CA Directory: Which Secure Hashing Algorithm (SHA) is supported by PBDKF2?

Document ID : KB000014644
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

CA Directory supports password hashing using the PBKDF2 (Password-Based Key Derivation Function 2) method.

Question:

Which Secure Hashing Algorithm (SHA) is supported by PBKDF2 ?

Answer:

CA Directory uses only HMAC with SHA1 for PBKDF2. This password derivation function (PBKCS5_PBKDF2_HMAC_SHA1) is provided by OpenSSL.

The implementation follows RFC 2898.