Thank you for your kind replies. Interestingly it appears that 2 days trying to figure out what is wrong with OpenSSL I was barking up the wrong tree. I omitted from my posted command line that I was splitting the file after encryption then cat'ing back together again to decrypt.
Against all logic, having stripped out the encryption, the split process is somehow losing sectors. DD'ing the drive creates say 19000 sectors then I split, but when I recombine and 'dd of' the result I have 18995 sectors. Crazy I know. Having removed split, Openssl is now working as it should. It would seem that there is something screwy with Cygwins Split or Cat command. Thanks again for your comments. Nick Nickfx wrote: > > Hi, first post here and I wonder if anyone with a larger brain than me can > help? > > I'm in Windows XP Pro and using DD to image a disk and then pipe to > openssl to encrypt. I'm using the -pass pass:'anotherpassword' switch to > make decryption by the user as easy as possible. It looks like this:- > > dd if=\\.\PhysicalDrive0 conv=noerror | openssl enc -aes-128-ecb -salt > -out encryptedfile.enc > > I enter the passphrase when prompted and verify. > > Encryption appears to work and I can see the SALTED line at the start of > the file in a Hexviewer. > > However when I try to decrypt using:- > > openssl enc -d -aes-128-ecb -salt -in encryptedfile.enc -out finished.dd > > and type in the passphrase.. > > I get the following:- > > bad decrypt > 4064:error:00065064:digital envelope routines:EVP_DecryptFinal_ex:bad > decrypt: .\crypto\evp\evp_enc.c:330: > > I've seen alot of posts that say the passphrase is wrong however I and a > collegue have tried this 20 or 30 times with phrases from 123 to hello to > more complex. We havent got it wrong each time! > > When I look at the resultant file I can see NTFS at the start of the file > meaning it has sort of worked but when I hash compare the input and output > they are different so something hasnt worked. > > I am well and truly stuck! > > Thanks in advance > > Nick > > Nick > -- View this message in context: http://www.nabble.com/Bad-Decrypt-message-when-using--pass-pass%3A-tp21936670p21958259.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
