in reply to Ciphertext does not begin with a valid header for 'salt' header mode at

Hello bNathan, and welcome to the Monastery!

The change log for Crypt::CBC contains this entry for version 2.17:

2.17    Mon Jan  9 18:22:51 EST 2006
        -IMPORTANT NOTE: Versions of this module prior to 2.17 were in
+correctly
        using 8 byte IVs when generating the old-style RandomIV style 
+header
        (as opposed to the new-style random salt header). This affects
+ data
        encrypted using the Rijndael algorithm, which has a 16 byte bl
+ocksize,
        and is a significant security issue.
 
        The bug has been corrected in versions 2.17 and higher by maki
+ng it
        impossible to use 16-byte block ciphers with RandomIV headers.
+ You may
        still read legacy encrypted data by explicitly passing the 
        -insecure_legacy_decrypt option to Crypt::CBC->new().

[download]

See also the PerlMonks thread Salt issue from 2013.

Hope that helps,

Athanasius <°(((><contra mundum Iustus alius egestas vitae, eros Piratica,

  • Comment on Re: Ciphertext does not begin with a valid header for 'salt' header mode at...
  • Download Code

In Section Seekers of Perl Wisdom