Skip to content

Instantly share code, notes, and snippets.

@alopresto
Created December 18, 2018 19:54
Show Gist options
  • Save alopresto/23a2a25daf0c129cb9bc416ce28e0464 to your computer and use it in GitHub Desktop.
Save alopresto/23a2a25daf0c129cb9bc416ce28e0464 to your computer and use it in GitHub Desktop.
Example of openssl being unable and able to decrypt NiFi-encrypted data depending on the cipher.
~W/scratch (master) 😉
🔒 0s @ 11:26:31 $ cd openssl
...sers/alopresto/Workspace/scratch/openssl (master) 😉
🔒 0s @ 11:26:34 $ ll # Showing files being output from NiFi (using SHA256_256AES)
total 16
drwxr-xr-x 4 alopresto staff 128B Dec 18 11:26 ./
drwxr-xr-x 178 alopresto staff 5.6K Dec 18 11:26 ../
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:26 encrypted_2018_12_352_11_26_29_354.enc
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:26 encrypted_2018_12_352_11_26_32_357.enc
...sers/alopresto/Workspace/scratch/openssl (master) 😉
🔒 43s @ 11:26:41 $ ll
total 40
drwxr-xr-x 7 alopresto staff 224B Dec 18 11:26 ./
drwxr-xr-x 178 alopresto staff 5.6K Dec 18 11:26 ../
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:26 encrypted_2018_12_352_11_26_29_354.enc
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:26 encrypted_2018_12_352_11_26_32_357.enc
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:26 encrypted_2018_12_352_11_26_35_359.enc
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:26 encrypted_2018_12_352_11_26_38_361.enc
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:26 encrypted_2018_12_352_11_26_41_363.enc
...sers/alopresto/Workspace/scratch/openssl (master) 😉
🔒 0s @ 11:26:43 $ xxd encrypted_2018_12_352_11_26_29_354.enc # Showing raw content of a binary-encoded encrypted file
00000000: 5361 6c74 6564 5f5f e61b 2f3c 68df 4f25 Salted__../<h.O%
00000010: 3d39 635e e47c 5635 72a7 7497 585d 26aa =9c^.|V5r.t.X]&.
00000020: 9974 e475 04be 964e 5c67 f5ba cd00 a91e .t.u...N\g......
00000030: 1cda 38e8 04a2 7665 b220 afa6 287b 7e97 ..8...ve. ..({~.
00000040: d1bf 254f 2070 4545 5271 71ce 3577 75be ..%O pEERqq.5wu.
...sers/alopresto/Workspace/scratch/openssl (master) 😉
🔒 0s @ 11:26:53 $ openssl aes-256-cbc -d -k thisIsABadPassword -in encrypted_2018_12_352_11_26_29_354.enc # Won't work because these are incompatible ciphers
bad decrypt
4514862700:error:06FFF064:digital envelope routines:CRYPTO_internal:bad decrypt:/BuildRoot/Library/Caches/com.apple.xbs/Sources/libressl/libressl-22.200.4/libressl-2.6/crypto/evp/evp_enc.c:533:
E���K��d��W+��E`�sRi���Mˣ
ڃ���cF��8
���ho
...sers/alopresto/Workspace/scratch/openssl (master) 😉
🔒 0s @ 11:43:02 $ ll # Now with NiFi-encrypted files using MD5_256AES (...42 and later)
total 64
drwxr-xr-x 10 alopresto staff 320B Dec 18 11:44 ./
drwxr-xr-x 178 alopresto staff 5.6K Dec 18 11:26 ../
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:26 encrypted_2018_12_352_11_26_29_354.enc
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:26 encrypted_2018_12_352_11_26_32_357.enc
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:26 encrypted_2018_12_352_11_26_35_359.enc
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:26 encrypted_2018_12_352_11_26_38_361.enc
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:26 encrypted_2018_12_352_11_26_41_363.enc
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:26 encrypted_2018_12_352_11_26_44_366.enc
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:42 encrypted_2018_12_352_11_42_44_405.enc
-rw-r--r-- 1 alopresto staff 80B Dec 18 11:44 encrypted_2018_12_352_11_44_21_661.enc
...sers/alopresto/Workspace/scratch/openssl (master) 😉
🔒 0s @ 11:44:26 $ openssl aes-256-cbc -d -k thisIsABadPassword -in encrypted_2018_12_352_11_44_21_661.enc
This is a plaintext message at 2018-12-352 11:44:21.661 -0800.
...sers/alopresto/Workspace/scratch/openssl (master) 😉
🔒 0s @ 11:44:34 $
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment