-4

I'm encountering an issue while trying to decrypt a file using Open SSL. I have a file named fc382Crypto.bin provided by my instructor, and I need to decrypt it using the blowfish algorithm with CBC mode.

Here's the command I'm using to decrypt the file:

openssl enc -aes-128-cbc -d -in fc382Crypto.bin -out decrypted_output.txt -K 112233445566778899 -iv 0000000000000000

However, I keep getting the following error:

hex string is too short, padding with zero bytes to length
hex string is too short, padding with zero bytes to length
bad decrypt

I've tried adjusting the command by adding the -nopad option, but the issue persists. I've also verified the integrity of the fc382Crypto.bin file to ensure it hasn't been corrupted.

The encryption settings provided by my instructor are as follows:

Algorithm: Blowfish
Mode: CBC
Key: 112233445566778899
IV: 0

I'm not sure why I'm encountering this error or how to resolve it. Can someone please provide guidance on how to decrypt this file correctly using OpenSSL?

enter image description here

Improve this question
5
  • Please add fc382Crypto.bin to your question.
    – Cyrus
    Commented Feb 25 at 2:16
  • 1
    aes-128-cbc is NOT blowfish. Although the blowfish algorithm and the libcrypto implementation support variable keysize, openssl commandline only supports 128-bit (16-byte or 32-hexit) and you don't have such a key -- unless the instructor actually used openssl commandline (incorrectly) with the short key and got the padding but withheld this info from you.
    – dave_thompson_085
    Commented Feb 25 at 3:42
  • @dave_thompson_085 - The key is fine you just have to pad it with zeros, this is obviously homework, not sure what the privacy concerns are though.
    – Ramhound
    Commented Feb 25 at 5:02
  • @Ramhound: unless the encryption was done with openssl commandline, which is not said, there's no reason the key needs to be padded at all.
    – dave_thompson_085
    Commented Feb 28 at 23:10
  • @dave_thompson_085 - I strongly disagree. The instructions for the assignment, said it was encrypted with a openssl command line, and the warning is being thrown which suggests the key wasn't padded. I also have strong negative feelings about helping somebody cheat. Since the author has provided zero feedback, I am inclined to delete my answer, allowing this question caused by zero research on the author's part to be thrown into the void.
    – Ramhound
    Commented Feb 28 at 23:26

1 Answer 1

Reset to default
-1

I'm not sure why I'm encountering this error or how to resolve it.

You’re using a 128-bit encryption algorithm. So your encryption key and Initialization Vector (IV) need to be 128-bits long.

Key: 0x00000000000000112233445566778899

IV: 0x00000000000000000000000000000000

An encryption method of AES-128 signals that Media Segments are completely encrypted using the Advanced Encryption Standard (AES) [AES_128] with a 128-bit key, Cipher Block Chaining (CBC), and Public-Key Cryptography Standards #7 (PKCS7) padding [RFC5652]. CBC is restarted on each segment boundary, using either the Initialization Vector (IV) attribute value or the Media Sequence Number as the IV; see Section 5.2.

IV

The value is a hexadecimal-sequence that specifies a 128-bit unsigned integer Initialization Vector to be used with the key. Use of the IV attribute REQUIRES a compatibility version number of 2 or greater. See Section 5.2 for when the IV attribute is used.

Source: https://www.rfc-editor.org/rfc/rfc8216#section-4.3.2.4

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .