0

I'm currently stuck with a csv file that was encrypted by OpenSSL.

It's aes-256-cbc, I know the password and so it should be no problem to decrypt it. However it was created with OpenSSL < 1.1, in these older version they internally used MD5 as a hash, in >= 1.1 they've changed it to SHA.

This causes the >= 1.1 versions to not be able to successfully decrypt version < 1.1 encrypted files. It says "bad decrypt" and creates the finished file, but still the content is unreadable. This issue is known on github and several other platforms. One has to use the old OpenSSL versions for decryption, then it will work.

In my program that should decrypt the encrypted files, it behaves just as if it was one of the new versions of OpenSSL. Although the password is correct, the final file is not properly decrypted. So my question is how can I, using a RijnadelManaged, additionally feed the hash algorithm that should be used? Unfortunately I have no control over which version is used to encrypt the files.

Fabi
  • 199
  • 1
  • 14
  • 2
    http://stackoverflow.com/a/39641378/1816580 and http://stackoverflow.com/a/8011654/1816580 – Artjom B. May 07 '17 at 10:37
  • You should be using an [authenticated encryption mode](https://www.cryptopp.com/wiki/Authenticated_Encryption). If the authentication fails (bad MAC) with SHA, then you fallback to MD5. Since you don't have a MAC, you have to analyze the decrypted file and fallback if analysis indicates its malformed. – jww May 07 '17 at 17:25
  • @jww yes that is the concept, but I'm asking for a way to realize it in C#! – Fabi May 08 '17 at 15:18

0 Answers0