> I have two systems one with openssl 1.0.1e (debian wheezy) and the new one > with openssl 1.1.0c (debian stretch) > > The files encrypted with 1.0.1e are not decryptable via 1.1.0c > These are the investigations I have done > > on my system with 1.0.1e openssl > $ echo some text > file > $ cat file | openssl aes-256-cbc -pass pass:test > file.enc > $ md5sum file.enc > 5482ea53a6677865d1e559ac3057738c file.enc > > when I bring that file over to my system with 1.1.0c openssl > $ md5sum file.enc > 5482ea53a6677865d1e559ac3057738c file.enc > $ cat file.enc | openssl aes-256-cbc -d -pass pass:test > bad decrypt > 4146981184:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad > decrypt:crypto/evp/evp_enc.c:529: > > Please can someone tell me what other options I Am supposed to pass to get > decryption done successfully.
>From the OpenSSL 1.1.0c-3 update notes. I don't believe its in the 'openssl enc' man page yet (https://www.openssl.org/docs/man1.0.1/apps/enc.html). The openssl enc command changed the default digest (used to create the key from passphrase) from MD5 to SHA256 since the version 1.1.0. The digest can be specified with the -md option. Jeff -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
