[openssl-users] OpenSSL error message when decrypting Ethereum encrypted private key

Chris B cryptoassetrecovery at gmail.com
Sun Jan 14 23:26:20 UTC 2018


Hi Matt,

>If you *are* using 1.1.0 then the default digest was changed between 1.0.2
and 1.1.0.
Awesome thought, but I'm also using 1.0.2:

$ openssl version

OpenSSL 1.0.2k-fips  26 Jan 2017

(I also tried adding -md md5 to the previous command, but I got the same
error message).

Thanks,
Chris

On Sun, Jan 14, 2018 at 6:03 PM, Matt Caswell <matt at openssl.org> wrote:

>
>
> On 14/01/18 15:26, Chris B wrote:
> > I'm trying to help someone recover his password for an older format
> > ethereum encrypted private key (EPK). My plan has been to use his best
> > guess at the password to brute force the actual password.
> >
> > The EPK is a 132 character string, and it looks something like this:
> > U2FsdGV0X185M9YAa/27pmEvFzC5pqLI4xWrA6ouGVCx0EeJ
> 9s8DzeGuBtYJPDCKDy0m80yvHdQYDMPa+Hwv2JPbuGJNoUMhFWpcQW1VF+
> EAy0tYb7Wtv2+IRWZzcpsE8e2a
> >
> > (That is: 128 ASCII digits and/or letters, plus three "+" and a "/".)
> >
> > This article
> > (https://www.reddit.com/r/Bitcoin/comments/3gwdge/
> importing_old_encrypted_private_keys/)
> > seems to describe a very similar EPK. The author of that post decrypted
> > their key with the following command:
> >
> > openssl enc -in FILE_OF_KEYS -a -d -salt -aes256 -pass
> pass:"PASSWORD_HERE"
> >
> > I have tried this same approach, but I'm getting an error:
> >
> > EVP_DecryptFinal_ex:wrong final block length
>
> What version of OpenSSL are you using. The quoted article was written 2
> years ago so definitely wasn't using OpenSSL 1.1.0. If you *are* using
> 1.1.0 then the default digest was changed between 1.0.2 and 1.1.0. Old
> OpenSSL "enc" output defaulted to md5. The current default is sha256:
>
> https://www.openssl.org/docs/faq.html#USER3
>
> Try adding "-md md5" onto your command line.
>
> Matt
>
>
> >
> > Here's an example:
> >
> > /usr/bin/openssl enc -d -aes-256-cbc -a -in enc_private_key.txt -out
> > recovered.key -pass pass:TheBig7ebowski
> >
> > And here's the output:
> >
> > bad decrypt
> >
> > 140220549330848:error:0606506D:digital envelope
> > routines:EVP_DecryptFinal_ex:wrong final block length:evp_enc.c:581:
> >
> > I'm not sure how to interpret that output. I could interpret it as:
> > o Your system for decrypting the password is perfect, but: this is not
> > the right password.
> > o There's something wrong with the EPK -- its length must be a multiple
> > of the AES block length.
> > o There's something wrong with the unencrypted private key -- its length
> > must be a multiple of the AES block length.
> > o Something else entirely
> >
> > Can anyone help me understand how to interpret this error message?
> >
> > Thanks,
> > Chris
> >
> >
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180114/43137885/attachment.html>


More information about the openssl-users mailing list