From 0ad3e3ad38d5f7b06fd8aa7cdda69f169c45893e Mon Sep 17 00:00:00 2001 From: David Hook Date: Mon, 31 May 2021 07:41:03 +1000 Subject: github #262 added settable digest to OpenSSL PBE generator --- .../generators/OpenSSLPBEParametersGenerator.cs | 40 +++++++++++++++------- 1 file changed, 28 insertions(+), 12 deletions(-) diff --git a/crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs b/crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs index 8da5d3ad1..1b77d3427 100644 --- a/crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs +++ b/crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs @@ -6,23 +6,39 @@ using Org.BouncyCastle.Security; namespace Org.BouncyCastle.Crypto.Generators { - /** - * Generator for PBE derived keys and ivs as usd by OpenSSL. - *

- * The scheme is a simple extension of PKCS 5 V2.0 Scheme 1 using MD5 with an - * iteration count of 1. - *

- */ + /// + /// + /// + /// Generator for PBE derived keys and ivs as usd by OpenSSL. + ///

+ /// Originally this scheme was a simple extension of PKCS 5 V2.0 Scheme 1 using MD5 with an + /// iteration count of 1. The default digest was changed to SHA-256 with OpenSSL 1.1.0. This + /// implementation still defaults to MD5, but the digest can now be set. + /// + /// public class OpenSslPbeParametersGenerator : PbeParametersGenerator { - private readonly IDigest digest = new MD5Digest(); + private readonly IDigest digest; + + /// + /// + /// Construct a OpenSSL Parameters generator - digest the original MD5. + /// + /// + public OpenSslPbeParametersGenerator() : this(new MD5Digest()) + { + } - /** - * Construct a OpenSSL Parameters generator. - */ - public OpenSslPbeParametersGenerator() + /// + /// + /// Construct a OpenSSL Parameters generator - digest as specified. + /// + /// the digest to use as the PRF. + /// + public OpenSslPbeParametersGenerator(IDigest digest) { + this.digest = digest; } public override void Init( -- cgit 1.4.1