[Pkg-openssl-devel] Bug#846535: openssl: 1.1.0c cannot decrypt files created by older versions of openssl
Robbie Harwood
rharwood at club.cc.cmu.edu
Thu Dec 1 22:50:20 UTC 2016
Package: openssl
Version: 1.1.0c-2
Severity: critical
Justification: causes serious data loss
Dear Maintainer,
After upgrading to a newer version of OpenSSL, I cannot decrypt a file that
was encrypted using the OpenSSL in Stable (and had been decryptable until very
recently).
To reproduce:
root at stable:~# echo "test" > file
root at stable:~# echo "secretes" | openssl enc -aes-256-cbc -in file -out file.enc -pass stdin
Then copy the file to a (testing) system and:
rharwood at thriss:/tmp$ echo "secretes" | openssl enc -d -aes-256-cbc -in file.enc -out file -pass stdin
bad decrypt
140704872014976:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:crypto/evp/evp_enc.c:529:
Thanks!
-- System Information:
Debian Release: stretch/sid
APT prefers testing-debug
APT policy: (600, 'testing-debug'), (600, 'testing'), (400, 'unstable-debug'), (400, 'unstable'), (200, 'experimental'), (1, 'experimental-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.8.0-1-rt-amd64 (SMP w/8 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages openssl depends on:
ii libc6 2.24-7
ii libssl1.1 1.1.0c-2
openssl recommends no packages.
Versions of packages openssl suggests:
ii ca-certificates 20161102
-- no debconf information
More information about the Pkg-openssl-devel
mailing list