[openssl-users] Possible OpenSSL 1.1.0 regression with "enc -d" command?
Andreas Schildbach
andreas at schildbach.de
Sun Jun 4 12:00:24 UTC 2017
I have a ciphertext that I used to decrypt with
openssl enc -d -aes-256-cbc -a -in ciphertext.txt > plaintext.bin
and given the correct password it decrypted fine on OpenSSL 0.9.x to
1.0.2g (Ubuntu 16.04). Now I got word that OpenSSL 1.1.0 can no longer
decrypt the file. Apparently the user tested unter Arch Linux and Mint
and got this error:
139925102714752:error:06065064:digital envelope
routines:EVP_DecryptFinal_ex:bad decrypt:crypto/evp/evp_enc.c:535
Is there some known regression with OpenSSL 1.1.0 that could cause this?
I can provide an example including the correct password by mail if
anyone wants to look at this; I refrained from posting this to the list
because it's 30 kB.
More information about the openssl-users
mailing list