[openssl-users] OpenSSL error message when decrypting Ethereum encrypted private key

Chris B cryptoassetrecovery at gmail.com
Sun Jan 14 15:26:51 UTC 2018


I'm trying to help someone recover his password for an older format
ethereum encrypted private key (EPK). My plan has been to use his best
guess at the password to brute force the actual password.

The EPK is a 132 character string, and it looks something like this:
U2FsdGV0X185M9YAa/27pmEvFzC5pqLI4xWrA6ouGVCx0EeJ9s8DzeGuBtYJPDCKDy0m80yvHdQYDMPa+Hwv2JPbuGJNoUMhFWpcQW1VF+EAy0tYb7Wtv2+IRWZzcpsE8e2a

(That is: 128 ASCII digits and/or letters, plus three "+" and a "/".)

This article (
https://www.reddit.com/r/Bitcoin/comments/3gwdge/importing_old_encrypted_private_keys/)
seems to describe a very similar EPK. The author of that post decrypted
their key with the following command:

openssl enc -in FILE_OF_KEYS -a -d -salt -aes256 -pass pass:"PASSWORD_HERE"

I have tried this same approach, but I'm getting an error:

EVP_DecryptFinal_ex:wrong final block length

Here's an example:

/usr/bin/openssl enc -d -aes-256-cbc -a -in enc_private_key.txt -out
recovered.key -pass pass:TheBig7ebowski

And here's the output:

bad decrypt

140220549330848:error:0606506D:digital envelope
routines:EVP_DecryptFinal_ex:wrong final block length:evp_enc.c:581:

I'm not sure how to interpret that output. I could interpret it as:
o Your system for decrypting the password is perfect, but: this is not the
right password.
o There's something wrong with the EPK -- its length must be a multiple of
the AES block length.
o There's something wrong with the unencrypted private key -- its length
must be a multiple of the AES block length.
o Something else entirely

Can anyone help me understand how to interpret this error message?

Thanks,
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180114/29d5b1e0/attachment.html>


More information about the openssl-users mailing list