Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: OpenSSL
Special Forums Cybersecurity OpenSSL Post 302955621 by Ultrix on Saturday 19th of September 2015 03:10:15 PM
Old 09-19-2015
OpenSSL
I just started playing around with Unix's OpenSSL utility. I can't seem to get the hang of it, and the man page isn't helping much. I wanted to experiment with file encryption, so I created a dummy text file with one line of text and tried to encrypt it using DES. I used the following command:

Code:
openssl des -in Encrypt.txt -out Encrypted.txt

As expected, this produced an encrypted file whose contents were illegible. Then I tried to decrypt the file. I figured since most of these encryption algorithms are based on XORing the key with the message, I would be able to apply the same command to get the original plaintext. So I used a variation of the same command.

Code:
openssl des -in Encrypted.txt -out Decrypted.txt

I opened the file Decrypted.txt and found that it was still illegible. I hadn't gotten the original plaintext back. "Okay," I thought, "I guess I don't know much about how to use DES, since it's a block cypher. Maybe I'll try a stream cypher, since I'm more familiar with how they work, and I know for a fact that for a stream cypher, encryption and decryption use the same algorithm."

I used the following commands:

Code:
openssl rc4 -in Encrypt.txt -out Encrypted.txt
openssl rc4 -in Encrypted.txt -out Decrypted.txt

Still doesn't work.

Then I noticed something strange when looking at the files. The encryption algorithm had added a human-readable prefix to the encrypted file, reading "Salted__". So it looks like what happened was the encryption algorithm added that prefix, when meant that when the same algorithm was applied again, it had a different starting point, so when it started decrypting the original message, after XORing the first eight bytes of the key with the prefix, it would be XORing a completely different part of the key with the same characters, resulting in a gibberish result.

So my question is, what is the proper way to encrypt and decrypt files using OpenSSL? Can anyone point me to any good tutorials? Because, as I said, the man page isn't providing much help.
 

8 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

openssl help

I ungraded my openssl on sun solaris 8 from openssl 0.9.6c to openssl 0.9.6g the ungrade went fine but when I tried to ssh in to server, I received the following error message "ld.so.1: ./sshd: fatal: relocation error: file /usr/local/ssl/lib/libcrypto.so.0.9.6: symbol main: referenced symbol... (2 Replies)
Discussion started by: hassan2
2 Replies

2. Solaris

ERROR OpenSSL

ERROR OpenSSL version mismatch. Built against 908070, you have 9080bf^M 2009.11.20 15:23:25 ERROR Connection closed^M i am new in solaris,i not have great know in this operative system Help me how i can fixed this, in the machine has installed Solaris Machine hardware: ... (1 Reply)
Discussion started by: saurio
1 Replies

3. UNIX for Advanced & Expert Users

Using openssl

All, I am new to openssl and I have not been able to figure out exactly how to use it. What I need to do is to create a shell script which FTPS's (SFTP is not allowed on my project) a file to a mainframe. The mainframe will not initiate a session with my server. Question. Are the packages... (7 Replies)
Discussion started by: MichaelInDC
7 Replies

4. Solaris

Openssl 0.9.8r

Hi Peeps, Having trouble compiling openssl 0.9.8r on Solaris 10 x86. The make test fails when running the shatests (segmentation faults). There is a PROBLEM file that references a file called values.c. Anyone know whereabouts in the source tree you put this file as the file doesn't tell you... (2 Replies)
Discussion started by: callmebob
2 Replies

5. AIX

openssl issue

Gurus, As per audit recommendation i have installed openssl.base 0.9.8.803 and upgraded openssl from 9.7l to 9.8 as prerequisits. But post these installation ssh fails with below error message. exec(): 0509-036 Cannot load program ssh because of the following errors: 0509-150 ... (3 Replies)
Discussion started by: newaix
3 Replies

6. Shell Programming and Scripting

openSSL command help

I am running a openssl command like this: openssl s_client -showcerts -connect $fqdn:$portand the result is some ridiculous amount of stuff but i only want to cut out part of the certificate chain. How do i do that? (2 Replies)
Discussion started by: shade917
2 Replies

7. Solaris

Version of OpenSSL being used

Hello I'm relatively new to technologies like Apache & ssl but have some years experience with Unix. My question concerns the version of OpenSSL which is genuinely being used on our server & how is that set. The server is running Solaris 10. I'll show output from various commands: ... (1 Reply)
Discussion started by: CHoggarth
1 Replies

8. Shell Programming and Scripting

Openssl issue

Hi, I am using openssl as below for encryption of a string ( foo) and I have to pass the password twice for the same. echo 'foo' | openssl aes-256-cbc -a -salt enter aes-256-cbc encryption password: Verifying - enter aes-256-cbc encryption password:... (2 Replies)
Discussion started by: 46019
2 Replies

LEARN ABOUT CENTOS

crypt::des

DES(3)							User Contributed Perl Documentation						    DES(3)

NAME

       Crypt::DES - Perl DES encryption module

SYNOPSIS

	   use Crypt::DES;

DESCRIPTION

       The module implements the Crypt::CBC interface, which has the following methods

       blocksize =item keysize =item encrypt =item decrypt

FUNCTIONS

       blocksize
	   Returns the size (in bytes) of the block cipher.

       keysize
	   Returns the size (in bytes) of the key. Optimal size is 8 bytes.

       new
		   my $cipher = new Crypt::DES $key;

	   This creates a new Crypt::DES BlockCipher object, using $key, where $key is a key of "keysize()" bytes.

       encrypt
		   my $cipher = new Crypt::DES $key;
		   my $ciphertext = $cipher->encrypt($plaintext);

	   This function encrypts $plaintext and returns the $ciphertext where $plaintext and $ciphertext should be of "blocksize()" bytes.

       decrypt
		   my $cipher = new Crypt::DES $key;
		   my $plaintext = $cipher->decrypt($ciphertext);

	   This function decrypts $ciphertext and returns the $plaintext where $plaintext and $ciphertext should be of "blocksize()" bytes.

EXAMPLE

	       my $key = pack("H16", "0123456789ABCDEF");
	       my $cipher = new Crypt::DES $key;
	       my $ciphertext = $cipher->encrypt("plaintex");  # NB - 8 bytes
	       print unpack("H16", $ciphertext), "
";

NOTES

       Do note that DES only uses 8 byte keys and only works on 8 byte data blocks.  If you're intending to encrypt larger blocks or entire files,
       please use Crypt::CBC in conjunction with this module.  See the Crypt::CBC documentation for proper syntax and use.

       Also note that the DES algorithm is, by today's standard, weak encryption.  Crypt::Blowfish is highly recommended if you're interested in
       using strong encryption and a faster algorithm.

SEE ALSO

       Crypt::Blowfish Crypt::IDEA

       Bruce Schneier, Applied Cryptography, 1995, Second Edition, published by John Wiley & Sons, Inc.

COPYRIGHT

       The implementation of the DES algorithm was developed by, and is copyright of, Eric Young (eay@mincom.oz.au).  Other parts of the perl
       extension and module are copyright of Systemics Ltd ( http://www.systemics.com/ ).  Cross-platform work and packaging for single algorithm
       distribution is copyright of W3Works, LLC.

MAINTAINER

       This single-algorithm package and cross-platform code is maintained by Dave Paris <amused@pobox.com>.

perl v5.16.3							    2005-12-08								    DES(3)
All times are GMT -4. The time now is 04:17 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy