-
Notifications
You must be signed in to change notification settings - Fork 0
OpenSSL
OpenSSL is the encryption engine used to encrypt/decrypt data.
KEF stores each encrypted string within a range of 2/1024000000 bytes preprended with essential information required to encrypt/decrypt as mentioned before.
2 is the lowest amount of bytes it can decrypt without errors. 1024000000 is the highest amount of bytes that openssl_encrypt() and openssl_decrypt() can handle.
Note
Byte range should be considered based on the level of security needed. 2 being the most secure and 1024000000 being the least. You might want to experiment to find the proper byte range for your application needs based on security and speed.
Tip
It is recommended to have the latest possible version of OpenSSL on hand. Preferably after 1.1.1 Later versions of the framework/language you use may have newer versions.
It is ultimately up to you on how to implement OpenSSL in your KEF implementation.