use saner default parameters for scrypt

Thanks to Colin Percival for reporting this issue. Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-04 23:28:45 +00:00
parent 9829b5ab52
commit 5fc3ee4b77
2 changed files with 3 additions and 3 deletions
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -203,9 +203,9 @@ int pkcs8_main(int argc, char **argv)
            break;
 #ifndef OPENSSL_NO_SCRYPT
        case OPT_SCRYPT:
-            scrypt_N = 1024;
+            scrypt_N = 16384;
            scrypt_r = 8;
-            scrypt_p = 16;
+            scrypt_p = 1;
            if (cipher == NULL)
                cipher = EVP_aes_256_cbc();
            break;