Package: libjs-cryptojs
Version: 3.1.2+dfsg-2
Severity: normal
Dear Maintainer,
Up to jessie, one could encrypt something using openssl:
echo "This is a test" | openssl enc -aes-256-cbc -pass pass:mypassphrase -e
-base64
and decrypt it using crypto-js
var plaintext =
CryptoJS.AES.decrypt("U2FsdGVkX1+xT6Jz+c3NLK7zo1OpCBONwFRDOJaWurQ=",
"mypassphrase" );
This doesn't work with openssl from stretch onward, since openssl is no longer
using md5.
evpkdf.js contains: "hasher: MD5"
It is possible to work around by adding "-md md5" to openssl calls.
cryptojs should be compatible with openssl defaults.
-- System Information:
Debian Release: 9.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-8-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8),
LANGUAGE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
libjs-cryptojs depends on no packages.
Versions of packages libjs-cryptojs recommends:
ii javascript-common 11
libjs-cryptojs suggests no packages.
-- no debconf information
