At 09:25 AM 9/5/2016, you wrote: >david wrote: > > > On the client: > > openssl enc -salt -a -A -aes128 -pass pass:123 > > > > On the server: > > openssl enc -d -salt -a -A -aes128 -pass pass:123 > > > > When the ENCRYPTING software is 1_0_2h and the > > decrypting software is 1_0_1e on Linux or 1_0_2h on Windows, > > the decryption successfully recovers the value "abcde". > > > > When the encrypting software is 1_1_0 and the > > decrypting software is 1_0_1e on Linux or 1_0_2h on Windows, > > it fails with the message: > > > > bad decrypt > > 139701985818440:error:06065064:digital envelope routines: > > EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:596: > > > > >Reason: >v1.1.0 is using the wrong key(from pass) to decrypt. > > v1.0.x: md5 is default digest > v1.1.0: sha256 is default digest > >Solution: >Specify the digest used to create the key. > > Add '-md md5' to the version 1.0.2 decryption command line, > or add '-md sha256' to the v1.0.x encryption command line. > Thanks for this. I must have missed the change in default-digest algorithm in the release notes. David
