Skip to content

OpenSSL

tpkarras edited this page Dec 16, 2025 · 2 revisions

OpenSSL is the encryption engine used to encrypt/decrypt data.

KEF stores each encrypted string within a range of 2/1024000000 bytes preprended with essential information required to encrypt/decrypt as mentioned before.

2 is the lowest amount of bytes it can decrypt without errors. 1024000000 is the highest amount of bytes that openssl_encrypt() and openssl_decrypt() can handle.

Note

Byte range should be considered based on the level of security needed. 2 being the most secure and 1024000000 being the least. You might want to experiment to find the proper byte range for your application needs based on security and speed.

Tip

It is recommended to have the latest possible version of OpenSSL on hand. Preferably after 1.1.1 Later versions of the framework/language you use may have newer versions.

It is ultimately up to you on how to implement OpenSSL in your KEF implementation.

Clone this wiki locally