Posts
- key should be in hexadecimal format
- Don’t use
echo. It treats length of “0\n1” as 4 instead of 3. Use printf instead. - Use
hexdump -Cto check output of openssl commands. -nopadoption is added to remove OpenSSL’s PKCS#7 padding to ensure there are full blocks. Refer this for more details.- If you want to use PKCS#7 padding, don’t use
-nopadflog.
openssl-encryption
Using openssl (command line tool)
$ openssl version
$ openssl list-standard-commands
enc -> encrypt/decrypt using secret key algorithms. It is possible to generate using a password or directly a secret key stored in a file.
$ openssl list-cipher-commands
aes-128-ecb
base64
…
base64
encoding
$ printf “123456789” | openssl enc -base64
or
$ openssl enc -base64 -in number.txt
decoding
$ printf "YWJjZGVmZ2hpamtsbW5vcA==" | openssl enc -base64 -d -A
-A option required for bigger encrypted data.
aes-128-ecb mode with cipher key
encryptyion
$ printf "abcdefghijklmnop" | openssl aes-128-ecb -K '59454c4c4f57205355424d4152494e45' -nosalt -v -nopad -out result.bin
$ openssl enc -base64 -in result.bin
decryption
$ openssl aes-128-ecb -d -K '59454c4c4f57205355424d4152494e45' -nosalt -nopad -in result.bin
aes-128-cbc mode with cipher key
encryptyion
$ printf "abcdefghijklmnop" | openssl aes-128-cbc -K '59454c4c4f57205355424d4152494e45' -iv '00000000000000000000000000000000' -nosalt -v -nopad -out result.bin
$ openssl enc -base64 -in result.bin
decryption
$ openssl aes-128-cbc -d -K '59454c4c4f57205355424d4152494e45' -iv '00000000000000000000000000000000' -nosalt -nopad -in result.bin
Note:
aes-256-cbc mode using password
encryption
$ touch plain.txt
$ printf "I love OpenSSL!" > plain.txt
$ openssl enc -aes-256-cbc -in plain.txt -out encrypted.bin
enter aes-256-cbc encryption password: hello
Verifying - enter aes-256-cbc encryption password: hello
The secret key of 256 bits is computed from the password. Note that of course the choice of password “hello” is really INSECURE! Please take the time to choose a better password to protect your privacy! The output file encrypted.bin is binary.
decryption
$ openssl enc -aes-256-cbc -d -in encrypted.bin -pass pass:hello
I love OpenSSL!
templates
Templates
Started creating templates for programs, projects in various languages. This will act as building blocks for new work I will pick. I will try to keep this updated alongwith learning new things.
Enter Cryptography
Few weeks back, I watched “The Imitation Game” movie based on real life story of cryptanalyst Alan Turing trying to crack Nazi codes during Second World War. What got me stick to the movie is the art of Cryptography used from that period of time.
After attending one session on the same topic from my senior, I have decided to understand cryptography in depth.
To begin with I am working on Matasano Crypto Challenges. It seems to be great resource for learning with some coding as well.
I am not sure how long I will be able to maintain this interest. Hoping for the best.
Link to solutions
Fingers crossed.
Hello Chrome Extension
“Hello Chrome Extension”
Just wrote my first chrome extension using getting started tutorials provided by Google.
Inspiration!!! Nowadays I am learning Ruby and got a monthly subscription plan for Rubytapas. Rubytapas provides you with awesome screencasts for learning and mastering Ruby.
But the problem with watching screencasts as a subscribed user is that one has to manually download all available content links on a given screencast webpage.
This chrome extension aims at downloading all those content links automatically once browser action button is clicked. (Other perfect solutions may exist as well!!!)
Blog like a hacker
The only part tough in blogging should be writing. Other stuff should be easy enough to focus on nothing else but writing.
Here is my first attempt to automate posting any markdown file to my github repository using jekyll.
https://gist.github.com/yatinsns/4c92d978331f401967f2
Hope this proves to be useful. Fingers crossed.
subscribe via RSS