用BASH解密PHP openssl_seal
[英]Decrypt PHP openssl_seal in BASH
問題描述
我正在嘗試解密一些通過PHP openssl_seal加密的數據。 似乎沒有任何涉及網上bash的示例(花了一些時間研究這個問題),所以我認為這篇文章也將對其他人有所幫助。
據我了解,我必須先使用私鑰解密用於實際數據的RC4加密的密鑰。 數據本身以及RC4密鑰均以base64格式存儲。
數據:
Y3jrrTI96HVK7aMR/LrLnCGsqlQNvpQN8TTEoClak2GHk1MMV5/Ig6CD5EuojJaI
gey79XGjf8S9IqLsJ/MxOjODSFM48D+G0lbBW9GEOUFB027pfuHDhyMoTsxjEFBG
XIz5
Envkey:
JJXy5kX9RNSd90BgRSKUX1AGZhwbzetVHKAZTv1/HCBEPGqaGvoWdxaiA8UaJAAr
mS7Sh3pbMm1GN41BYi2r4m9VONknIqn3VB+cikA7ZRxmKOVhRuJTgdjWhrCMyxls
1osAsC8lIFkLo13Z1v8IZAXKGIdyO86WHXzfQku8HAE=
測試私鑰(此私鑰是加密的,在問題的最底部添加了非加密的私鑰):
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,CBBD77CC40F395BB
/OwGFHzIoLt4bNFMgdLp25igC8ghJhkRNghg1xpvpZISoniOC2b4oHXOJ4wvt0bj
5Giywp1iQCZUkM7qssJAFcLyTg/ycYz9WuOR5Z68h5p+lz4LnUtcCve2N/goJkwT
r5P59MybJEef27PAQYZyjiDK3eyYJRhcORzd592d81GsXoflroVzK9/eYS33IEeV
Y0grtBoOmDe4eVjDoluZXTGNu2si7SCXs6775jrDpPNMTeYLGApRacJ3TDYHyh9+
dmbaa65ARzRmWtdvvi2zoN/23oie5HUcBgRvubWM4u6LJ4HTLuAjGicpZjIlWQTe
Jex77StHO0zceic++Z9VQ+XfL4zdOHFCJpihunCU+zabqsFNZWZ44LeRul65iNIT
+3XHXezDsvuGkr5aJVvAdp1MxGIf5mO88Ga4pa0qIKFw/sLux+Otx94H45Zb1TgS
At8BU4zK0gSvAU7ea7H/Genug847vh2Up49h8ikmfdiexqnkxDO4N4GLrlDg5yYe
+YLEJyEDYa9Cg9vDV+no6oG1jC+4Fk1s9uk5uDSf4uNN5E5EsxsHS4JxvZ4xnWI7
DYbsy8XOwrrIptJvlttVNIYuobwFfDoWlf9yiAtsIKIVHhhVMgMSWc/0jPEKRmmv
NKMy6sGTEj6LGqh6R7bpeS3joccA8oAi0PjLil1Lt/bLBVAJ1JemLDCfJxjHqCmv
VfBcmF1YqxPKQl9cacUmZhozij1qDTghqIxpdQ/Y+HywGyfJtraDlYkGJ+UFgzh9
NEl1gebVhVBATrNodbUEfzJRz04/1BR2I1WPVcC93lo=
-----END RSA PRIVATE KEY-----
所以我在做:
從base64解碼(嘗試在沒有base64的情況下獲取數據,結果仍然相同/使用base64來確保編碼沒有問題等):
base64 --decode envkey> envun
用我的私鑰解密envkey:
openssl rsautl -decrypt -inkey private.pem -in / tmp / envun -out / tmp / envdec
獲取解密的二進制(?)密鑰並使用它來解密RC4中的數據:
openssl enc -d -rc4 -in加密-out解密-pass文件:envdec
。 。
但是,我得到的是:
壞魔術數
有什么建議嗎?
非加密私鑰:
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQCkBLH08f4nZBxiy2K9DXXmxeyqxcZtBIU3BjKDMO0jt2Lt4r6e
+MI/QFKVkms5iDUKaxPgwXptilR/f0KeLz7p2KbsAtDEFSPDWedd2/WYj2DYvoeF
+LskTYoWEyZsTbV7Vcm6lfzlZYggShtjlf6haHHTKo+FEp/ENmspni7n9wIDAQAB
AoGAFrTzshaCeg+ZAnBn1gZ0CSPjlOzWgKc8jhaUjacLXYN49bgLbdTAh6MvC7f+
kjNyLGQQl3ARs/KPqisDHQUrb1mPk2NBlMKk8SPf61D5VPcGyh1OwWSCSM9zg0AO
ZuBhi8RxZhkVAenBwmEAjHID/dA1wGj748uyuUMhq9noGbkCQQDZ/p/2QMGim5dc
KluTxUAtTuxtL5Cjn3rsCNvQiKbDE17zuZQD8O0lKaUIdWpmA9TTVxMXkGiPf/Lf
TApT6lVdAkEAwJ0KXjDsLc6h2lN6LEsm2siAj0fMnCLDUYaRmYB8Wz9S7JGWqE5O
AVg982FeYXxXe2mRL/cpKhbnGT8lvDQpYwJADuUlDPBzyqaS+wsx4rDxp6bi5LsB
SQzWm1YnnuIXcvDZ5hFiGbrWmVl1G1TahknwutgSR+PoIRX/BF7vvbgfSQJAIOYx
8Si2DpTuvFXp1kr31gLNQqvm3PxrFC/CCtARbZyBU3sCmrjVRhGGc128OzZ70s6T
R/gVheTnkD5i+aSHNQJAYGwKSmW7TQPZSlaHfs4vdSnOoxVpdqi/KJG3v+PPhz6R
2+8OZnjXk62VX05jMnMNnu9BMvP0CNjKIjnsOP7NoQ==
-----END RSA PRIVATE KEY-----
加密方式:
$pub_key_ids = [];
$sealed = '';
$pub_key_string = file_get_contents("/usr/local/ssl/public.pem");
$pub_key = openssl_get_publickey($pub_key_string);
if ($pub_key) {
$pub_key_ids[] = $pub_key;
}
if (count($pub_key_ids)) {
if (openssl_seal($params['deployment_settings'], $sealed, $ekeys, $pub_key_ids) !== false) {
$data = base64_encode($sealed);
$envkey = base64_encode($ekeys[0]);
}
foreach ($pub_key_ids as $pub_key_id) {
openssl_free_key($pub_key_id);
}
}
2 個解決方案
解決方案1
2 已采納 2015-03-09 13:47:53
作為bash的問題,我們可以使用一些bashisms :
一體:
#!/bin/bash
openssl rc4 -d -in <(
base64 -i --decode <<eodatas
Y3jrrTI96HVK7aMR/LrLnCGsqlQNvpQN8TTEoClak2GHk1MMV5/Ig6CD5EuojJaIgey7
9XGjf8S9IqLsJ/MxOjODSFM48D+G0lbBW9GEOUFB027pfuHDhyMoTsxjEFBGXIz5
eodatas
) -iv 0 -K "$(
hexdump -v -e '/1 "%02X"' < <(
openssl rsautl -decrypt -inkey <(cat <<eoprivkey
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQCkBLH08f4nZBxiy2K9DXXmxeyqxcZtBIU3BjKDMO0jt2Lt4r6e
+MI/QFKVkms5iDUKaxPgwXptilR/f0KeLz7p2KbsAtDEFSPDWedd2/WYj2DYvoeF
+LskTYoWEyZsTbV7Vcm6lfzlZYggShtjlf6haHHTKo+FEp/ENmspni7n9wIDAQAB
AoGAFrTzshaCeg+ZAnBn1gZ0CSPjlOzWgKc8jhaUjacLXYN49bgLbdTAh6MvC7f+
kjNyLGQQl3ARs/KPqisDHQUrb1mPk2NBlMKk8SPf61D5VPcGyh1OwWSCSM9zg0AO
ZuBhi8RxZhkVAenBwmEAjHID/dA1wGj748uyuUMhq9noGbkCQQDZ/p/2QMGim5dc
KluTxUAtTuxtL5Cjn3rsCNvQiKbDE17zuZQD8O0lKaUIdWpmA9TTVxMXkGiPf/Lf
TApT6lVdAkEAwJ0KXjDsLc6h2lN6LEsm2siAj0fMnCLDUYaRmYB8Wz9S7JGWqE5O
AVg982FeYXxXe2mRL/cpKhbnGT8lvDQpYwJADuUlDPBzyqaS+wsx4rDxp6bi5LsB
SQzWm1YnnuIXcvDZ5hFiGbrWmVl1G1TahknwutgSR+PoIRX/BF7vvbgfSQJAIOYx
8Si2DpTuvFXp1kr31gLNQqvm3PxrFC/CCtARbZyBU3sCmrjVRhGGc128OzZ70s6T
R/gVheTnkD5i+aSHNQJAYGwKSmW7TQPZSlaHfs4vdSnOoxVpdqi/KJG3v+PPhz6R
2+8OZnjXk62VX05jMnMNnu9BMvP0CNjKIjnsOP7NoQ==
-----END RSA PRIVATE KEY-----
eoprivkey
) -in <(base64 -i --decode <<eoenvkey
JJXy5kX9RNSd90BgRSKUX1AGZhwbzetVHKAZTv1/HCBEPGqaGvoWdxaiA8UaJAAr
mS7Sh3pbMm1GN41BYi2r4m9VONknIqn3VB+cikA7ZRxmKOVhRuJTgdjWhrCMyxls
1osAsC8lIFkLo13Z1v8IZAXKGIdyO86WHXzfQku8HAE=
eoenvkey
) ) )"
printf "\nResult: %s\n" $?
這可能輸出:
A combination of genetic and environmental factors play a role in the development of schizophrenia.
Result: 0
通過使用功能
這可能更有用:
#!/bin/bash
declare Data=./datas
declare Envkey=./envkey
declare PrivateKey=./privkey
b64Dec() { base64 -i --decode ; }
hxDump() { hexdump -e '/1 "%02X"' ; }
rsaDec() { openssl rsautl -decrypt -inkey $1 -in $2 ; }
rc4Dec() {
openssl rc4 -d -iv 0 -K "$1"
printf >&2 "\nResult: %s\n" $?
}
rc4Enc() {
openssl rc4 -iv 0 -K "$1"
printf >&2 "\nResult: %s\n" $?
}
declare Key="$(hxDump < <(rsaDec $PrivateKey <(b64Dec <$Envkey)))"
b64Dec <$Data | rc4Dec $Key
rc4Enc $Key <<eoGeorgOrwellQuote | base64
In our age there is no such thing as 'keeping out of politics.' All issues
are political issues, and politics itself is a mass of lies, evasions,
folly, hatred and schizophrenia.
-- George Orwell --
eoGeorgOrwellQuote
這可能會產生:
A combination of genetic and environmental factors play a role in the development of schizophrenia.
Result: 0
Result: 0
azaorSotoXpM/OoK+v/WnyGivBoGpd0dpDbC5H1XlHmJwV0RGt3NkqSfrUOuz42Sh7/04z2yaYi1
drngOLg2cxzPUBs0oyiWwUCnVdOMfF9an2j7N/HBg2o7Us9+B0YEFYy5oLISIRtZguZx2M6qYA9N
EJVDUG7mCL041jCszPAIKreV7PPnRCWt0MLyunv6MDSwJ3dppTUYcgXAL2vDxcIs/GYmbWh8sjgo
/t9fqxCM56a8xwUpityQh1JukHoFQyPzhOYUfNg85I2azhyLoX2OlQ==
解決方案2
1 2015-03-07 10:43:45
使用openssl native命令,您可以執行以下操作:
base64 --decode envkey > envun
openssl rsautl -decrypt -inkey private.pem -in envun -out envdec
KEY=$(cat envdec |hexdump -v -e '/1 "%02X"')
openssl rc4 -d -a -in encrypted -iv 0 -K "$KEY"
您必須使用“ -a”標志,因為您的內容是base64編碼的。
您可以在命令行模式下使用帶有“ -q”的php來抑制標題。
php -q decrypt.php data.txt envkey private.pem
crypto.php的內容
<?php
$pkeyid=openssl_get_privatekey(file_get_contents($argv[3]));
$content=base64_decode(file_get_contents($argv[1]));
$envkey=base64_decode(file_get_contents($argv[2]));
if (openssl_open($content, $data, $envkey, $pkeyid)) {
echo "$data\n";
} else {
echo openssl_error_string()."\n";
}
openssl_free_key($pkeyid);
這將比使用openssl native命令容易得多。
使用openssl_seal和openssl_open(兩個PHP)進行public-private-key-encryption的Android對應部分是什么?
[英]What is the Android-counterpart of public-private-key-encryption with openssl_seal & openssl_open (both PHP)?
如何解密用Openssl在bash腳本中加密的PHP文件
[英]How to decrypt a file in PHP that was encrypted in bash script with Openssl
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
Ruby等價於PHP openssl_seal
openssl_seal問題
使用CryptoJS從openssl_seal解密密文
PHP中的openssl_seal生成“503服務不可用”頁面
PHP:openssl_seal():不是公鑰(公鑰的第一個成員)
NET的等效“ openssl_seal”?
使用openssl_seal和openssl_open(兩個PHP)進行public-private-key-encryption的Android對應部分是什么?
如何使用BASH命令解密PHP Openssl加密
如何解密用Openssl在bash腳本中加密的PHP文件
用openssl_seal加密的php數據。如何在c#中解碼?
相關標簽