Decode file encoded on one system using openssl on another system


I am encrypting a file on Ubuntu machine with openSSL using following command:

openssl enc -aes-256-cbc -in mydbBackup.tar -out  mydbBackup.enc.tar 
     -pass pass:scecret

I transfer it to ftp server. Now when I copy the file from ftp to another machine and try to decrypt it with following command:

openssl enc -aes-256-cbc -d -in mydbBackup.tar -out  mydbBackup.enc.tar 
     -pass pass:scecret

I get following error:

bad decrypt
139727625037472:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:
bad decrypt:evp_enc.c:467:

Is it some problem due to file transfer or is it not possible to decrypt the files encrypted on another system?


I have executed ls -l command after running decrypt command with (-out decrypt.tar.gz) and without (-out decrypt.tar.gz) salt argument and I get following output:

-rw-r--r-- 1 backup backup 43119360 2012-01-29 07:10 encrypt-20120128.enc.tar.gz
-rw-r--r-- 1 backup backup 43119328 2012-01-29 07:12 decrypt1.tar.gz
-rw-r--r-- 1 backup backup 43119328 2012-01-29 07:12 decrypt.tar.gz

so it is churning out something but it is throwing up error and tar complains that resulting file is not gzip archive.

UPDATE:- I have calculated MD5 checksum (as suggested by @Oliver Salzburg) of original file and one transferred from ftp and surprisingly it gives same value for both the files.


Best Answer

  • In general, a file encrypted like this should be decryptable on another system (I just tested it just to make sure).

    So either the file is "broken" or there is something else conflicting with the decryption. But I could only make assumptions about that. I remember an issue similar to this caused by transferring a key/certificate as text. The resulting file had a BOM attached to it which caused problems with the encryption/decryption process (it was also converted to Unicode which didn't help either).

  • Related Question