On Wed, Jan 12, 2022 at 08:56:19PM +0000, Ricky Cintron wrote: > As the subject reads, I am suddenly unable to decrypt a file that I encrypted > with LibreSSL. When I try, I get the following message: > > bad decrypt > 11957684617984:error:06FFF064:digital envelope routines:CRYPTO_internal: \ > bad decrypt:/usr/src/lib/libcrypto/evp/evp_enc.c:549: > > I haven't been able to figure out the cause, so I'm looking for guidance.
That error message is very non-specific, and can have many causes. > Some more information: > I encrypted this file around September or October of 2021 using the following > command: > > $ openssl aes-256-cbc -e -a -salt -in <file> -out <file> > > And to decrypt it, I use > > $ openssl aes-256-cbc -d -a -in <file> -out <file> > > I also configured neovim to allow me to open and overwrite the file > transparently, using an autocmd group, which has worked without issue. I > upgraded my -current system on Saturday, January 8 (OpenBSD 7.0-current > (GENERIC.MP) #242: Sat Jan 8 12:33:38 MST 2022), and I was able to decrypt it > with neovim on Monday, but I didn't modify/write the file (it was last > modified > on Dec 20 2021). I attempted to open the file again in neovim on Tuesday, but > was presented with the 'bad decrypt' message instead. I initially tried in > neovim, but I'm seeing the same message when I use the openssl command (above) > directly. Just to confirm, you were able to decrypt it once after the system upgrade on the 8th, but subsequently failed, the file itself has, (apparently), not been modified, and you have not made any other changes to the system? When you attempt to decrypt from the command line, do you get partial decrypted output, I.E. the beginning of the expected plaintext? A truncated ciphertext can cause the 'bad decrypt' error, but the start of the file will be correctly decrypted. Since your encrypted file is base64 encoded, have you looked at it and checked that it's not corrupted? For example, 512 bytes of all 0x00 or 0xFF somewhere in it would obviously be suspicious. Are you absolutely sure that you are using the correct passphrase? Finally, and this is NOT your problem, but I'm mentioning it for the benefit of anybody searching the mailing list archives with a similar problem: a number of years ago the default message digest for OpenSSL changed, (from md5 to sha256), and files encrypted with the old md will need -md md5 specified on the command line to decrypt them with current versions of OpenSSL or LibreSSL. But that is not the issue here.
