Merge pull request #1740 from jschaul/workaround/continue-using-md5-k…

…ey-derivation-in-openssl1.1

force using sha256 key derivation in openssl prior to v1.1.0

Sparkles/Git/GitFetcher.cs

@@ -234,10 +234,10 @@ public override void EnableFetchedRepoCrypto (string password)
             var git_config_required = new GitCommand (TargetFolder, "config filter.encryption.required true");
 
             var git_config_smudge = new GitCommand (TargetFolder, "config filter.encryption.smudge " +
-                string.Format ("\"openssl enc -d -aes-256-cbc -base64 -S {0} -pass file:{1}\"", password_salt, password_file));
+                string.Format ("\"openssl enc -d -aes-256-cbc -base64 -S {0} -pass file:{1} -md sha256\"", password_salt, password_file));
 
             var git_config_clean = new GitCommand (TargetFolder, "config filter.encryption.clean " +
-                string.Format ("\"openssl enc -e -aes-256-cbc -base64 -S {0} -pass file:{1}\"", password_salt, password_file));
+                string.Format ("\"openssl enc -e -aes-256-cbc -base64 -S {0} -pass file:{1} -md sha256\"", password_salt, password_file));
 
             git_config_required.StartAndWaitForExit ();
             git_config_smudge.StartAndWaitForExit ();
@@ -263,7 +263,7 @@ public override bool IsFetchedRepoPasswordCorrect (string password)
                     return false;
             }
 
-            string args = string.Format ("enc -d -aes-256-cbc -base64 -S {0} -pass pass:{1} -in \"{2}\"",
+            string args = string.Format ("enc -d -aes-256-cbc -base64 -S {0} -pass pass:{1} -in \"{2}\" -md sha256",
                 password_salt, password.SHA256 (password_salt), password_check_file_path);
 
             var process = new Command ("openssl", args);