aboutsummaryrefslogtreecommitdiffstats
path: root/ext/openssl/ossl.c
diff options
context:
space:
mode:
Diffstat (limited to 'ext/openssl/ossl.c')
-rw-r--r--ext/openssl/ossl.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
index 38e650e1..6c76c8e8 100644
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@@ -635,7 +635,7 @@ static void Init_ossl_locks(void)
* ahold of the key may use it unless it is encrypted. In order to securely
* export a key you may export it with a pass phrase.
*
- * cipher = OpenSSL::Cipher.new 'AES-128-CBC'
+ * cipher = OpenSSL::Cipher.new 'AES-256-CBC'
* pass_phrase = 'my secure pass phrase goes here'
*
* key_secure = key.export cipher, pass_phrase
@@ -745,7 +745,7 @@ static void Init_ossl_locks(void)
* using PBKDF2. PKCS #5 v2.0 recommends at least 8 bytes for the salt,
* the number of iterations largely depends on the hardware being used.
*
- * cipher = OpenSSL::Cipher.new 'AES-128-CBC'
+ * cipher = OpenSSL::Cipher.new 'AES-256-CBC'
* cipher.encrypt
* iv = cipher.random_iv
*
@@ -768,7 +768,7 @@ static void Init_ossl_locks(void)
* Use the same steps as before to derive the symmetric AES key, this time
* setting the Cipher up for decryption.
*
- * cipher = OpenSSL::Cipher.new 'AES-128-CBC'
+ * cipher = OpenSSL::Cipher.new 'AES-256-CBC'
* cipher.decrypt
* cipher.iv = iv # the one generated with #random_iv
*
@@ -803,7 +803,7 @@ static void Init_ossl_locks(void)
*
* First set up the cipher for encryption
*
- * encryptor = OpenSSL::Cipher.new 'AES-128-CBC'
+ * encryptor = OpenSSL::Cipher.new 'AES-256-CBC'
* encryptor.encrypt
* encryptor.pkcs5_keyivgen pass_phrase, salt
*
@@ -816,7 +816,7 @@ static void Init_ossl_locks(void)
*
* Use a new Cipher instance set up for decryption
*
- * decryptor = OpenSSL::Cipher.new 'AES-128-CBC'
+ * decryptor = OpenSSL::Cipher.new 'AES-256-CBC'
* decryptor.decrypt
* decryptor.pkcs5_keyivgen pass_phrase, salt
*
@@ -904,7 +904,7 @@ static void Init_ossl_locks(void)
* ca_key = OpenSSL::PKey::RSA.new 2048
* pass_phrase = 'my secure pass phrase goes here'
*
- * cipher = OpenSSL::Cipher.new 'AES-128-CBC'
+ * cipher = OpenSSL::Cipher::Cipher.new 'AES-256-CBC'
*
* open 'ca_key.pem', 'w', 0400 do |io|
* io.write ca_key.export(cipher, pass_phrase)
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-01 08:56:36 +0000