Sponsored Content
Full Discussion: OpenSSL
Special Forums Cybersecurity OpenSSL Post 302955621 by Ultrix on Saturday 19th of September 2015 03:10:15 PM
Old 09-19-2015
OpenSSL

I just started playing around with Unix's OpenSSL utility. I can't seem to get the hang of it, and the man page isn't helping much. I wanted to experiment with file encryption, so I created a dummy text file with one line of text and tried to encrypt it using DES. I used the following command:

Code:
openssl des -in Encrypt.txt -out Encrypted.txt

As expected, this produced an encrypted file whose contents were illegible. Then I tried to decrypt the file. I figured since most of these encryption algorithms are based on XORing the key with the message, I would be able to apply the same command to get the original plaintext. So I used a variation of the same command.

Code:
openssl des -in Encrypted.txt -out Decrypted.txt

I opened the file Decrypted.txt and found that it was still illegible. I hadn't gotten the original plaintext back. "Okay," I thought, "I guess I don't know much about how to use DES, since it's a block cypher. Maybe I'll try a stream cypher, since I'm more familiar with how they work, and I know for a fact that for a stream cypher, encryption and decryption use the same algorithm."

I used the following commands:

Code:
openssl rc4 -in Encrypt.txt -out Encrypted.txt
openssl rc4 -in Encrypted.txt -out Decrypted.txt

Still doesn't work.

Then I noticed something strange when looking at the files. The encryption algorithm had added a human-readable prefix to the encrypted file, reading "Salted__". So it looks like what happened was the encryption algorithm added that prefix, when meant that when the same algorithm was applied again, it had a different starting point, so when it started decrypting the original message, after XORing the first eight bytes of the key with the prefix, it would be XORing a completely different part of the key with the same characters, resulting in a gibberish result.

So my question is, what is the proper way to encrypt and decrypt files using OpenSSL? Can anyone point me to any good tutorials? Because, as I said, the man page isn't providing much help.
 

8 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

openssl help

I ungraded my openssl on sun solaris 8 from openssl 0.9.6c to openssl 0.9.6g the ungrade went fine but when I tried to ssh in to server, I received the following error message "ld.so.1: ./sshd: fatal: relocation error: file /usr/local/ssl/lib/libcrypto.so.0.9.6: symbol main: referenced symbol... (2 Replies)
Discussion started by: hassan2
2 Replies

2. Solaris

ERROR OpenSSL

ERROR OpenSSL version mismatch. Built against 908070, you have 9080bf^M 2009.11.20 15:23:25 ERROR Connection closed^M i am new in solaris,i not have great know in this operative system Help me how i can fixed this, in the machine has installed Solaris Machine hardware: ... (1 Reply)
Discussion started by: saurio
1 Replies

3. UNIX for Advanced & Expert Users

Using openssl

All, I am new to openssl and I have not been able to figure out exactly how to use it. What I need to do is to create a shell script which FTPS's (SFTP is not allowed on my project) a file to a mainframe. The mainframe will not initiate a session with my server. Question. Are the packages... (7 Replies)
Discussion started by: MichaelInDC
7 Replies

4. Solaris

Openssl 0.9.8r

Hi Peeps, Having trouble compiling openssl 0.9.8r on Solaris 10 x86. The make test fails when running the shatests (segmentation faults). There is a PROBLEM file that references a file called values.c. Anyone know whereabouts in the source tree you put this file as the file doesn't tell you... (2 Replies)
Discussion started by: callmebob
2 Replies

5. AIX

openssl issue

Gurus, As per audit recommendation i have installed openssl.base 0.9.8.803 and upgraded openssl from 9.7l to 9.8 as prerequisits. But post these installation ssh fails with below error message. exec(): 0509-036 Cannot load program ssh because of the following errors: 0509-150 ... (3 Replies)
Discussion started by: newaix
3 Replies

6. Shell Programming and Scripting

openSSL command help

I am running a openssl command like this: openssl s_client -showcerts -connect $fqdn:$portand the result is some ridiculous amount of stuff but i only want to cut out part of the certificate chain. How do i do that? (2 Replies)
Discussion started by: shade917
2 Replies

7. Solaris

Version of OpenSSL being used

Hello I'm relatively new to technologies like Apache & ssl but have some years experience with Unix. My question concerns the version of OpenSSL which is genuinely being used on our server & how is that set. The server is running Solaris 10. I'll show output from various commands: ... (1 Reply)
Discussion started by: CHoggarth
1 Replies

8. Shell Programming and Scripting

Openssl issue

Hi, I am using openssl as below for encryption of a string ( foo) and I have to pass the password twice for the same. echo 'foo' | openssl aes-256-cbc -a -salt enter aes-256-cbc encryption password: Verifying - enter aes-256-cbc encryption password:... (2 Replies)
Discussion started by: 46019
2 Replies
rc4(3SSL)							      OpenSSL								 rc4(3SSL)

NAME
RC4_set_key, RC4 - RC4 encryption SYNOPSIS
#include <openssl/rc4.h> void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, unsigned char *outdata); DESCRIPTION
This library implements the Alleged RC4 cipher, which is described for example in Applied Cryptography. It is believed to be compatible with RC4[TM], a proprietary cipher of RSA Security Inc. RC4 is a stream cipher with variable key length. Typically, 128 bit (16 byte) keys are used for strong encryption, but shorter insecure key sizes have been widely used due to export restrictions. RC4 consists of a key setup phase and the actual encryption or decryption phase. RC4_set_key() sets up the RC4_KEY key using the len bytes long key at data. RC4() encrypts or decrypts the len bytes of data at indata using key and places the result at outdata. Repeated RC4() calls with the same key yield a continuous key stream. Since RC4 is a stream cipher (the input is XORed with a pseudo-random key stream to produce the output), decryption uses the same function calls as encryption. Applications should use the higher level functions EVP_EncryptInit(3) etc. instead of calling the RC4 functions directly. RETURN VALUES
RC4_set_key() and RC4() do not return values. NOTE
Certain conditions have to be observed to securely use stream ciphers. It is not permissible to perform multiple encryptions using the same key stream. SEE ALSO
blowfish(3), des(3), rc2(3) HISTORY
RC4_set_key() and RC4() are available in all versions of SSLeay and OpenSSL. 1.0.1e 2013-02-11 rc4(3SSL)
All times are GMT -4. The time now is 05:54 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy