RSA / AES issue : Decryption

Aura

8/11/23, 10:09 AM

I perform the following commands because I need to decrypt a file -encryption key file- (which is longer than module):

cat key.enc | base64 -d > encryptedrawfile.txt

openssl rsautl -decrypt -inkey privkey.pem -in encryptedrawfile.txt -out key.txt

I obtain the following key.txt: ’àÝ g ™`çïrM¡.€:

Now I need to use encryption key decrypted to decrypt a file using this key considering aes-csc-128. The file I need to decrypt with key above decrypted using aes is : QLTCpr0LK9K5Sw8MWX15LRergsaE+jEtCs3e7tTrATU=

osboxes@osboxes:~/$ echo QLTCpr0LK9K5Sw8MWX15LRergsaE+jEtCs3e7tTrATU= | base64 -d | openssl aes-128-cbc -d -nosalt -iv p1mce4lzT7bSsoUPFTFGTg== -k key.txt -out ficheroDescifrado.txt

*** WARNING : deprecated key derivation used. Using -iter or -pbkdf2 would be better. hex string is too short, padding with zero bytes to length non-hex digit invalid hex iv value

If I include -pbkdf2 I receive the following:

osboxes@osboxes:~/RsaCtfTool$ echo QLTCpr0LK9K5Sw8MWX15LRergsaE+jEtCs3e7tTrATU= | base64 -d | openssl aes-128-cbc -d -nosalt -pbkdf2 -iv p1mce4lzT7bSsoUPFTFGTg== -k key.txt -out ficheroDescifrado.txt

hex string is too short, padding with zero bytes to length non-hex digit invalid hex iv value

What is happening?

Thanks.

0 + 0

rsa

aes

decryption

Morrolan

8/11/23, 12:14 PM

By OpenSSL's manpage, the `-k` flag is for passing a *passphrase*. Hence what you are doing is passing `key.txt` (and not its content!) as a passphrase to OpenSSL, upon which it then applies some key derivation. What you probably mean to do is to pass the raw key (there's a flag for that which you'll find in the help output) as e.g. a hex-encoded string to `openssl`. A secondary issue is that you are passing the IV as what seems to be a Base64-encoded string, while `openssl`'s `-iv` flag expects a hex-encoded one.

Morrolan

8/11/23, 12:16 PM

Generally your question is about how to use a specific tool, which is not perfectly on topic on here. But a quick perusal of the man page should solve these issues you are facing.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: RSA / AES issue : Decryption

TH: ปัญหา RSA / AES : การถอดรหัส

RO: Problemă RSA / AES: Decriptare

RU: Проблема с RSA/AES: расшифровка

VI: Sự cố RSA / AES : Giải mã

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.