I have a .txt.enc file. It is an output of openssl enc. I need to open it. When I try to open it in Emacs, the first some characters(also known characters) are : 'Salted__C' . how can I understand that which decryption method such as '-aes-256-cbc' or '-cast5-cbc' I should use to open it?
-
1AFAIK, [ciphertext indistinguishability](https://en.wikipedia.org/wiki/Ciphertext_indistinguishability) is an important property of a good encryption scheme. Having the ciphertext only, you're _supposed_ to not be able to know how it was encrypted. I could be wrong. – Adi Mar 27 '13 at 09:33
1 Answers
What Adnan says about ciphertext indistinguishability is correct, this can be a hard problem, the only clue you have is "Salted__
" string which is how OpenSSL distinguishes salted and unsalted encrypted data.
Assuming the file was encrypted with a password (or key/IV pair) that you have, you will have to try every every method:
ciphers=$(openssl enc -h 2>&1 | nawk '/^Cipher/ {n++; next}; (n) {print}')
password=xyzzy
for cc in $ciphers; do
openssl enc -d $cc -pass pass:$password \
-in myfile.txt.enc -out outfile$cc.txt 2> /dev/null
rc=$?
# check for non-zero exit, or output file size not > zero bytes
if [ $rc -ne 0 -o ! -s outfile$cc.txt ]; then
echo "Failed with $cc"
else
echo "Possible success with $cc"
fi
done
(There are some duplicate ciphers due to name aliases, e.g .aes-128
= aes-128-cbc
.)
Now you'll see the next problem, with many algorithms you can decrypt ciphertext with a bad password and not know if the algorithm and/or password were correct.
There are a number of methods to determine if a password was correct and a decryption was successful (e.g. via checksum, integrity (e.g. with HMAC), padding (e.g. with PKCS#5) or other expected structure, or known "left over" state), though sometimes not being able to tell is in fact a feature.
- 7,937
- 25
- 37
-
Your bash-fu is strong, whats this bit do? `rc=$? if [ $rc -ne 0 -o ! -s outfile$cc.txt ];` – lynks Mar 27 '13 at 12:24
-
Save the exit status `$?` in `rc` (not strictly required here, just habit), then test for non-zero exit, or (`-o`) that the output file size is not greater than 0 bytes. – mr.spuratic Mar 27 '13 at 12:52
-
Thank you for the great answer. I'm trying your code with some common passwords, hoping to get some results. So far, not so good! – Elik Mar 27 '13 at 15:36