Reputation: 1
OpenSSL AES-CBC-256 Encryption SALT ERROR
in https://wiki.openssl.org/index.php/Enc it stated that in order for me to give in salt value for openssl to do encryption, i have to specify
With -S salt it is possible to explicitly give its value (in hexadecimal).
And this is what i did, openssl enc -aes256 -base64 -iv 40AA481FEB82C35D1CF35CD1C0468C2F -S F80EC003AA550000 -K DD9F547EDAA1373F85EB98D0608E2DCA66D7426F31FC66B87953799153844 -p -in hi.txt -out cipher.enc in openssl
And the -p shows salt to be different value that what i give. Is there a reason why? And if so, how to i explicitly define my salt to openssl?
Upvotes: 0
Views: 1153
Answers (1)
Reputation: 13249
Since you're given the raw byte key (option -K) to openssl, the salt given in argument is not used.
Salt is used to compute the raw byte key based on a (string) password.
For example you can use option -k and provide your password together with the salt:
$ openssl enc -aes-256-cbc -iv 40AA481FEB82C35D1CF35CD1C0468C2F -S F80EC003AA550000 -k "mypassword" -p -base64 <<< "hello"
salt=F80EC003AA550000
key=4B3178E6330155D5CB9D5D0A17C1853526D9A38BB990671029730D9202A2E89D
iv =40AA481FEB82C35D1CF35CD1C0468C2F
U2FsdGVkX1/4DsADqlUAACw5WayUfFeijGYjYaI/SQw=
Upvotes: 1
Related Questions
- How do I use AES_CBC_Encrypt 128 openssl properly in Ubuntu?
- AES cbc 256 decryption failed in C openssl
- openssl command encrypt data does not match EVP_aes_128_cbc C code
- OpenSSL EVP_aes_128_cbc decryption got unexpected result
- AES (aes-cbc-256) encryption/decryption with openssl expected output truncated
- openssl_decrypt for aes-128-cbc not working
- aes-256-cbc encryption/decryption keys don't work
- Using AES CBC from OpenSSL
- OpenSSL AES encryption error
- AES_set_encrypt_key Segmentation Fault