windows上的openssl aes-256加密文件不能在linux上解密 [英] openssl aes-256 encrypted file on windows cant be decrypted on linux
问题描述
echo MyPass34 | openssl.exe aes-256-cbc -pass stdin -salt -in somefile.pdf -out somefile.pdf
,并在下载时解密它们,并使用以下命令:
echo MyPass34 | openssl.exe aes-256-cbc -pass stdin -d -in somefile.pdf -out decriptedfile.pdf
应用程序一直工作正常,到目前为止,人们正在上传和下载他们的文件,而在服务器上保存加密,现在的问题是这个应用程序已被移动到apache linux服务器,现在的文件, windows在linux上没有正确解密。
为什么这样?解密命令是否有可能的调整,以便正确解密该文件?
PS:在linux上加密的新文件被正确解密,与Windows中相同,是在Windows上编码的解码的失败的案例。
我找到了解决方案:-),问题是windows echo命令将三个字符添加到密码的末尾,即空格,CR和LF字符,而linux echo命令似乎没有提供这些字符,因此openssl命令没有收到用于加密的密码
解决方法是在Linux中将这三个字符添加到密码中,这是可能的,因为echo命令具有转义序列来插入十六进制值。现在正在为linux工作的decrypt命令是:
echo $'MyPass34\x20\x0d\\ \\ x0a'| / usr / bin / openssl aes-256-cbc -pass stdin -d -in somefile.pdf -out decriptedfile.pdf
希望这可以帮助某人!
I have a php document repository application running on windows apache, this application will aes-encrypt any uploaded document with the following command:
echo MyPass34 | openssl.exe aes-256-cbc -pass stdin -salt -in somefile.pdf -out somefile.pdf
and also decrypt them when they are downloaded, with the following command:
echo MyPass34 | openssl.exe aes-256-cbc -pass stdin -d -in somefile.pdf -out decriptedfile.pdf
the application has been working fine so far, people are uploading and downloading their files while they are kept encrypted on the server, the problem now is this application has been moved to an apache linux server, and now the files that where encrypted on windows are not correctly decrypted on linux.
Why is this? Is there a possible tweak to the decryption command so it correctly decrypt that files again?
PS: New files that are encrypted on linux are correctly decrypted, same as in windows, is the encoded-on-windows decoded-on-linux case that is failing.
I found the solution :-), the problem is the windows echo command adds three characters to the end of password, that are space,CR and LF characters, and the linux echo command seems to not feed those characters and so the openssl command is not receiving the same password used to encrypt.
The solution was to add those three characters to the password in Linux, that is possible because the echo command has escape sequences to insert hexadecimal values.So, following my example, the correct decrypt command that is now working for me in linux is:
echo $'MyPass34\x20\x0d\x0a' | /usr/bin/openssl aes-256-cbc -pass stdin -d -in somefile.pdf -out decriptedfile.pdf
Hope this can help someone!
这篇关于windows上的openssl aes-256加密文件不能在linux上解密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!