On Wed February 11 2009, Nickfx wrote: > > Thank you for your kind replies. > > Interestingly it appears that 2 days trying to figure out what is wrong with > OpenSSL I was barking up the wrong tree. I omitted from my posted command > line that I was splitting the file after encryption then cat'ing back > together again to decrypt. > > Against all logic, having stripped out the encryption, the split process is > somehow losing sectors. DD'ing the drive creates say 19000 sectors then I > split, but when I recombine and 'dd of' the result I have 18995 sectors. > Crazy I know. Having removed split, Openssl is now working as it should. > It would seem that there is something screwy with Cygwins Split or Cat > command. >
The handling of sparse files comes to mind. Try one of the file-system oriented utilities rather than a storage-system utility (cpio, star, tar, etc rather than dd). Mike > Thanks again for your comments. > > Nick > > > > Nickfx wrote: > > > > Hi, first post here and I wonder if anyone with a larger brain than me can > > help? > > > > I'm in Windows XP Pro and using DD to image a disk and then pipe to > > openssl to encrypt. I'm using the -pass pass:'anotherpassword' switch to > > make decryption by the user as easy as possible. It looks like this:- > > > > dd if=\\.\PhysicalDrive0 conv=noerror | openssl enc -aes-128-ecb -salt > > -out encryptedfile.enc > > > > I enter the passphrase when prompted and verify. > > > > Encryption appears to work and I can see the SALTED line at the start of > > the file in a Hexviewer. > > > > However when I try to decrypt using:- > > > > openssl enc -d -aes-128-ecb -salt -in encryptedfile.enc -out finished.dd > > > > and type in the passphrase.. > > > > I get the following:- > > > > bad decrypt > > 4064:error:00065064:digital envelope routines:EVP_DecryptFinal_ex:bad > > decrypt: .\crypto\evp\evp_enc.c:330: > > > > I've seen alot of posts that say the passphrase is wrong however I and a > > collegue have tried this 20 or 30 times with phrases from 123 to hello to > > more complex. We havent got it wrong each time! > > > > When I look at the resultant file I can see NTFS at the start of the file > > meaning it has sort of worked but when I hash compare the input and output > > they are different so something hasnt worked. > > > > I am well and truly stuck! > > > > Thanks in advance > > > > Nick > > > > Nick > > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
