0

I have a file that was encrypted by someone else with a AES-256-CBC algorithm.

Unfortunately I only have the file and a password string.

I didn't get any salt. I can run OpenSSL and use the following command to successfully decrypt the file without specifing any salt:

openssl aes-256-cbc -d -a -in [...] -out [...]

In C# I've tried to use a RijnadelManaged and the Rfc2898DeriveBytes class, but they require salt bytes.

Using a RijnadelManaged together with a ICryptoTransform gives me back some other crypto bytes but no clear text.

The password length and block size go along with each other, there was no exception dropped claiming they didn't.

Of course an exception will be dropped if I use the first method and specify a random salt.

How can I decrypt this file with only the information that I've got?

Fabi
  • 199
  • 1
  • 14
  • 1
    I've closed it as a dupe as the key derivation is the main issue here; if you need additional info let us know with a comment. Knowing what to search for is however most of the solution I guess. – Maarten Bodewes May 04 '17 at 18:48
  • @MaartenBodewes The question you referred to was answered with a function that requires a salt byte array. I do not have one and hence I can't make use of this function. – Fabi May 04 '17 at 18:59
  • 2
    The salt is stored within the file; there is an 8 byte magic (look at the bytes) and then an 8 byte salt, after which the actual ciphertext follows. Some info [here](http://justsolve.archiveteam.org/wiki/OpenSSL_salted_format) – Maarten Bodewes May 04 '17 at 19:01
  • @MaartenBodewes I see, excuse me and thanks a lot for that – Fabi May 05 '17 at 15:02
  • @jww Thanks. Got it for a while though, I'm at 1.7K - you get the gold badge at 1K. Still behind Ericson though :P. For crypto I finally managed the #1 spot, it's hard to beat [the bear](http://stackoverflow.com/tags/cryptography/topusers), even when it is hibernating. – Maarten Bodewes May 05 '17 at 23:00

0 Answers0