- Mac doesn't have 0.9.* openssl anymore (for years, but I'm too lazy to check when this changed)
On 14 - Sonoma (= 2023 version):
mstenber@hana ~>uname -a
Darwin hana.local 23.6.0 Darwin Kernel Version 23.6.0: Mon Jul 29 21:14:30 PDT 2024; root:xnu-10063.141.2~1/RELEASE_ARM64_T6000 arm64
mstenber@hana ~>where openssl
/opt/homebrew/bin/openssl
/usr/bin/openssl
mstenber@hana ~>openssl --version
OpenSSL 3.3.2 3 Sep 2024 (Library: OpenSSL 3.3.2 3 Sep 2024)
mstenber@hana ~/temp>/usr/bin/openssl version
LibreSSL 3.3.6
fwiw homebrew installation of current openssl doesn't support aes-gcm; system LibreSSL one does though:
mstenber@hana ~>echo foo | openssl enc -aes-128-gcm -pass pass:x
enc: AEAD ciphers not supported
enc: Use -help for summary.
mstenber@hana ~>echo foo | /usr/bin/openssl enc -aes-128-gcm -pass pass:x
bad decrypt
Salted__...
Having said that, I think having a default which just 'works most likely' is probably better than having the results authenticated (with caveats about where it works).
On 14 - Sonoma (= 2023 version):
fwiw homebrew installation of current openssl doesn't support aes-gcm; system LibreSSL one does though:
Having said that, I think having a default which just 'works most likely' is probably better than having the results authenticated (with caveats about where it works).