1

I am encrypting the same message with the same cypher and the same password on different machines, but the result is each time totally different. How can I decrypt such a file on another machine then?

A minimal example:

echo "testmessage" > testfile
echo "mypwd" > pwdfile
openssl aes-256-cbc -a -A -salt -in testfile -out out -k pwdfile
cat out && echo

gives:

U2FsdGVkX1/vqur0facod4sMZs+ZT3i3yHe+DwAnV7o=

and

U2FsdGVkX18c6qnuSRrslmnneuDWAH1cp0UC4QyO5PI=

and other variants on still other machines

EDIT

I tried other cyphers as well (bf, cast, des3,...), only base64 resulted in the same result on other machines. Yet I would need to decrypt an aes-256-cbc message encrypted on another machine.

Chris Maes
  • 35,025
  • 12
  • 111
  • 136
  • This is due to the salt parameter. Take a look at [OpenSSL - Password vs Salt Purpose][1] [1]: http://stackoverflow.com/questions/17297637/openssl-password-vs-salt-purpose – Egl Mar 20 '15 at 16:13

1 Answers1

0

This is a non-issue; The result will be different each time something is encrypted. Decryption will work just fine; also across different machines.

The REAL problem causing my problem was the path to the password file:

openssl aes-256-cbc -a -A -d -salt -in out -out outd -k pwdfile && cat outd

would nicely give me back my original file; but

openssl aes-256-cbc -a -A -d -salt -in out -out outd -k ./pwdfile && cat outd

fails with Bad decrypt; in fact not the contents of pwdfile were used, but pwdfile was the password.

Chris Maes
  • 35,025
  • 12
  • 111
  • 136