Good fine Marian. Thx for all your help. On Mon, Mar 25, 2019 at 9:24 AM Marian Beermann <pub...@enkore.de> wrote:
> As it just so happens here is a gist implementing EVP_BytesToKey in Python: > https://gist.github.com/tly1980/b6c2cc10bb35cb4446fb6ccf5ee5efbc > > -Marian > > Am 25.03.19 um 17:14 schrieb Tim Webber: > > Thanks Marian. i did read the man pages for enc . not sure how that > > gets you to the EVP_BytesToKey algorithm but thank you for providing > > that page. i suspect it might be easier to have the folks encrypting > > the data specifiy an IV rather than trying to figure out how to > > implement EVP_BytesToKey in python. its not inconsequential. > > > > On Mon, Mar 25, 2019 at 5:08 AM Marian Beermann <pub...@enkore.de > > <mailto:pub...@enkore.de>> wrote: > > > > Well let's just read the man pages, shall we? > > > > > -kfile filename > > > Read the password to derive the key from the first line of > filename. > > > > Then > > > > > -md digest > > > Use the specified digest to create the key from the passphrase. > > > The default algorithm is sha-256. > > > > And > > > > > -iv IV > > > ... > > > When a password is being specified using one of the other options, > the > > IV is generated from this password. > > > > The man page doesn't specify the key derivation algorithm, but a > quick > > glance at apps/enc.c shows that it uses EVP_BytesToKey, which is > > documented here: > > https://www.openssl.org/docs/man1.1.0/man3/EVP_BytesToKey.html > > > > -Marian > > > > Am 25.03.19 um 01:20 schrieb Tim Webber: > > > I just posted a message which i have copied below to a python > > forum. It > > > might be better asked here. The coles notes version of my > > question is this: > > > > > > I have received an encrypted data file (mydata.encrypted) and a key > > > (plain text for now) and the following command to decrypt it: > > > > > > openssl enc -d -aes-256-cbc -a -in mydata.encrypted -out > > > mydata.decrypted -kfile my_symmetric_key > > > > > > Question is this. How is the initialization vector calculated? > This > > > command works fine. My issues is that i dont know how the > > > initialization vetor is calculated. I suspect if its left out > > there is > > > some default way of doing it. Can you tell me how its done? > Thanks! > > > > > > ************************* ORIGINAL QUESTION to python community > > > ****************** > > > > > > I have received an encrypted data file (mydata.encrypted) and a key > > > (plain text for now) and the following command to decrypt it: > > > > > > openssl enc -d -aes-256-cbc -a -in mydata.encrypted -out > > > mydata.decrypted -kfile my_symmetric_key > > > > > > The people who encrypted these data did so with openssl but I dont > > know > > > what the encrypt command looks like. I do know that the above > command > > > does decrypt the data successfully though. > > > > > > I want to use Python to decrypt this file. I am thinking of using > > > cryptodome but am open to suggestions. Here's what i know from the > > above > > > openssl decrypt command. > > > > > > - its uses AES cbc 256 mode for the decryption ( -d ) > > > - it uses base64 to encode the data "AFTER" (-a) the cryptographic > > operation > > > - it does not specify the initialization vector (IV). > > > > > > I am struggling with how to code for this using python. What I > suspect > > > is my problem is that i dont know how to properly calculate the IV. > > > Looking at the openssl documentation they say to see "key > > derivation" to > > > find out how they handle IV when its not specified. I cant track > down > > > this key derivation information. Any help will be appreciated! > > > ******************************* > > > >
