Hi,
I have a query about how to use the openssl command line to decrypt and encrypt my packet. Below is an ipsec encrypted packet which i decrypt and print on the console. When I try to do the same with openssl command line it gives a different value
Before decryption (below is a complete packet which I have split for understandability)
START
00000000: 4500 0060 9f80 4000 8032 d65e c0a8 01a2 [EMAIL PROTECTED]
00000010: c0a8 019a ---> IP Packet
9e40 cf04 0000 0002 ---> SPI and Sequence number
9971 4c73 [EMAIL PROTECTED]
00000020: 7842 49c1 ---> IV
7b13 3576 8c17 21c8 65a9 8d00 xBI.{.5v..!.e...
00000030: 1e99 1b74 3e86 6476 07e7 f8e8 04f0 0e5d ...t>.dv.......]
00000040: 8d63 41d9 cdb0 1304 c800 0b6e bfbb c069 .cA........n...i
00000050: e594 b4d5 --->
Encrypted packet
b330 d80f 84cc 0106 57b8 0eaf .....0......W... -->
Authentication data
END
After Decryption
START
<IP_PACKET> not shown
00000000: 9e40 cf04 0000 0002 ---> SPI and sequence number
9971 4c73 7842 49c1 [EMAIL PROTECTED] --->
IV
START OF DECRYPTED PACKET
00000010: 0def 01bb a8cc c11d d59f 3997 5019 faf0 ..........9.P...
00000020: 7452 0000 1503 0100 1228 ce83 baef 8a8b tR.......(......
00000030: b4e9 a6b8 03b5 8392 da04 3a
01 0203 0306 ..........:..... --->
padding, pad length and next header field
END OF DECRYPTED PACKET
00000040: b330 d80f 84cc 0106 57b8 0eaf .0......W... --->
Authentication data
END
00000000: cbcc d7dc c448 fd53 4dce d67f d2c3 6fe0 .....H.SM.....o.
00000010: 5838 0444 -->
Cipher key
The command that I am using for decryption of the packet is
--> openssl enc -des3 -in input_pkt -out out_pkt -nopad -d -K "7de79edfe7046acd223f6a72b6bb354c4a6888f672d61cbb" -iv "43990d51bba59ece
The input packet I am passing as an array in a c file and printing the ascii into a file name input_packet. Below is the code for it
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <stdlib.h>
int main()
{
unsigned char in_packet[]={ 0x7b,0x13, 0x35,0x76, 0x8c,0x17, 0x21,0xc8, 0x65,0xa9, 0x8d,0x00, 0x1e,0x99, 0x1b,0x74, 0x3e,0x86, 0x64,0x76, 0x07,0xe7, 0xf8,0xe8, 0x04,0xf0, 0x0e,0x5d, 0x8d,0x63, 0x41,0xd9, 0xcd,0xd0, 0x13,0x04, 0xc8,0x00, 0x0b,0x6e, 0xbf,0xbb, 0xc0,0x69, 0xe5,0x94, 0xb4, 0xd5};
unsigned int i=0;
FILE *fd_d;
fd_d = fopen("input_pkt","r+");
printf("sizeof in_packet is : %d\n",sizeof(in_packet));
if(fd_d == NULL)
{
printf("fd not created\n");
return 1;
}
while(i < (sizeof(in_packet)))
{
fprintf(fd_d,"%c",in_packet[i]);
printf("%x",in_packet[i]);
i++;
}
printf("\nvalue of i is %d\n",i);
fclose(fd_d);
return 0;
}
Can any one help me out. the packet after decryption should look like the above. I think many of you might have used this functionality and it shouldn't a difficult thing for you folks to answer.
Thanks a lot in advance.
- Decryption and encryption of packet using openssl command line Riaz Farnaz
