Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Bad Magic Number error when trying to Decrypt file in OpenSSL

Tags:

openssl

I'm using Latest version of OpenSSL for Windows, I'm trying to decrypt a message U2FsdGVkX18ztmw81FTK/c+jAf8xtcZdIpesuV2PLDM= encrypted using DES (password is: pass) for which I'm using the following command

des -d -in Encrypted.txt -out normal.txt

for which I'm getting bad magic number error after entering the password: pass

Encrypted.txt contains the encrypted message U2FsdGVkX18ztmw81FTK/c+jAf8xtcZdIpesuV2PLDM= and normal.txt is empty

I searched all the posts in stack overflow and found no article which could solve my problem, Please help get this issue solved.

like image 821
NaN Avatar asked Oct 03 '13 14:10

NaN


2 Answers

Openssl can base64 decode and decrypt in the same step with the -a or -base64 switch. But there is a bug in openssl's base64 processing, it expects a newline at the end of the base64 encoded data.

The easiest solution is to base64 --decode before decrypting.

For example, consider this base64 encrypted output:

# echo foo | openssl enc -aes256 -md sha512 -pass pass:pass -e -base64

U2FsdGVkX182tdJx07S5YoPzi9XhyONdR8Xbc6V1jiw=

If this is sent with a newline, it works fine. But if not, it fails.

# echo 'U2FsdGVkX182tdJx07S5YoPzi9XhyONdR8Xbc6V1jiw=' | openssl enc -aes256 -md sha512 -pass pass:pass -d -base64

foo

# echo -n 'U2FsdGVkX182tdJx07S5YoPzi9XhyONdR8Xbc6V1jiw=' | openssl enc -aes256 -md sha512 -pass pass:pass -d -base64

error reading input file

You can insert the newline with cat, or decode the base64 with another utility first:

# echo -n 'U2FsdGVkX182tdJx07S5YoPzi9XhyONdR8Xbc6V1jiw=' | cat - <(echo "") | openssl enc -aes256 -md sha512 -pass pass:pass -d -base64

foo

# echo -n 'U2FsdGVkX182tdJx07S5YoPzi9XhyONdR8Xbc6V1jiw=' | base64 --decode | openssl enc -aes256 -md sha512 -pass pass:pass -d

foo
like image 121
Jonah Braun Avatar answered Sep 16 '22 17:09

Jonah Braun


The input to the des command shouldn't be in base64. Instead, you need to first decode the base64 output and then provide it to the OpenSSL des command. For instance, when I run the following on Linux:

echo U2FsdGVkX18ztmw81FTK/c+jAf8xtcZdIpesuV2PLDM= | openssl enc -base64 -d | openssl des -d

I get the correct output:

hello world

Since Windows is not great with pipes, you have to redirect the output to intermediate files and then run individual openssl commands.

like image 36
Karthik Avatar answered Sep 19 '22 17:09

Karthik