owner-openssl-users@openssl.org wrote on 03/31/2008 11:44:10 PM:

> I don't think Marek is correct. The command-line interface (openssl
> enc) doesn't use PKCS5_PBKDF2_HMAC_SHA1(). Other parts of the
> command-line utilities do (e.g. "openssl pkcs8 -topk8 -v2" for
> encrypting RSA and DSA private keys), but not openssl enc.

Of course you are right about "openssl enc", this code does not use
PKCS5_PBKDF2_HMAC_SHA1(). This code use something between PBKDF1
and PBKDF2. My answer was rather about last question about:
"public interface where an application developer
can pass a password and as a result he becomes a password of the
specified length".

Best regards,
Marek Marcola

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org