Linux – Why can one box decrypt a file with openssl, but another one can’t

encryptionkali-linuxopenssl

I've got a simple encrypted file with a bit of text inside. It's encrypted with des3 and I know the key. However, I can't for the life of me get it to decrypt in my kali VM. It works fine in a LInux Mint VM however. I'm at my wits end here…. What am I doing wrong?

Here's the working decryption:

user@user-virtual-machine ~/Desktop $ openssl des3 -d -in TheKeyIsInHere.des3 -pass pass:aramisthethird
GJC13 says the key is nuorjbwyldurrurykpym
user@user-virtual-machine ~/Desktop $

And here's the broken one:

root@chkali:~/Desktop/new# openssl des3 -d -in TheKeyIsInHere.des3 -pass pass:aramisthethird
bad decrypt
139786246681728:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:crypto/evp/evp_enc.c:529:
�c]z��6z��oք��n&ΰ�Xqroot@chkali:~/Desktop/new#

The file is the same in both cases (verified by md5sum).

Best Answer

The default hash used by openssl enc for password-based key derivation changed in 1.1.0 to SHA256 versus MD5 in lower versions. This produces a different key from the same password (and salt if used as it usually is), and trying to encrypt and decrypt with different keys produces garbage, an error, or both.

To fix this for existing data specify -md md5 in 1.1.0 to decrypt data from lower versions, and -md sha256 in lower versions to decrypt data from 1.1.0. Going forward, consider specifying -md explicitly. For details see https://crypto.stackexchange.com/questions/3298/is-there-a-standard-for-openssl-interoperable-aes-encryption/35614#35614 (disclosure: mine)

Related Solutions

How does pre-boot authentication with disk encryption work technically

If the whole disk is encrypted, and some pre-boot tool asks the user for a key to decrypt it, doesn't that mean this tool has to run beneath the OS that's going to boot?

Yes, pretty much. Hardware-based full disk encryption does this: the encryption is handled entirely by the device (hard disk/flash) or possibly in a controller along the chain leading to the physical device(s), and is not "visible" to the OS.
With this, the OS does I/O exactly like it would if it was dealing with a plain, unencrypted device, the magic happens in hardware (and/or firmware - "below" the OS in any case).

If there's no such tool, doesn't that mean the decryption tool somehow has to pass decryption information to the OS on boot?

There would have to be some form of information transfer indeed, if the encryption cannot be done "underneath" the OS (either as above, or possibly using virtualization techniques – but then you sort of have two (or more) OSes running). And yes that means cross-OS is hard.
You'll also need the boostrap code (bootloader at the very least) to be un-encrypted if you don't have hardware/firmware assistance.

The Wikipedia disk encryption article has more about this.

How to encrypt a large file with OpenSSL using RSA keys

This could be used to encrpyt a file mypic.png, given you already have a private/public keypair in ccbild-key.pem/ccbild-crt.pem. (You can find a guide to creating a keypair in this answer.)

# encrypt
openssl smime -encrypt -aes-256-cbc -binary -in mypic.png -outform DER -out mypic.png.der ccbild-crt.pem

# decrypt
openssl smime -decrypt -binary -in mypic.png.der -inform DER -out mypic.png -inkey ccbild-key.pem

Note that the settings may not reflect best practice in selection of crypto standard (in particular if you read this in the future), also it might not be a good choice performance-wise. (We only use it for sub-1M files in our application.)

Best Answer

Related Solutions

How does pre-boot authentication with disk encryption work technically

How to encrypt a large file with OpenSSL using RSA keys

Related Question