2
I have a tool which is using OpenSSL for RSA and DES/TDES operation. After processing by a tool, I got key = 4F324364970DBA5DE058EF0EAE54625E
and the encrypted data is like data = D4B596A6724A32B4663965688F28E01C
Here when I try online tool DES_Calculator for decryption, got require plain text after decryption, what I found, need to try TDES with CBC mode.
I tried to do the same (decryption) with OpenSSL with following command:
C:\OpenSSL-Win32\bin>openssl enc -d -des-ede-cbc -nosalt -k 4F324364970DBA5DE058
EF0EAE54625E -iv 0000000000000000 -in ENC_DATA -out ENC_DATA_O
bad decrypt
6088:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:.\
crypto\evp\evp_enc.c:529:
where content of ENC_DATA is like
Here I want the same result as from the online tool.
Also the same command is working fine after -e
option performed on same set of files. Could anybody tell me why this error occurs and how to remove it?
tried C:\OpenSSL-Win32\bin>openssl enc -d -des-ede-cbc -K 4F324364970DBA5DE058EF0EAE5 4625E -iv 0000000000000000 -in ENC_DATA -out ENC_DATA_O bad decrypt 6596:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:.
crypto\evp\evp_enc.c:529: – Arjun – 2016-05-16T11:43:31.200
2
@Arjun: Your encryption appears to have used one-and-zeros padding which OpenSSL does not support. You can decrypt with
– dave_thompson_085 – 2016-05-16T22:04:47.117openssl enc -des-ede-cbc -d -K hex -iv hex -nopad
and then remove the padding with a different tool (like perl) or manually.@dave_thompson_085 Thanks, I didn't take a look at that website. You can see the 00 valued bytes being added so I can confirm that this is what happens. – Maarten Bodewes – 2016-05-16T22:08:26.173
Actually it is bit padding, aligned to a byte boundary -- note it's one byte 80 then 6 bytes 00. (I didn't look at the website myself, just -nopad piped to hexdump.) – dave_thompson_085 – 2016-05-17T01:02:08.883
@dave_thompson_085 Then there is a difference between the site and the output of the "tool" :). Probably the 0x80 wasn't detected or printed. – Maarten Bodewes – 2016-05-17T01:04:30.257
Huh? the 'tool' in the message is the webpage
www.emvlab.org/...
which shows Output Data31313131313131313180000000000000
which breaks up into bytes as31 31 31 31 31 31 31 31 31 **80** 00 00 00 00 00 00
(emphasis added) which is the same result I got running<file openssl enc -d ... -nopad | od -tx1
on my system except the bytes are already conveniently separated. – dave_thompson_085 – 2016-05-17T03:45:42.560@dave_thompson_085 -nopad works here, will have to remove padding (80 00...00) from other way. – Arjun – 2016-05-17T05:02:25.993