Open osopolar opened 1 year ago
After upgrading from macOS 12 (Monterey) to 13 (Ventura), i got the error
bad decrypt :routines:ossl_cipher_unpadblock:bad decrypt:providers/implementations/ciphers/ciphercommon_block.c:124
I found the issue Encryption/decryption doesn't work well between two different openssl versions where the accepted answer says:
The default digest was changed from MD5 to SHA256 in Openssl 1.1 Try using -md md5
-md md5
See also https://git.openssl.org/?p=openssl.git;a=commit;h=9e8b6f042749ded556380227c9f2db7ffad9a3aa
After modifying otp.sh as below it worked.
- echo $PASSWORD | openssl enc -aes-256-cbc -d -salt -pass stdin -in ${TOKENFILES_DIR}/${token}.enc + echo $PASSWORD | openssl enc -aes-256-cbc -d -md md5 -salt -pass stdin -in ${TOKENFILES_DIR}/${token}.enc
Even better would be to modify otp-unlockfile.sh temporarily as below, decrypt the tokenfiles and encrypt them again with new settings.
-openssl enc -aes-256-cbc -d -salt -in "${INPUT_FILE}" -out "${OUTPUT_FILE}" -pass file:"${PW_FILE}" +openssl enc -aes-256-cbc -d -md md5 -salt -in "${INPUT_FILE}" -out "${OUTPUT_FILE}" -pass file:"${PW_FILE}"
It's nothing that I expect to be fixed here, it's just for documentation in case someone has the same issue.
thanks 😄
poolpog
commented
1 year ago poolpog
commented
1 year ago
After upgrading from macOS 12 (Monterey) to 13 (Ventura), i got the error
I found the issue Encryption/decryption doesn't work well between two different openssl versions where the accepted answer says:
See also https://git.openssl.org/?p=openssl.git;a=commit;h=9e8b6f042749ded556380227c9f2db7ffad9a3aa
After modifying otp.sh as below it worked.
Even better would be to modify otp-unlockfile.sh temporarily as below, decrypt the tokenfiles and encrypt them again with new settings.
It's nothing that I expect to be fixed here, it's just for documentation in case someone has the same issue.