[openssl-users] Possible OpenSSL 1.1.0 regression with "enc -d" command?

Andreas Schildbach andreas at schildbach.de
Sun Jun 4 12:00:24 UTC 2017

I have a ciphertext that I used to decrypt with

openssl enc -d -aes-256-cbc -a -in ciphertext.txt > plaintext.bin

and given the correct password it decrypted fine on OpenSSL 0.9.x to
1.0.2g (Ubuntu 16.04). Now I got word that OpenSSL 1.1.0 can no longer
decrypt the file. Apparently the user tested unter Arch Linux and Mint
and got this error:

139925102714752:error:06065064:digital envelope
routines:EVP_DecryptFinal_ex:bad decrypt:crypto/evp/evp_enc.c:535

Is there some known regression with OpenSSL 1.1.0 that could cause this?
I can provide an example including the correct password by mail if
anyone wants to look at this; I refrained from posting this to the list
because it's 30 kB.

More information about the openssl-users mailing list