Decrypt a text with OpenSSL using key and salt only

Question

I would like to decrypt a text using a 32 characters key and a salt from command line in my MacOS. I have encrypted it in Windows using a program. But, whenever I try to decrypt it from command line I couldn't and get an error.

echo -n PuYNZO+SLqFo6g97gxKr2uAPRUph/sZgaJ3T5YIBPIc= | openssl enc -d -a -aes-256-cbc -K TheTestKeyUsedIs32CharactersLong -S 53616c7455736564 -iv 0 -p
hex string is too short, padding with zero bytes to length
hex string is too short, padding with zero bytes to length
non-hex digit
invalid hex key value

When I try to encrypt

100836

in MacOS it gives me completely different string.

U2FsdGVkX19TYWx0VXNlZA4AWDWo5nzi8p5pYyAeUMg=

using following command:

openssl enc -aes-256-cbc -a -S 53616c7455736564 -iter 5 -k TheTestKeyUsedIs32CharactersLong -in input.txt -out openssl_output.txt

From the application I am using in Windows

100836 is converting into PuYNZO+SLqFo6g97gxKr2uAPRUph/sZgaJ3T5YIBPIc=

My salt text is SaltUsed
My 32 bit character key is TheTestKeyUsedIs32CharactersLong
Input is PuYNZO+SLqFo6g97gxKr2uAPRUph/sZgaJ3T5YIBPIc=
Should be decrypted in 100836

But, result is completely unexpected.

I have also tried a java program to decrypt it but there I was getting other strings so thought to correct it with command line first and then will jump into the code.

I also tried the key in hex digits but still the response was incorrect and was not as expected.

Please note you provided the salt as 8 bytes hex encoded value. I believe the key needs to be hex encoded too — gusto2, Jan 29 '20 at 07:27
I tried that too and with that the encrypted text was U2FsdGVkX19TYWx0VXNlZFhz3AhDtVqRkFhh/MKT6Pg= — Wasif Kirmani, Jan 29 '20 at 07:30
ok, pls give me the full command you encrypt with on windows — Woodstock, Jan 29 '20 at 09:39
openssl aes-256-cbc -a -S 53616c7455736564 -k 546865546573744b65795573656449733332436861726163746572734c6f6e67 -in input.txt -out output.txt In input.txt I have 100836 — Wasif Kirmani, Jan 29 '20 at 09:41
ok I get "U2FsdGVkX19TYWx0VXNlZAD3LdGa6jcowV4IArNB0PY=" when I encrypt input.txt with 100836 inside on macOS with that command — Woodstock, Jan 29 '20 at 09:43
Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/206839/discussion-between-woodstock-and-wasif-kirmani). — Woodstock, Jan 29 '20 at 09:43

score 1 · Accepted Answer · answered Jan 29 '20 at 10:41

@Wasif and I spent some time debugging in chat and in the end believe it's most likely a compatbility issue between OpenSSL 1.1.1.d on Windows and OpenSSL 1.1.1.b on macOS.

We went through a number of tests and permutations, using (Key, IV) tuples in hex, using passwords, with and without salts, and ultimately our testing came down to a simple check.

Using openssl enc -a -aes-256-cbc -pass pass:MYPASSWORD -p -in input.txt on Windows we got:

salt=E70092FEBA619144 
key=29631452F8C259DFE6FD8E9372EC4B20392395F36B7A0B11769CEBEA987E90A0 
iv =93BF2E94462A43B23EF585C0F4B3F1A8 
U2FsdGVkX1/nAJL+umGRRGi3ybIPFXf7qrgov7SyXnI=

Using openssl aes-256-cbc -d -a -pass pass:MYPASSWORD -in cipherText.txt (which contains 'U2FsdGVkX1/nAJL+umGRRGi3ybIPFXf7qrgov7SyXnI=' on the Mac we got:

4593573484:error:06FFF064:digital envelope routines:CRYPTO_internal:bad decrypt

Despite this simple test failing, the Mac and Windows boxes successfully encrypted and decrypted locally.

Weird, but this looks like version incompatibility.

score 0 · Answer 2 · answered Dec 07 '20 at 17:12

0

Try specifying the digest alorithm:

Default digest has changed between different versions.

See How to resolve the "EVP_DecryptFInal_ex: bad decrypt" during file decryption

answered Dec 07 '20 at 17:12

Anders Mikkelsen

1

Decrypt a text with OpenSSL using key and salt only

2 Answers2