Bug 1470942
| Summary: | Files encrypted with Fedora 24 openssl cannot be decrypted with Fedora 26 openssl | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | David Levner <davidlevner> | ||||
| Component: | openssl | Assignee: | Tomas Mraz <tmraz> | ||||
| Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | urgent | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 26 | CC: | tmraz | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | x86_64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2017-07-14 07:48:20 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Please see the enc(1) manual page. "The default digest was changed from MD5 to SHA256 in Openssl 1.1" To decode the files encrypted with OpenSSL 1.0 simply add -md md5 option. |
Created attachment 1298119 [details] Contains all files need to reproduce the problem. Description of problem: I get an error when I use F26's openssl to decrypt a file that I encrypted with F24's openssl. Although the decrypted file is created, it is not useable. Version-Release number of selected component (if applicable): Fedora 24: openssl Version 1.0.2k, Release 1.fc24 Fedora 26: openssl Version 1.1.0f, Release 4.fc26 How reproducible: Every time Steps to Reproduce: 1. Create a zip file on a Fedora 24 computer (may happen with other files--I have only tried zip files). 2. Create a password file. 3. Encrypt the zip file. Here is the command I used: openssl enc -e -aes-256-cbc -pass file:easy-password.txt -in temp.zip -out temp.zip.enc 4. Copy the encrypted file and password file to a Fedora 26 computer. 5. Attempt to decrypt the encrypted file. Here is my command: openssl enc -d -aes-256-cbc -pass file:easy-password.txt -in temp.zip.enc -out temp.zip Actual results: bad decrypt 139723542062848:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:crypto/evp/evp_enc.c:573: Although the output file, temp.zip, is created, it cannot be unzipped. Expected results: No error message from the 'openssl enc -d ...' command. The output of the openssl command is a valid zip file that can be unzipped. Additional info: The attachment contains temp.zip, temp.zip.enc and easy-password.txt, all the files referenced in the commands above. These files (and this bug report) were created on an F24 system.