mirror of
https://github.com/openssl/openssl.git
synced 2024-12-09 05:51:54 +08:00
Clarify the change of enc -S behavior in 3.0
Fixes #19730 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19732)
This commit is contained in:
parent
b02997c571
commit
a4aa977d3a
@ -256,6 +256,19 @@ All RC2 ciphers have the same key and effective key length.
|
|||||||
|
|
||||||
Blowfish and RC5 algorithms use a 128 bit key.
|
Blowfish and RC5 algorithms use a 128 bit key.
|
||||||
|
|
||||||
|
Please note that OpenSSL 3.0 changed the effect of the B<-S> option.
|
||||||
|
Any explicit salt value specified via this option is no longer prepended to the
|
||||||
|
ciphertext when encrypting, and must again be explicitly provided when decrypting.
|
||||||
|
Conversely, when the B<-S> option is used during decryption, the ciphertext
|
||||||
|
is expected to not have a prepended salt value.
|
||||||
|
|
||||||
|
When using OpenSSL 3.0 or later to decrypt data that was encrypted with an
|
||||||
|
explicit salt under OpenSSL 1.1.1 do not use the B<-S> option, the salt will
|
||||||
|
then be read from the ciphertext.
|
||||||
|
To generate ciphertext that can be decrypted with OpenSSL 1.1.1 do not use
|
||||||
|
the B<-S> option, the salt will be then be generated randomly and prepended
|
||||||
|
to the output.
|
||||||
|
|
||||||
=head1 SUPPORTED CIPHERS
|
=head1 SUPPORTED CIPHERS
|
||||||
|
|
||||||
Note that some of these ciphers can be disabled at compile time
|
Note that some of these ciphers can be disabled at compile time
|
||||||
|
Loading…
Reference in New Issue
Block a user