I have this private key and I am trying to decrypt the ciphertext:
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAkfmJTVkwbRXOtWN76j2MAmbwCMReCkV3hWG+23zEmivwVEUtlUNvmFkSx9fFSRgGLMW+TPleLybU629fYDTXSPmIzLM3faxIyzyI2LJdRAaQMWo1FUcVI8ME5/BX9T5Ebu6D2dA8zJzJ68dGkHmhSxhOC97vLQfjj3tNCAL1IulyVk/ZyV6BVPxpiD3WB4rfo+SBe8H7019+dnaR/DcTcCsxF+oj7KOunfPPqBZBGMRe7ADj/vPYqgpoTWyA8m0juJyVNjqBnFUeyZEPwjqYUKEXpw64YXDZH/hbJI6VaFmj/KpMzBv/gIowE+yOu1V5tsOSCqDsd6EgDfQU92FhpwIDAQABAoIBAEkkZb3SAMfH84lDzeUy7aKOfZuG+S/gWuEEdyN3QvOVLJitCQgPgC0wBI8J+JqFZSKt+oqLMLwjkvBdH8cO8whnsDoRWq6n0tmy/UbHKKBbQYjhFLQSp+8BWsX00b3ac2O6M2rCQpSrwylW8m6V41HDXefozqMbntRYDeMDyFyzJnto2nBJ4sM7esiSIhERUeXlz8QHmxn0Ay3j8LnSBtCKdZ3nAQ19No6naRu7IbrMGbqWnzxiWa5PqJa1gF9wMMHI0Vfz6lT6x/qT5nYPORRxakuuUg9BmwJmhElOZqf/tC3YCcrGOfq04u+AS+S2GE7C2yOAfhX15HgP8FeiEdECgYEAu1vMVNMRrjbkLF4wBJ4tOVDylDEU9/quuzK21JVKEePZJP/gK2O+1nO9xGGfFRtnBeDnz7mgLuD04lnRZnSFfE+S3WDcb94hkJl0K00Z2sGIPvSR7S5853kua591QT6QNhTDP8PUdIGrSZBFJ+DyZgdBdlcxOiNh0nWzIFbWnx0CgYEAx3RiM3ySvsb7ZOg3/RMWD4r33rb3DRiDoa5PObNtqesbqYU5BOUl3IQY86kYwLQttgrcgb9xtTmBXS0rcWSAa3ndXdULujRIwK3IaJTz98Pu9iAzj8RNIFk9Sw9kUzmAHaSzXgZcjf9c5lL7jgrwjEfYeKvgkW1VoIb9lKng1JMCgYBE8AgFBgyxX30hXh6o9FKLjl9Ta6Pdgp2cP5LKMYwpfP6/AG9JR9BGNBwVEB5qs8R6g0CITDLGTPuN9aJ44lLjZJwTXLp/ZupOvEfkTuA+f4tULsUq0jofKZWNAAUy1oRVgdo9sh6QJ84QqUbo33oRVIYftwFj9PTfbXNVaN5beQKBgC/vudZT/1TYr/ztjt9FIg00QiSF5tR/6ssGAMaGaDnpZqmUekLB7BqWqQSOxIM0CrRw4dRRNbvviTbir0k+dVrfXCO8G2hyPnYIjl0MR6JptdnznVDVRhAbQo7ysRMLg84cEnvrnX0HPcWhdhIKcQvWDKHb9Uoec/Dz4KhFN+L/AoGATnaM4pl/tv735KcNn+qpgyB2Qd01qasRahecchPZqujH0+roS3llDJFN09NG9BzmAQFi2yH7Asx5KmIHqyWiYqyMXGUcsauT3u+xsDYWxObqAW7q7sMCKlfRtsnEWli3FOWNufO0TBwGeL9xVjL3nXXIsD9J5/iq1cH/RuIVoX4=
-----END RSA PRIVATE KEY-----
The ciphertext:
M8zhAvxu/lkEcH42Eoe/cPjL6WJwPo1FZOK8Ta4SmigoHl9omd5Dol84vY3GfyzIZ0hHHp5gO3A4MjktImsLnT3Xx/myUearG/Ii24C+6irFapMqghziuMDYpeh7rs8G8ggE/rkjZaAAPSb/FgEDQkknL2qr4kxwyQybsnfmDDUqJ3q3lf0gRBDJ/2yr+aQyUcw3nK/zewbZjwlUeSyTvs76HhFtUDTyAlhB37961j9qfu+cxX34PtJlHWlF7k0WAuxQ4w7aCwkuQIvBOk/FUK3Ta1TrGEXg9iczPj6QacLI2DSjEPbODHsje82Fw+1ylcD1tF2mZ7GnnqtUw/9YoQ==
I tried to use these commands but without sucess:
openssl rsautl -decrypt -in ciphertext -out plaintext -inkey private_key
In this case I get the fallowing error:
rsa routines:RSA_EAY_PRIVATE_DECRYPT:data greater than mod len:rsa_eay.c:518
openssl enc -in ciphertext -out binarytext -d -a
openssl rsautl -decrypt -in binarytext -out plaintext -inkey private_key
If I try these 2 commands I get this error:
rsa routines: RA_padding_check_PKCS1_type_2:pkcs decoding error
rsa routines: RSA_EAY_PRIVATE_DECRYPT:padding check failed
Related
I want to decrypt large AES encrypted data:
Encrypted data: 7dS560FiDJvUji7c+ky/9nQp+HwK3SEOkY4zefqlFuEyF2/vevrv8K4GJNr2zxD7+j28RK97LmaHjwY9F+/feO6T2DAQuJQsT3wp/fKCPyErwZggsE+ufzvEJZK/XObR8CdbBe8EGZC//JsuMo7MV6SSe267jp4U2iIz4xIFxUlFVy9QcjTr6AUJZdVogedreBgy3/q/isAqOvwoHuj74MV5gkfaXWvmqESjMF4s5wMsYmS1WuBWOR6rw+TSwuL52CiVC5arHuJJEKuodO58bJ+1Ip9uelUIOETswiZmZB6gpTkbos7ij0BpJregejT+9vsDO1tB7+QpByMqeeEbEiSp4N833Z29WmVmy+HpxdZvOPIJ2pyelVhRVPPs/V7VREs4v8/e3X1jR0saA1sSyKYNgIGZUWaQTJwBNi87IPkGiUtyhPnrrKh+BighshJi+Jd+s3+sTYM5CaADvaGhm3wx96rBQi2So+NmFcm5cQa4jRA4S8sLGHmniUO0iiEcxQ2FvlGt+0PBqdbCPewBgOHdjpBUYjs1oR4pV5VjbjTfuIh75G7TS6TZT/gMewJXOXPw88zsSgjXVjRK0obOXaJBKABJ8AqKbKULWHoeMuWW4OdiSZ7mNVt6N40LK/u12vpqWU7Wt5XbSeE3arJPjljEV7WhafKvIOHFx+cK0wB9LQnFUrx/FTLL5HDDEkhnVkm02vxXSFKDwP36VgQnPpvOnY5fbJUTyjnwJcO8I9/H1hYwzPRhos2eNAdHZ3aMysU8zSobwUVto9GnQrvVmVURFyEX6fwifkrf2DTfCsDNSsHt4DLCtsszABKTwTezUoBesNkndk/Qkcd13GEZjTHoyP2tLp85nYwbwI6P+yr1jeu9v3ocN5p0LWPXdwlyTo55WeYkGzlJLsM6d9sut1qlcyQ2AZ536+eYFAIURJkmSexwfbdRebwckvqURRO3a55WCbLxVARKDHnyfculr/ndwyZF7J0RX4G1KcwSgfRdnBpUCkpGeQRImv5Ry5RYXwp5XfKQDrGTCEhV3XtDBD4b2eTxw4KwgJUq9T6IQjNNyPyDwM5AFxS2Y+4wAA0PA2iADfVe3kZrOKYpZvVn0Q== (base64 encoded)
Key: uHe2MCmggLlugpGBiMVuXTck7OT8Nk8g (base64 encoded)
Cipher: AES-256-CBC
IV: LNP8U7pc6GjxzxAtgw4s3A== (base64 encoded)
I try to use this command for it:
openssl aes-256-cbc -d -in data.enc -out data.dec -K $key -iv $iv
In $key and $iv i decoded from encoded values this way
iv=$( cat response.json | jq .iv -r | openssl base64 -d | xxd -p | tr -d '\n' )
But i have crashed data like this
^GÌ<8a>û)F"PEi~^K±jÔ^AcWSM
23NDwSOqovXSFGNfy3WatkCreYRd7kcWSM";
I have these private keys that have been converted to single line equivalent.
These keys are quite a lot.
So I decided to invest some time to write a script to convert.
This has not yielded to much.
-----BEGIN RSA PRIVATE KEY----pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4= pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4= pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4= pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4= pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4= -----END RSA PRIVATE KEY-----
I am using echo ~/.ssh/id_rsa | tr " " "\n"
This returns:
-----BEGIN
RSA
PRIVATE
KEY-----
pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=
pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=
pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=
pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=
pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=pEdInVAbH4d0PH4=
-----END
RSA
PRIVATE
KEY-----
I have been trying to figure out the best possible way to get this back to the right format.
Assuming a standard RSA private key that just had the newlines removed, a couple of sed replacements will get you back to the original format:
sed -e "s/-----BEGIN RSA PRIVATE KEY-----/&\n/"\
-e "s/-----END RSA PRIVATE KEY-----/\n&/"\
-e "s/\S\{64\}/&\n/g"\
~/.ssh/id_rsa
The standard key format requires the BEGIN and END statements to be on a separate line, and the base64-encoded key to be formatted at 64 columns. The above command will get you there.
