[Bug 426513] Re: openssl enc documentation incorrect

[Arpit]

** Changed in: openssl (Ubuntu)
     Assignee: (unassigned) => Arpit (arpitgupta1491991)

** Changed in: openssl (Ubuntu)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/426513

Title:
  openssl enc documentation incorrect

Status in “openssl” package in Ubuntu:
  Confirmed

Bug description:
  Binary package hint: openssl

  1) This affects openssl in Ubuntu 9.04.

  2) This affects openssl 0.9.8g-15ubuntu3.

  3) The OpenSSL enc(1) man page has this to say about key derivation:

  -salt
  use a salt in the key derivation routines.  This option should ALWAYS be used unless compatibility with previous versions of OpenSSL or SSLeay is required.  This option is only present on OpenSSL versions 0.9.5 or above.

  -nosalt
  don't use a salt in the key derivation routines.  This is the default for compatibility with previous versions of OpenSSL and SSLeay.

  I expect that when I enter:

  $ openssl enc -aes-128-cbc -k foo -P

  That openssl will return an unsalted key and initialization vector.

  4) What I get instead is:
  salt=<8 byte salt>
  key=<16 byte key>
  iv =<16 byte iv>

  The salt, key, and iv are different each time because openssl is using
  a salt.  If I execute 'openssl enc -aes-128-cbc -nosalt -k foo -P' I
  get the same key and initialization vector each time, with no salt
  value in the output (which is what I expect even without using the
  '-nosalt' option).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/426513/+subscriptions