From e5acc028fd5d6094c06789afc51e5be0b06f0e2f Mon Sep 17 00:00:00 2001 From: Jonathan Cobb Date: Wed, 11 Nov 2020 18:36:25 -0500 Subject: [PATCH] remove PKDBF2 to ensure mac compat --- src/main/java/org/cobbzilla/util/security/RsaKeyPair.java | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/cobbzilla/util/security/RsaKeyPair.java b/src/main/java/org/cobbzilla/util/security/RsaKeyPair.java index 71647b8..990adec 100644 --- a/src/main/java/org/cobbzilla/util/security/RsaKeyPair.java +++ b/src/main/java/org/cobbzilla/util/security/RsaKeyPair.java @@ -148,7 +148,9 @@ public class RsaKeyPair { "openssl rand -out secret.key 32 && " + // encrypt data with symmetric key - "openssl aes-256-cbc -salt -pbkdf2 -in data -out data.enc -pass file:secret.key && " + + // disable PBKDF2, not supported on mac osx +// "openssl aes-256-cbc -salt -pbkdf2 -in data -out data.enc -pass file:secret.key && " + + "openssl aes-256-cbc -salt -in data -out data.enc -pass file:secret.key && " + // encrypt sym key with recipient's public key "openssl rsautl -encrypt -oaep -pubin -certin -keyform PEM -inkey recipient.crt -in secret.key -out secret.key.enc && " + @@ -184,7 +186,9 @@ public class RsaKeyPair { "openssl rsautl -decrypt -oaep -inkey recipient.key -in secret.key.enc -out secret.key && " + // decrypt data with symmetric key - "openssl aes-256-cbc -d -salt -pbkdf2 -in data.enc -out data -pass file:secret.key && " + + // disable PBKDF2, not supported on mac osx +// "openssl aes-256-cbc -d -salt -pbkdf2 -in data.enc -out data -pass file:secret.key && " + + "openssl aes-256-cbc -d -salt -in data.enc -out data -pass file:secret.key && " + // verify signature with sender's public key "openssl dgst -sha256 -verify <(openssl x509 -in sender.crt -pubkey -noout) -signature data.sig data");