LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page [SOLVED] Openssl with -e -pbkdf2 does not work
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 09-09-2022, 05:32 AM   #1
czezz
Member
 
Registered: Nov 2004
Distribution: Slackware/Solaris
Posts: 924

Rep: Reputation: 43
Openssl with -e -pbkdf2 does not work

It seems like openssl encryption with option "-e -pbkdf2" does not do the work. It simply encode the string with base64.
Code:
echo 'mysecretpassword' | openssl enc -base64 -e -pbkdf2 -pass pass:garbageKey
bXlzZWNyZXRwYXNzd29yZAo=

echo "bXlzZWNyZXRwYXNzd29yZAo=" | base64 -d
mysecretpassword
My openssl version: OpenSSL 1.1.1f 31 Mar 2020
What am I doing wrong here?


Note:
Back in a days with OpenSSL 1.0.x I was able encrypt string using "-e -aes-256-cfb" and that worked very well:
Code:
Encrypt:
echo 'mysecretpassword' | openssl enc -base64 -e -aes-256-cfb -nosalt  -pass pass:garbageKey
FHNEdyhPcJWL1CLWiersE6Y=

echo "FHNEdyhPcJWL1CLWiersE6Y=" | base64 -d
sDw(Op???":???

Decrypt:
echo 'FHNEdyhPcJWL1CLWiersE6Y=' | openssl enc -base64 -d -aes-256-cfb -nosalt -pass pass:garbageKey
mysecretpassword
Cheers
Czezz
 
Old 09-10-2022, 02:04 PM   #2
boughtonp
Senior Member
 
Registered: Feb 2007
Location: UK
Distribution: Debian
Posts: 3,610

Rep: Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553
What you're doing wrong is not reading the relevant man page, where there are examples:

Quote:
Originally Posted by man openssl-enc
Encrypt a file using AES-128 using a prompted password and PBKDF2 key derivation:
Code:
openssl enc -aes128 -pbkdf2 -in file.txt -out file.aes128
Decrypt a file using a supplied password:
Code:
openssl enc -aes128 -pbkdf2 -d -in file.aes128 -out file.txt \
    -pass pass:<password>
Encrypt a file then base64 encode it (so it can be sent via mail for example) using AES-256 in CTR mode and PBKDF2 key derivation:
Code:
openssl enc -aes-256-ctr -pbkdf2 -a -in file.txt -out file.aes256
Base64 decode a file then decrypt it using a password supplied in a file:
Code:
openssl enc -aes-256-ctr -pbkdf2 -d -a -in file.aes256 -out file.txt \
    -pass file:<passfile>
 
Old 09-11-2022, 02:58 AM   #3
czezz
Member
 
Registered: Nov 2004
Distribution: Slackware/Solaris
Posts: 924

Original Poster
Rep: Reputation: 43
Thank you boughtonp.
Here is working example. Maybe it will help to someone else


Code:
encrypt:
echo 'mysecretpassword' | openssl enc -base64 -aes-256-ctr -pbkdf2 -nosalt -pass pass:garbageKey
bqmTCzEh9G8QFOsRC9e6wGE=

decrypt:
echo 'bqmTCzEh9G8QFOsRC9e6wGE=' | openssl enc -base64 -d -aes-256-ctr -pbkdf2 -nosalt -pass pass:garbageKey
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] new openssl 1.1.0 - broken compatibility with openssl 1.0.1 FranekW Linux - Newbie 2 06-26-2018 10:49 AM
Does recursive mutex lock in openssl will affect other openssl users in same system? T.Selvan Linux - Networking 3 02-09-2016 12:59 AM
openssl: any simple examples no how to use openssl to do some decryption? eantoranz Programming 7 07-26-2012 07:57 PM
install of openssl-0.9.8b-8.3.el5 conflicts with file from package openssl-0.9.8b-8.3 jsaravana87 Linux - Server 1 09-26-2011 01:02 PM
oops openssl-0.9.8e over openssl-0.9.8d bad install now 2 copies? rcorkum Slackware 4 06-29-2007 01:58 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:20 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration