use saner default parameters for scrypt

Thanks to Colin Percival for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>

diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index 125bf6158ac894227670e60f1e4ca1bbee54a33e..0968fef9468ffed6d9d4fecf323da69206c87ab6 100644 (file)
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -203,9 +203,9 @@ int pkcs8_main(int argc, char **argv)
             break;
 #ifndef OPENSSL_NO_SCRYPT
         case OPT_SCRYPT:
-            scrypt_N = 1024;
+            scrypt_N = 16384;
             scrypt_r = 8;
-            scrypt_p = 16;
+            scrypt_p = 1;
             if (cipher == NULL)
                 cipher = EVP_aes_256_cbc();
             break;

diff --git a/doc/apps/pkcs8.pod b/doc/apps/pkcs8.pod
index ec9f1d14d51634f04b3612bdaa545114a41937f6..f3b20ff4b1db6a4379881d3a2c95fc0f5bf397fa 100644 (file)
--- a/doc/apps/pkcs8.pod
+++ b/doc/apps/pkcs8.pod
@@ -156,7 +156,7 @@ for all available algorithms.
 =item B<-scrypt>
 
 uses the B<scrypt> algorithm for private key encryption using default
-parameters: currently N=1024, r=8 and p=16 and AES in CBC mode with a 256 bit
+parameters: currently N=16384, r=8 and p=1 and AES in CBC mode with a 256 bit
 key. These parameters can be modified using the B<-scrypt_N>, B<-scrypt_r>,
 B<-scrypt_p> and B<-v2> options.