Simon Greenwood <[email protected]> wrote: > On 4 January 2011 10:15, Rowan Berkeley <[email protected]> wrote: > > On Tue, 2011-01-04 at 08:02:03 +0000,Sean Miller <[email protected]> > > wrote: > > > On 4 January 2011 07:45, Rowan Berkeley <[email protected]> > > > wrote: > > > > I have the file itself, and the default OpenSSL packages for 10.04, > > > > but OpenSSL is a command line application and I wonder if anyone > > > > could tell me what to type into the terminal in order to at least > > > > inspect the file and gain some information about it. > > > Well, it's encrypted so you'd need to know the encryption key (aka > > > "password") to inspect the file... if you don't, you can't. Or am I > > > misunderstanding something? Sean > > I don't know much about cryptography, but if I could compare the > > situation to a box with a lock on it, it should be possible to see the > > keyhole at least. Thus, I would expect it to be possible to look at the > > file and say, yes, this is a text file encrypted with AES256, and it > > requires a password of x characters to open it. R > The encryption key will show how the file has been encrypted but certainly > not the length of the password, which would be an open attack vector. There > are tools in the OpenSSL toolkit that validate encrypted files without > providing any identifying information. I've looked at the toolkit documents at http://www.openssl.org/docs/ and they're all way over my head. What I originally had in mind was something I could put into the terminal for a given location, e.g. /home/rowan/Documents/Insurance.aes256 which would do just that: validate it. R
-- [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
