OpenSSL bad decrypt between 0.9.8o and 1.1.0f

I use OpenSSL to encode clear text and decode it on several remote servers. Whilte I was testing my scripts to ensure Debian 9 Stretch compatibility and found an error.

Here is the way I test: Debian 6, OpenSSL 0.9.8o, encoding a string:

# echo "Hi guys" | openssl des3 -salt -a -k "testkey"
U2FsdGVkX1+I3EBhXjqrm+MJOmKRpj+Y5TtNJaJjI/s=

Decoding on the same server:

# echo "U2FsdGVkX1+I3EBhXjqrm+MJOmKRpj+Y5TtNJaJjI/s=" | openssl des3 -salt -a -d -k "testkey"
Hi guys

Debian 9, OpenSSL 1.1.0f, decoding the string:

# echo "U2FsdGVkX1+I3EBhXjqrm+MJOmKRpj+Y5TtNJaJjI/s=" | openssl des3 -salt -a -d -k "testkey"
bad decrypt
140259873273088:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:535:
z���AR�

While decoding is working on:

Debian 7, OpenSSL 1.0.1t:

$ echo "U2FsdGVkX1+I3EBhXjqrm+MJOmKRpj+Y5TtNJaJjI/s=" | openssl des3 -salt -a -d -k "testkey"
Hi guys

Debian 8, OpenSSL 1.0.1t

# echo "U2FsdGVkX1+I3EBhXjqrm+MJOmKRpj+Y5TtNJaJjI/s=" | openssl des3 -salt -a -d -k "testkey"
Hi guys

So I've tested to encode on the Debian 9, OpenSSL 1.1.0f testing server:

# echo "Hi guys" | openssl des3 -salt -a -k "testkey"
U2FsdGVkX1+p/LDtOotR/gmVTfGL+LabNPvLxKqwbOk=

And decoding on the same server is working:

# echo "U2FsdGVkX1+p/LDtOotR/gmVTfGL+LabNPvLxKqwbOk=" | openssl des3 -salt -a -d -k "testkey"
Hi guys

But decoding is not working on the 3 other servers: Debian 6, OpenSSL 0.9.8o:

# echo "U2FsdGVkX1+p/LDtOotR/gmVTfGL+LabNPvLxKqwbOk=" | openssl des3 -salt -a -d -k "testkey"
bad decrypt
12605:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:330:
��Rv��

Debian 7, OpenSSL 1.0.1t:

$ echo "U2FsdGVkX1+p/LDtOotR/gmVTfGL+LabNPvLxKqwbOk=" | openssl des3 -salt -a -d -k "testkey"
bad decrypt
139771367589544:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:516:
▒▒Rv▒▒

Debian 8, OpenSSL 1.0.1t:

# echo "U2FsdGVkX1+p/LDtOotR/gmVTfGL+LabNPvLxKqwbOk=" | openssl des3 -salt -a -d -k "testkey"
bad decrypt
139719827605136:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:516:
▒▒Rv▒▒

I've checked the OpenSSL dependencies, and tested on several servers on each versions.


Solution 1:

Sorry guys, few minutes later I found the answer on Debian bug tracker by Sebastian Andrzej Siewior:

Debian Bug report #843064

bah. They changed the default digest from md5 to sha256 to create the key. If you add '-md md5' to your 1.1. openssl then it will work. The other way around you need '-md sha256' to keep 1.0 happy.

So by adding "-md md5" on Debian 9 it works on older OpenSSL encoded string:

# echo "U2FsdGVkX1+I3EBhXjqrm+MJOmKRpj+Y5TtNJaJjI/s=" | openssl des3 -salt -md md5 -a -d -k "testkey"
Hi guys

And by adding "-md sha256" on older Debian, the newer OpenSSL encoded string works too:

# echo "U2FsdGVkX1+p/LDtOotR/gmVTfGL+LabNPvLxKqwbOk=" | openssl des3 -md sha256 -salt -a -d -k "testkey"
Hi guys

Keeping the thread to save time to other guys :)