Fix #6 - OpenSSL 1.1.0 and later (rather than 1.1.1 and later)

clach04 · Jan 1, 2024 · 5445492 · 5445492
1 parent 6c0e6b2
commit 5445492
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 9 deletions.
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # openssl_enc_compat
 
-Pure Python 2.7 and 3.x library that is compatible with OpenSSL 1.1.1+ encryption and decryption.
+Pure Python 2.7 and 3.x library that is compatible with OpenSSL 1.1.0+ encryption and decryption.
 https://github.com/clach04/openssl_enc_compat
 
 This is intended to be used a library, rather than as a command line tool.

diff --git a/openssl_enc_compat/cipher.py b/openssl_enc_compat/cipher.py
@@ -1,16 +1,16 @@
 #!/usr/bin/env python
 # -*- coding: us-ascii -*-
 # vim:ts=4:sw=4:softtabstop=4:smarttab:expandtab
-"""Pure Python encrypt/descrypt routines with compatability with a (subset) of the command line tool openssl 1.1.1+ enc/dec operations.
+"""Pure Python encrypt/descrypt routines with compatability with a (subset) of the command line tool openssl 1.1.0+ enc/dec operations.
 
-I.e. Python 2.7 and Python 3.x code to allow encryption/decryption of files compatible with OpenSSL 1.1.1:
+I.e. Python 2.7 and Python 3.x code to allow encryption/decryption of files compatible with OpenSSL 1.1.0:
 
     openssl enc -e aes-256-cbc -salt -pbkdf2 -iter 10000 -in in_file -base64 -out out_file
     openssl dec -d aes-256-cbc -salt -pbkdf2 -iter 10000 -in in_file -base64 -out out_file
 
     echo hello| openssl enc -e aes-256-cbc -salt -pbkdf2 -iter 10000 -in - -base64 -out - -pass pass:password
 
-NOTE PBKDF2 iteration count of 10,000 is the default in OpenSSL 1.1.1 and is considered too few in 2023.
+NOTE PBKDF2 iteration count of 10,000 is the default in OpenSSL 1.1.0 and is considered too few in 2023.
 Older versions of OpenSSL did not support; PBKDF2 (and ergo iterations) and salt and used a much weaker KDF.
 """
 
@@ -85,16 +85,16 @@ def openssl_pbkdf2(key, salt, iteration_count=OPENSSL_DEFAULT_ITERATION_COUNT):
     return aes_key, aes_iv
 
 class OpenSslEncDecCompat:
-    """Cipher to handle OpenSSL format encryped data, i.e. OpenSSL 1.1.1 compatible (with a very small subset of options).
+    """Cipher to handle OpenSSL format encryped data, i.e. OpenSSL 1.1.0 compatible (with a very small subset of options).
 
-    Intended to allow decryption of files generated with OpenSSL 1.1.1 and vice-versa. Supported OpenSSL flags/formats:
+    Intended to allow decryption of files generated with OpenSSL 1.1.0 and vice-versa. Supported OpenSSL flags/formats:
 
         openssl enc -e aes-256-cbc -salt -pbkdf2 -iter 10000 -in in_file -base64 -out out_file
         openssl dec -d aes-256-cbc -salt -pbkdf2 -iter 10000 -in in_file -base64 -out out_file
 
         echo hello| openssl enc -e aes-256-cbc -salt -pbkdf2 -iter 10000 -in - -base64 -out - -pass pass:password
 
-    NOTE PBKDF2 iteration count of 10,000 is the default in OpenSSL 1.1.1 and is considered too few in 2023.
+    NOTE PBKDF2 iteration count of 10,000 is the default in OpenSSL 1.1.0 and is considered too few in 2023.
     Older versions of OpenSSL did not support; PBKDF2 (and ergo iterations) and salt and used a much weaker KDF.
 
     API PEP-272 Like... This is non-confirming:
@@ -125,7 +125,7 @@ def __init__(self, key, mode=MODE_CBC, IV=None, **kwargs):
         # PBKDF2 WILL be used
         self._openssl_options['base64'] = kwargs.get('base64', None)
         self._openssl_options['cipher_name'] = kwargs.get('cipher', 'aes-256-cbc')  # actual name, mode, and size
-        self._openssl_options['pbkdf2_iteration_count'] = kwargs.get('iter', OPENSSL_DEFAULT_ITERATION_COUNT)  # pbkdf2 iteration count - 10K is the default as of 2023 since OpenSSL 1.1.1
+        self._openssl_options['pbkdf2_iteration_count'] = kwargs.get('iter', OPENSSL_DEFAULT_ITERATION_COUNT)  # pbkdf2 iteration count - 10K is the default as of 2023 since OpenSSL 1.1.0
         # TODO user specificed salt and IV
         # TODO other cipher names
         # TODO clear kwargs of processed arguments, and raise an error if anything else left (i.e. unsupported arguments)

diff --git a/setup.py b/setup.py
@@ -43,7 +43,7 @@
     version=__version__,
     author='clach04',
     url='https://github.com/clach04/' + project_name,
-    description='Pure Python read/write encryption/decryption of encrypted OpenSSL 1.1.1 files',
+    description='Pure Python read/write encryption/decryption of encrypted OpenSSL 1.1.0 files',
     long_description=long_description,
     long_description_content_type='text/markdown',
     packages=[project_name],