From 5ffa68a16e025f2ebf893e7d9f5c674777e023b5 Mon Sep 17 00:00:00 2001 From: "Sergey G. Brester" Date: Thu, 28 Aug 2025 00:26:11 +0200 Subject: [PATCH] openssl-enc.pod.in: We actually use PKCS#7 padding PKCS#5 padding is a subset for 8-bytes block ciphers only. CLA: trivial Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/28359) (cherry picked from commit 4e0c2d02a9a415823babf74106985352e7bbcdae) --- doc/man1/openssl-enc.pod.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man1/openssl-enc.pod.in b/doc/man1/openssl-enc.pod.in index 194f6890f10..5200d294c6d 100644 --- a/doc/man1/openssl-enc.pod.in +++ b/doc/man1/openssl-enc.pod.in @@ -254,7 +254,7 @@ Some of the ciphers do not have large keys and others have security implications if not used correctly. A beginner is advised to just use a strong block cipher, such as AES, in CBC mode. -All the block ciphers normally use PKCS#5 padding, also known as standard +All the block ciphers normally use PKCS#7 padding, also known as standard block padding. This allows a rudimentary integrity or password check to be performed. However, since the chance of random data passing the test is better than 1 in 256 it isn't a very good test. -- 2.47.3