aes-cbc-256 mode descryption without an IV
Marian Beermann
public at enkore.de
Mon Mar 25 12:08:02 UTC 2019
Well let's just read the man pages, shall we?
> -kfile filename
> Read the password to derive the key from the first line of filename.
Then
> -md digest
> Use the specified digest to create the key from the passphrase.
> The default algorithm is sha-256.
And
> -iv IV
> ...
> When a password is being specified using one of the other options, the
IV is generated from this password.
The man page doesn't specify the key derivation algorithm, but a quick
glance at apps/enc.c shows that it uses EVP_BytesToKey, which is
documented here:
https://www.openssl.org/docs/man1.1.0/man3/EVP_BytesToKey.html
-Marian
Am 25.03.19 um 01:20 schrieb Tim Webber:
> I just posted a message which i have copied below to a python forum. It
> might be better asked here. The coles notes version of my question is this:
>
> I have received an encrypted data file (mydata.encrypted) and a key
> (plain text for now) and the following command to decrypt it:
>
> openssl enc -d -aes-256-cbc -a -in mydata.encrypted -out
> mydata.decrypted -kfile my_symmetric_key
>
> Question is this. How is the initialization vector calculated? This
> command works fine. My issues is that i dont know how the
> initialization vetor is calculated. I suspect if its left out there is
> some default way of doing it. Can you tell me how its done? Thanks!
>
> ************************* ORIGINAL QUESTION to python community
> ******************
>
> I have received an encrypted data file (mydata.encrypted) and a key
> (plain text for now) and the following command to decrypt it:
>
> openssl enc -d -aes-256-cbc -a -in mydata.encrypted -out
> mydata.decrypted -kfile my_symmetric_key
>
> The people who encrypted these data did so with openssl but I dont know
> what the encrypt command looks like. I do know that the above command
> does decrypt the data successfully though.
>
> I want to use Python to decrypt this file. I am thinking of using
> cryptodome but am open to suggestions. Here's what i know from the above
> openssl decrypt command.
>
> - its uses AES cbc 256 mode for the decryption ( -d )
> - it uses base64 to encode the data "AFTER" (-a) the cryptographic operation
> - it does not specify the initialization vector (IV).
>
> I am struggling with how to code for this using python. What I suspect
> is my problem is that i dont know how to properly calculate the IV.
> Looking at the openssl documentation they say to see "key derivation" to
> find out how they handle IV when its not specified. I cant track down
> this key derivation information. Any help will be appreciated!
> *******************************
More information about the openssl-users
mailing list