[Bug 234028] Openssl cannot decrypt properly
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sat Dec 15 05:27:11 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234028
--- Comment #6 from Conrad Meyer <cem at freebsd.org> ---
(In reply to bc979 from comment #5)
> However, I point out that the -md parameter is not documented in the man page for enc on 11.1 or earlier.
Yep. It's mentioned, but usage and default are totally undocumented (and on
11.2 as well).
$ openssl enc -h
unknown option '-h'
...
-md the next argument is the md to use to create a key
from a passphrase. One of md2, md5, sha or sha1
Helpfully, none of the *listed* options in 1.0.2o enc are the 1.1.0 default
(sha256). /s However, '-md sha256' can be provided manually and seems to
decode correctly on 12.
NAME
openssl-enc, enc - symmetric cipher routines
SYNOPSIS
openssl enc -ciphername [-in filename] [-out filename] [-pass arg] [-e]
[-d] [-a/-base64] [-A] [-k password] [-kfile filename] [-K key] [-iv
IV] [-S salt] [-salt] [-nosalt] [-z] [-md] [-p] [-P] [-bufsize number]
^^^
(-md not documented anywhere else in the page)
Generating gibberish makes sense, unfortunately — enc has no way of knowing
that the wrong KDF function was used to turn password into key, and AES-256-CBC
does not have any sort of integrity MAC to verify the correct key was used. So
you get gibberish. I suspect the only reason a bad decrypt was noticed in my
(short) input was that the final padding byte(s) didn't match up with PKCS
expectations. You might see the same message (but only at the very end of the
"decrypted" contents).
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list