[openssl-dev] openssl enc changed behaviour between 1.1.0 and earlear
Kurt Roeckx
kurt at roeckx.be
Sat Nov 5 08:55:13 UTC 2016
On Fri, Nov 04, 2016 at 09:59:33PM +0100, Sebastian Andrzej Siewior wrote:
> On 2016-11-03 22:12:44 [+0100], Richard Levitte wrote:
> >
> > That would be quite a job. The correctness of the key can't be
> > discovered before the last encrypted block, where the decrypted
> > padding will either be correct (because it was the right key) or not
> > (because it was the wrong key). Take into account a pipe with a 10MB
> > file, I'm sure you see where that takes us.
> >
> > The solution in that bug report seems sane, even though unfortunate.
> okay. And since the encrypted file has no header there is nothing we
> could hide. And if we add one now then it won't work with older openssl.
>
> So I will try to put this in the release notes for the Debian package.
> Do you have an idea where this would fit best in the Wiki? A new page
> with one entry does not make sense and it does not look like it belongs
> to
Would it be useful to document this in the manpage?
Are there other places we should document it?
Kurt
More information about the openssl-dev
mailing list