diff options
author | Viktor Dukhovni <openssl-users@dukhovni.org> | 2023-01-24 14:40:57 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-01-26 10:05:22 +0100 |
commit | a4aa977d3a8049d5386dc583e16c17727c712eaa (patch) | |
tree | 769392f9f99b8265809adea3e2a23e4035a111e0 /doc | |
parent | b02997c571a7bc3321fc33fb5208f7888d66b380 (diff) | |
download | openssl-new-a4aa977d3a8049d5386dc583e16c17727c712eaa.tar.gz |
Clarify the change of enc -S behavior in 3.0
Fixes #19730
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19732)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man1/openssl-enc.pod.in | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/doc/man1/openssl-enc.pod.in b/doc/man1/openssl-enc.pod.in index cc04bf2d20..be66d07f5d 100644 --- a/doc/man1/openssl-enc.pod.in +++ b/doc/man1/openssl-enc.pod.in @@ -256,6 +256,19 @@ All RC2 ciphers have the same key and effective key length. Blowfish and RC5 algorithms use a 128 bit key. +Please note that OpenSSL 3.0 changed the effect of the B<-S> option. +Any explicit salt value specified via this option is no longer prepended to the +ciphertext when encrypting, and must again be explicitly provided when decrypting. +Conversely, when the B<-S> option is used during decryption, the ciphertext +is expected to not have a prepended salt value. + +When using OpenSSL 3.0 or later to decrypt data that was encrypted with an +explicit salt under OpenSSL 1.1.1 do not use the B<-S> option, the salt will +then be read from the ciphertext. +To generate ciphertext that can be decrypted with OpenSSL 1.1.1 do not use +the B<-S> option, the salt will be then be generated randomly and prepended +to the output. + =head1 SUPPORTED CIPHERS Note that some of these ciphers can be disabled at compile time |