Openssl compatibility issue between 0.9.8h and 1.1.1k
In our application previously we were using openssl 0.9.8h and we have upgraded it to Openssl 1.1.1k. After upgrading Openssl we didn't make any change in command for encryption we are using below command: "enc -aes-256-cbc -a -salt -pass pass:Password"
for decryption: "enc -aes-256-cbc -a -d -salt -pass pass:Password"
In that case it was giving a warning: *** WARNING : deprecated key derivation used. Using -iter or -pbkdf2 would be better.
So, I have added -pbkdf2 and -iter in command so now command for encryption is: "enc -aes-256-cbc -a -salt -pass pass:Password -pbkdf2 -iter 10000"
and for decryption: "enc -aes-256-cbc -a -d -salt -pass pass:Password -pbkdf2 -iter 10000"
Now if we install the application everything works fine but problem comes when we upgrade the application as previously data was encrypted with openssl 0.9.8h. Now, to support backward compatibility I have added -md md5(which is not recommended) but in that case after fresh install apllication does not works properly.
is there any way to use multiple message digest in command? or any other solution we can implement?