
Jul 12, 2023

Commits on Jun 29, 2023

  1. [DOC] remove top-level example for OpenSSL::Cipher#pkcs5_keyivgen

    OpenSSL::Cipher#pkcs5_keyivgen should only be used when it is
    absolutely necessary for compatibility with ancient applications.
    Having an example can be misleading. We already have another example
    for OpenSSL::Cipher in which PBKDF2 is used to derive a key.
    
    As described in the rdoc of OpenSSL::Cipher#pkcs5_keyivgen, it is
    compatible with PKCS#5 PBES1 (PKCS#5 v1.5) only when used in combination
    of a hash function MD2, MD5, or SHA-1, and a cipher DES-CBC or RC2-CBC.
    This example uses MD5 as the hash function and combines it with AES.
    This is considered insecure and also using a non-standard technique to
    derive longer keys.
    rhenium committed Jun 29, 2023
    Configuration menu
    Copy the full SHA
    4e188dd View commit details
    Browse the repository at this point in the history