[openssl-users] Decrypt old openssl files

Bhasker C V bhasker at unixindia.com
Sat Feb 11 14:30:27 UTC 2017


Wow ! thanks

openssl -md md5 ...
does the trick. All my docs are back now.
That was a great help Double  thanks to Jeff.

On Sat, Feb 11, 2017 at 7:05 PM, Jeffrey Walton <noloader at gmail.com> wrote:

> >  I have two systems one with openssl 1.0.1e (debian wheezy) and the new
> one
> > with openssl 1.1.0c (debian stretch)
> >
> >  The files encrypted with 1.0.1e are not decryptable via 1.1.0c
> > These are the investigations I have done
> >
> > on my system with 1.0.1e openssl
> > $ echo some text > file
> > $ cat file  | openssl  aes-256-cbc  -pass pass:test  > file.enc
> > $ md5sum file.enc
> > 5482ea53a6677865d1e559ac3057738c  file.enc
> >
> > when I bring that file over to my system with 1.1.0c openssl
> > $ md5sum file.enc
> > 5482ea53a6677865d1e559ac3057738c  file.enc
> > $ cat file.enc | openssl  aes-256-cbc  -d -pass pass:test
> > bad decrypt
> > 4146981184:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:
> bad
> > decrypt:crypto/evp/evp_enc.c:529:
> >
> > Please can someone tell me what other options I Am supposed to pass to
> get
> > decryption done successfully.
>
> From the OpenSSL 1.1.0c-3 update notes. I don't believe its in the
> 'openssl enc' man page yet
> (https://www.openssl.org/docs/man1.0.1/apps/enc.html).
>
>   The openssl enc command changed the default digest (used to create the
> key
>   from passphrase) from MD5 to SHA256 since the version 1.1.0. The digest
> can
>   be specified with the -md option.
>
> Jeff
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170211/6354cb82/attachment.html>


More information about the openssl-users mailing list