Hi Team,
I am trying to use openssl API's for decryption of the key file with password given as argument.
CLI commands which work fine are as below.
Below is encode plain text file into encoded one.
Code:
openssl aes-256-cbc -salt -in plaintext_file.txt -out encrypted_file.enc -pass pass:111111
The same encoded one to decrypt.
Code:
openssl aes-256-cbc -d -in encrypted_file.enc -out decrypted_file.txt -pass pass:111111
I tried to use the same "encrypted_file.enc" file and decrypt using the openssl and crypto API's as below and get a plain text file by using below c program.
Code:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>
void handleErrors(void)
{
ERR_print_errors_fp(stderr);
abort();
}
int decryptFile(const char *inputFile, const char *outputFile, const char *passphrase)
{
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
FILE *inFile = fopen(inputFile, "rb");
if (!inFile) {
perror("Error opening input file");
return 1;
}
FILE *outFile = fopen(outputFile, "wb");
if (!outFile) {
perror("Error opening output file");
fclose(inFile);
return 1;
}
const EVP_CIPHER *cipher = EVP_aes_256_cbc();
const EVP_MD *digest = EVP_sha256();
unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
if (!EVP_BytesToKey(cipher, digest, NULL, (const unsigned char *)passphrase, strlen(passphrase), 1, key, iv)) {
perror("Error deriving key and IV");
fclose(inFile);
fclose(outFile);
return 1;
}
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
if (!ctx) {
perror("Error creating context");
fclose(inFile);
fclose(outFile);
return 1;
}
if (1 != EVP_DecryptInit_ex(ctx, cipher, NULL, key, iv)) {
perror("Error initializing decryption");
EVP_CIPHER_CTX_free(ctx);
fclose(inFile);
fclose(outFile);
return 1;
}
EVP_CIPHER_CTX_set_padding(ctx, 0);
unsigned char inBuf[1024], outBuf[1024];
int bytesRead, decryptedLen;
while ((bytesRead = fread(inBuf, 1, sizeof(inBuf), inFile)) > 0) {
if (1 != EVP_DecryptUpdate(ctx, outBuf, &decryptedLen, inBuf, bytesRead)) {
perror("Error updating decryption");
EVP_CIPHER_CTX_free(ctx);
fclose(inFile);
fclose(outFile);
return 1;
}
fwrite(outBuf, 1, decryptedLen, outFile);
}
if (1 != EVP_DecryptFinal_ex(ctx, outBuf, &decryptedLen)) {
ERR_print_errors_fp(stderr);
perror("Error finalizing decryption");
EVP_CIPHER_CTX_free(ctx);
fclose(inFile);
fclose(outFile);
return 1;
}
fwrite(outBuf, 1, decryptedLen, outFile);
EVP_CIPHER_CTX_free(ctx);
fclose(inFile);
fclose(outFile);
return 0;
}
int main()
{
const char *inputFile = "encrypted_file.enc";
const char *outputFile = "decrypted_file.txt";
const char *passphrase = "111111";
if (decryptFile(inputFile, outputFile, passphrase) == 0) {
printf("File decrypted successfully.\n");
} else {
fprintf(stderr, "Error decrypting file.\n");
}
ERR_free_strings();
return 0;
}
When I execute the same, I don't get a plain text file but it's still with some encrypted data I believe.
content of decrypted_file.txt as below.
$ cat decrypted_file.txt
#r▒e▒▒R6e !/▒▒~4f▒>KvC▒▒▒
Any inputs / leads in this will be very helpfull.
Thanks