At 09:25 AM 9/5/2016, you wrote:
david wrote:
> On the client:
> openssl enc -salt -a -A -aes128 -pass pass:123
>
> On the server:
> openssl enc -d -salt -a -A -aes128 -pass pass:123
>
> When the ENCRYPTING software is 1_0_2h and the
> decrypting software is 1_0_1e on Linux or 1_0_2h on Windows,
> the decryption successfully recovers the value "abcde".
>
> When the encrypting software is 1_1_0 and the
> decrypting software is 1_0_1e on Linux or 1_0_2h on Windows,
> it fails with the message:
>
> bad decrypt
> 139701985818440:error:06065064:digital envelope routines:
> EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:596:
>
Reason:
v1.1.0 is using the wrong key(from pass) to decrypt.
v1.0.x: md5 is default digest
v1.1.0: sha256 is default digest
Solution:
Specify the digest used to create the key.
Add '-md md5' to the version 1.0.2 decryption command line,
or add '-md sha256' to the v1.0.x encryption command line.
Thanks for this. I must have missed the change in default-digest
algorithm in the release notes.
David
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
