{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 看淡一切 的问题《Encryption/decryption doesn't work well betwee》','https://www.manongdao.com/q-11571.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I've downloaded and compiled openssl-1.1.0.
I can encrypt and decrypt using the same exe of openssl (as is here)
me@ubuntu:~/openssl-1.1.0$ LD_LIBRARY_PATH=. ./apps/openssl aes-256-cbc -a -salt -in file.txt -out file.txt.enc
enter aes-256-cbc encryption password: 123
Verifying - enter aes-256-cbc encryption password:
me@ubuntu:~/openssl-1.1.0$ LD_LIBRARY_PATH=. apps/openssl aes-256-cbc -a -d -in file.txt.enc -out file.txt.dec
enter aes-256-cbc decryption password: 123
This openssl uses: libcrypto.so.1.1, libssl.so.1.1
When I try to decrypt with the openssl installed on my ubuntu, which uses:
/lib/x86_64-linux-gnu/libssl.so.1.0.0, /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
I get an error:
me@ubuntu:~/openssl-1.1.0$ openssl aes-256-cbc -a -d -in file.txt.enc -out file.txt.dec2
enter aes-256-cbc decryption password: 123
bad decrypt
140456117421728:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:539:
What may cause this? Thanks
The default digest was changed from MD5 to SHA256 in Openssl 1.1
Try using -md md5
The ugly details:
The entered password is not used as is by aes (or other encryption) but the command implicitly derives a key from it. The key derivation uses message digest that was changed in openssl 1.1 Use SHA256 not MD5 as default digest.
In case you want to keep it simple password, and not start messing with the keying martial (-K,-iv) just force the same digest with -md
I tested the AES encryption and decryption with version 1.1.0a (downloaded from openssl.org) and the version 1.0.2g-fips (from my ubuntu 16.04)
When using the
-poption on with 2 different versions ofopenssl, the IV and key are different:I suspect a different derivation of key and IV based on the salt with the 2 versions.
If you want to get rid of this decryption error, you may remove the
-saltoption and use the options-Kfor the key and-ivin your openssl command.This issue can also occur between OpenSSL 1.1 and LibreSSL. In this case, and in other cases where more secure message digests are available, you should avoid using
-md md5to encrypt new files since the MD5 algorithm has extensive vulnerabilities.You should instead use
-md sha256or some other more secure message digest supported by all versions.-md md5should only be used for decrypting old files, and they should ideally be re-encrypted using sha256. This is also mentioned in the OpenSSL FAQ.To check which message digests are supported by the different versions you have in play, run
openssl help:LibreSSL 2.2.7 (included with macOS 10.13 High Sierra):
OpenSSL 1.1f: