Openssl 1_1_0 compatibility question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



At 09:25 AM 9/5/2016, you wrote:
>david wrote:
>
> > On the client:
> > openssl enc -salt -a -A -aes128 -pass pass:123
> >
> > On the server:
> > openssl enc -d -salt -a -A -aes128 -pass pass:123
> >
> > When the ENCRYPTING software is 1_0_2h and the
> > decrypting software is 1_0_1e on Linux or 1_0_2h on Windows,
> > the decryption successfully recovers the value "abcde".
> >
> > When the encrypting software is 1_1_0 and the
> > decrypting software is 1_0_1e on Linux or 1_0_2h on Windows,
> > it fails with the message:
> >
> > bad decrypt
> > 139701985818440:error:06065064:digital envelope routines:
> > EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:596:
> >
>
>
>Reason:
>v1.1.0 is using the wrong key(from pass) to decrypt.
>
>  v1.0.x: md5 is default digest
>  v1.1.0: sha256 is default digest
>
>Solution:
>Specify the digest used to create the key.
>
>  Add '-md md5' to the version 1.0.2 decryption command line,
>  or add '-md sha256' to the v1.0.x  encryption command line.
>

Thanks for this.  I must have missed the change in default-digest 
algorithm in the release notes.
David 



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux