I am working on a ctf game:
Encrypted with AES in ECB mode. All values base64 encoded
ciphertext = 8LBUVZfDfI6wnggG1uUYuQsRoGd08pGwHCN++R5rabMW9PJmWHWcSrjy5Tfffj6L
key = 3q1FxGhuZ5fQYbjzDxgQ35==
I tried to decrypt it in my terminal leaving the cyphertext in base64 and using the -base64 flag, without luck. Then I went to http://extranet.cryptomathic.com/aescalc, where, after converting the values to hex I was able to decrypt:
key: DEAD45C4686E6797D061B8F30F1810DF
text: F0B0545597C37C8EB09E0806D6E518B90B11A06774F291B01C237EF91E6B69B316F4F26658759C4AB8F2E537DF7E3E8B
out: 7B796F755F73686F756C645F6E6F745F706F73745F7468655F61637475616C5F6374665F76616C75657D5F5F5F5F5F5F
Then I returned to my terminal trying:
echo -n F0B0545597C37C8EB09E0806D6E518B90B11A06774F291B01C237EF91E6B69B316F4F26658759C4AB8F2E537DF7E3E8B | openssl enc -d -K DEAD45C4686E6797D061B8F30F1810DF -aes-128-ecb -nosalt
but I got the same error:
bad decrypt
140735124906848:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:531:
I have tried this on an Ubuntu 17.04, and now on my MacOSX using OpenSSL 1.0.2l.
Why can I not decrypt in my own terminal?
Best Answer
Because
openssluses PKCS#7 padding by default, and your plaintext doesn't contain PKCS#7 padding. If your plaintext has been padded then it has been padded with bytes of value5F. Use the option-nopadinstead, padding with value5Fisn't any padding scheme known to me; if it needs to be removed you will need to remove it yourself.You currently show the input in hexadecimals. Hexadecimal is the representation of the bytes, not the byte values themselves. You need to either directly input the source material from a file using the
<for your file or by hex decoding the input.The output will also be binary; it will not represent any readable plaintext. So you may need to convert the output to hexadecimals before comparing it to the values in your question.