Reputation: 576
Openssl aes-256-cbc encryption
I am trying to perform a file encryption which is equal to the below command of openssl:
openssl aes-256-cbc -e -salt -pbkdf2 -iter 10000 -in geometry.json -out geometry.json.enc -pass pass:"password"
I am using the implementation 'not-yet-commons-ssl:not-yet-commons-ssl:0.3.13'
With the default values after the file encryption the decryption from openssl command line always throws up the below error;
40B7B9B5F37F0000:error:1C800064:Provider routines:ossl_cipher_unpadblock:bad decrypt:../providers/implementations/ciphers/ciphercommon_block.c:124:
What do I need to pass to the openssl encrypt function?
Upvotes: 0
Views: 8174
Answers (1)
Reputation: 803
Salt is used by default, so you don't need to use it explicitly. I would use higher iteration number with pbkdf2, or in this case, it would make more sense to use sha256 instead of pbkdf2. Also, there is no reason to use quotation marks around your password. pass:"password" should be pass:password unless quotations are part of the password.
You could use this:
openssl aes-256-cbc -pass pass:password -in geometry.json -out geometry.json.enc -pbkdf2 -iter 100000
or this:
openssl aes-256-cbc -k password -in geometry.json -out geometry.json.enc -pbkdf2 -iter 100000
And if you want to use SHA-256 for password hashing then you could use this:
openssl aes-256-cbc -k password -in geometry.json -out geometry.json.enc -md sha256
Upvotes: 0
Related Questions
- How to encrypt plaintext with AES-256 CBC in PHP using OpenSSL?
- AES 256-cbc encryption C++ using OpenSSL
- AES-256 encryption/decryption
- AES-256-CBC encrypt with key / IV in java and decrypt in OpenSSL
- AES (aes-cbc-128, aes-cbc-192, aes-cbc-256) encryption/decryption with openssl C
- AES-256-CBC in Java
- AES_128_CBC OpenSSL Decryption
- AES_128_CBC Encryption/Decryption using OpenSSL
- C - OpenSSL encryption using CBC (Cipher Block Chaining) mode
- OpenSSL data transmission using AES