Re: Bad Decrypt - Password Correct

Mon, 28 Sep 2009 07:22:54 -0700 

I've done things like this is the past.  My suspicion is you are
using a shell that does not specify binary mode on pipelines.   I
think line endings in the file were corrupted when it was written to 
JMBkFile.ssl and possible when it was written to openssl from 
JMBkFile.tar.  

This kind of thing can be done reliably with perl using binmode.
Some shells do not set binary mode on the file descriptors when
using redirection.

That is my guess if so you should see a lack of bare newlines in
the corrupted file.  If so, the file likely has a nontrivial number 
of corrupted points so it is likely intractable to recover.  This is 
obviously not an openssl problem if this is the case.

If so, something like this might be an interesting test.

perl -0377 -ne '$c++ if /(?<![\r])([\n])/; END { print $c }'

It will count the number of bare newlines.

Garick





On Sun, Sep 27, 2009 at 02:25:55PM -0400, John Medearis wrote:
> Using openssl on Windows Vista 64-bit.  Would create a tar backup of data,
> and then use openssl to encrypt:
> 
> openssl enc -aes-256-cbc -salt -pass file:backup_key < JMBkFile.tar >
> JMBkFile.ssl
> 
> This has worked well on a RHEL 5 box, with a 1.2GB tar file.  I have been
> able to encrypt and decrypt successfully.
> 
> The windows backup file is 8.3GB.  The password file has a single line
> containing just the password, no CR or LF, no additional lines.
> 
> I have tried to decrypt specifying the file on the command line,
> specifying the actual password on the command line, but I continue to
> receive the Bad Decrypt message.  All of the posts I can find that seem to
> apply to my situation suggest a bad password or specifying the wrong
> encryption algorithm, but I know they are correct because I have a command
> file that creates it, so I know the parameters being used.
> 
> Is it the size of the file?  What other possibilities should I look at?
> 
> John
> 
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [email protected]
> Automated List Manager                           [email protected]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [email protected]
Automated List Manager                           [email protected]

Reply via email to