From 18a71f15544ea3dd5ae27fe7f9750a424bc9529f Mon Sep 17 00:00:00 2001
From: jschaul <joe.schaul@gmail.com>
Date: Mon, 12 Dec 2016 11:43:19 +0100
Subject: [PATCH] continue using md5 key derivation in openssl1.1

See https://stackoverflow.com/questions/39637388/encryption-decryption-doesnt-work-well-between-two-different-openssl-versions/39641378#39641378 - Openssl changed their default digest algorithm from md5 to sha256 for the key derivation from password beginning with v1.1.0 (which, security wise, is a good thing!), but that creates compatibility issues if the version of openssl that encrypted a file is using a different digest than the version of openssl that decrypts files.
---
 Sparkles/Git/GitFetcher.cs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/Sparkles/Git/GitFetcher.cs b/Sparkles/Git/GitFetcher.cs
index 2512608e..b031b2eb 100644
--- a/Sparkles/Git/GitFetcher.cs
+++ b/Sparkles/Git/GitFetcher.cs
@@ -234,10 +234,10 @@ namespace Sparkles.Git {
             var git_config_required = new GitCommand (TargetFolder, "config filter.encryption.required true");
 
             var git_config_smudge = new GitCommand (TargetFolder, "config filter.encryption.smudge " +
-                string.Format ("\"openssl enc -d -aes-256-cbc -base64 -S {0} -pass file:{1}\"", password_salt, password_file));
+                string.Format ("\"openssl enc -d -aes-256-cbc -base64 -S {0} -pass file:{1} -md md5\"", password_salt, password_file));
 
             var git_config_clean = new GitCommand (TargetFolder, "config filter.encryption.clean " +
-                string.Format ("\"openssl enc -e -aes-256-cbc -base64 -S {0} -pass file:{1}\"", password_salt, password_file));
+                string.Format ("\"openssl enc -e -aes-256-cbc -base64 -S {0} -pass file:{1} -md md5\"", password_salt, password_file));
 
             git_config_required.StartAndWaitForExit ();
             git_config_smudge.StartAndWaitForExit ();
@@ -263,7 +263,7 @@ namespace Sparkles.Git {
                     return false;
             }
 
-            string args = string.Format ("enc -d -aes-256-cbc -base64 -S {0} -pass pass:{1} -in \"{2}\"",
+            string args = string.Format ("enc -d -aes-256-cbc -base64 -S {0} -pass pass:{1} -in \"{2}\" -md md5",
                 password_salt, password.SHA256 (password_salt), password_check_file_path);
 
             var process = new Command ("openssl", args);