[英]OpenSSL command line decryption hiccups
I hope everyone is doing well. 我希望每个人都做得很好。 I'm hoping someone could give me a pointer in the right direction here.
我希望有人可以在这里向我指示正确的方向。
Around 2013 some time I encrypted a text file on a Mac OS machine using OpenSSL. 2013年左右,我使用OpenSSL在Mac OS机器上加密了一个文本文件。 Not really sure which version of OpenSSL or MacOS X it was.
不太确定它是哪个版本的OpenSSL或MacOSX。
I encrypted it using; 我使用它加密;
openssl des3 -in unencrypted.txt -out encrypted
The output of that seemed like some sort of binary format, so I used xxd to convert it to hex, which then output a text file which I saved somewhere. 该文件的输出似乎是某种二进制格式,因此我使用xxd将其转换为十六进制,然后输出一个文本文件,并将其保存在某个地方。
xxd encrypted >> encryptedhex.txt
In order to reverse the process I used 为了逆转我使用的过程
xxd -r encryptedhex.txt encrypted.bin
openssl des3 -d -in encrypted.bin -out decrypted.txt
I remember testing this a few times and it seemed to work fine. 我记得对它进行了几次测试,似乎效果很好。 Now fast forward to 2017.
现在快进到2017年。
I'm on a Debian 9 machine, and I'm trying to decrypt this file. 我在Debian 9机器上,正在尝试解密此文件。
Whenever I supply the password that I think is correct, I get no error, but the output file seems to be garbage. 每当我提供正确的密码时,都不会出错,但是输出文件似乎是垃圾。 I don't know if it's possible to get no error with incorrect passwords, but whenever I give a password that I know is wrong it spits out
我不知道使用错误的密码是否可能不会出错,但是每当我输入错误的密码时,它就会吐出
bad decrypt 140492140782848:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:535:
错误的解密140492140782848:错误:06065064:数字信封例程:EVP_DecryptFinal_ex:错误的解密:../ crypto / evp / evp_enc.c:535:
I realise now there are better ways to have done this, but I'm stuck with what I have and it doesn't seem to want to work. 我意识到现在有更好的方法可以执行此操作,但是我仍然坚持自己所拥有的,而且似乎并不想工作。
Are the newer versions of openssl backwards compatible? 新版本的openssl向后兼容吗? Is it possible that the encrypted file got corrupted?
加密文件是否可能损坏? (If I look at the raw binary encrypted file I starts with 'salted__', so it looks like I remember it looking back then..)
(如果我查看原始的二进制加密文件,则以“ salted__”开头,因此看起来好像我回想起来了。)
Any suggestions that you guys can think of? 你们能想到什么建议吗? Thank you!
谢谢!
Try adding -md md5
to your decryption command line. 尝试将
-md md5
添加到解密命令行中。 The default hash used for generating the key from a password changed from md5 to sha256 in OpenSSL 1.1.0: 在OpenSSL 1.1.0中,用于从密码生成密钥的默认哈希从md5更改为sha256:
https://www.openssl.org/docs/faq.html#USER3 https://www.openssl.org/docs/faq.html#USER3
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.