I've been trying for a while to get scrypt and PBKDF2 exposed via the
command line interface. My original attempt was rejected and I thought I
wouldn't care anymore. But then I picked it up and implemented the route
that Stephen suggested (https://github.com/openssl/openssl/pull/1533).
Surprisingly, it wasn't too difficult and I have a first shot that
somwhat works with scrypt. Much of the work was figuring out how/where
to properly register NIDs and such.
So now I do have two questions. First, could someone please provide
feedback if this is generally the correct way I'm going at it? Secondly,
I'm having a concrete and really bad issue: failing tests. I haven't
actually *added* tests for the scrypt PKEY yet and am seeing failing
tests in the PKEY facility at places that I haven't touched --
therefore, I'm completely clueless why this is happening. Concretely,
this is what I'm seeing:
They point to test source data of SipHash and somewhere in Ed25519 code.
Nothing I've touched in a mile. Yet, clearly, my branch is the source of
the error. So any pointers on what I messed up would be very much