From 43d13879bf5559b3a5321a9f75519b85dcdd646d Mon Sep 17 00:00:00 2001 From: "Sergey G. Brester" Date: Thu, 28 Aug 2025 00:26:11 +0200 Subject: [PATCH] openssl-enc.pod.in: We actually use PKCS#7 padding PKCS#5 padding is a subset for 8-bytes block ciphers only. CLA: trivial Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/28359) (cherry picked from commit 4e0c2d02a9a415823babf74106985352e7bbcdae) --- doc/man1/openssl-enc.pod.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man1/openssl-enc.pod.in b/doc/man1/openssl-enc.pod.in index ae6942d1c09..17d7421226b 100644 --- a/doc/man1/openssl-enc.pod.in +++ b/doc/man1/openssl-enc.pod.in @@ -265,7 +265,7 @@ Some of the ciphers do not have large keys and others have security implications if not used correctly. A beginner is advised to just use a strong block cipher, such as AES, in CBC mode. -All the block ciphers normally use PKCS#5 padding, also known as standard +All the block ciphers normally use PKCS#7 padding, also known as standard block padding. This allows a rudimentary integrity or password check to be performed. However, since the chance of random data passing the test is better than 1 in 256 it isn't a very good test. -- 2.47.3