#robby Thanks from your answer I adapted the following which worked for me.
sed -e "s/-----BEGIN RSA PRIVATE KEY-----/&\n/" -e "s/\S\{64\}/&\n/g" | sed "s/^\s//g" ~/.ssh/id_rsa
I adapted the solution to ed25519 algorithm to talk to Gitlab via SSH. Thanks #Robby!
RUN sed -i -e "s/-----BEGIN OPENSSH PRIVATE KEY-----/&\n/"\
-e "s/-----END OPENSSH PRIVATE KEY-----/\n&/"\
-e "s/\S\{70\}/&\n/g"\
/root/.ssh/id_ed25519
Input
-----BEGIN OPENSSH PRIVATE KEY----- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX== -----END OPENSSH PRIVATE
KEY-----
Output
-----BEGIN OPENSSH PRIVATE KEY-----
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX==
-----END OPENSSH PRIVATE KEY-----
I've created public and private keys using PuttyGen then the public key was used to encrypt a message.
I am now trying to decrypt such message using the private key with the following command:
echo [my encrypted message] | openssl enc -d -base64 -A | openssl rsautl -decrypt -inkey ~/.ssh/private.ppk
but I get the error:
unable to load Private Key
6870300:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:707:Expecting: ANY PRIVATE KEY
The private key looks like this (actual key omitted):
PuTTY-User-Key-File-2: ssh-rsa
Encryption: none
Comment: rsa-key-20170724
Public-Lines: 6
[...]
Private-Lines: 14
[...]
Private-MAC: [...]
What's wrong?
Thanks to this guy I sorted it out.
I've reopened the private key with PuttyGen and exported as OpenSSH, then used this new file to decrypt the message.
I need to use the PEM formatted public key for some purpose, but not finding the command which can convert DER formatted public key to PEM formatted public key.
The command I have used -
openssl rsa -in user_id_rsa.pub -inform DER -outform PEM -out pubkey.pem
But i got the below error -
unable to load Private Key
139901900170912:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1337:
139901900170912:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:677:
139901900170912:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1337:
139901900170912:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:388:Type=RSA
My expected output should be in this format-
-----BEGIN RSA PUBLIC KEY-----
KEY CONTENT
-----END RSA PUBLIC KEY-----
Is anyone has try the same?
i need to send a XML data to applications that check data integrity.
demodata.pem (http://privatepaste.com/376402542e)
ca.pem (http://privatepaste.com/85fff7bfe3)
D:\stest\wz\apptest\dist\q\realq>openssl smime -verify -inform pem -in demodata.pem -CAfile ca.pem -out out.xml
Verification successful
D:\stest\wz\apptest\dist\q\realq>
so i refer below link to make a new messages.
https://unix.stackexchange.com/questions/118265/how-to-encyrpt-a-message-using-someones-ssl-smime-p7s-file
D:\stest\wz\apptest\dist\q\realq>openssl pkcs7 -in demodata.pem -inform pem -print_certs -out smime.pem
[smime.pem]
-----BEGIN CERTIFICATE-----
MIIDeDCCAuGgAwIBAgIBBDANBgkqhkiG9w0BAQQFADCBiDELMAkGA1UEBhMCS1Ix
EDAOBgNVBAgTB3dpenZlcmExDjAMBgNVBAcTBXNlb3VsMRAwDgYDVQQKEwd3aXp2
ZXJhMRAwDgYDVQQLEwd3aXp2ZXJhMRIwEAYDVQQDEwlheG1zZXJ2ZXIxHzAdBgkq
hkiG9w0BCQEWEHJvb3RAd2l6dmVyYS5jb20wHhcNMDgxMTE2MDYzMjA1WhcNMjkw
OTA3MDYzMjA1WjB7MQswCQYDVQQGEwJLUjEOMAwGA1UECBMFc2VvdWwxDjAMBgNV
BAcTBXNlb3VsMQwwCgYDVQQKEwNrZWIxDDAKBgNVBAsTA2tlYjESMBAGA1UEAxMJ
a2ViLmNvLmtyMRwwGgYJKoZIhvcNAQkBFg1heG1Aa2ViLmNvLmtyMIGfMA0GCSqG
SIb3DQEBAQUAA4GNADCBiQKBgQDqiAmyc1N+9/+dsOvA8ZvjpAHkF4ZmhSdjf2ZN
9xoh/M6z3YqkTHdchaAdTuiCSvAHiITYgCPEQ4h95ur2/0SdBFk7sbbmNmrhJWTv
KypizOKnJ27pVrNs/HhmMDWw3g0TQmwgDG8pUwR0M2tfP/Z5gNeFK49BnGZMCYJi
4zyQGwIDAQABo4H9MIH6MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5T
U0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRzwPiRKm5PWVsjsSat
FxRTyi3zWjCBnwYDVR0jBIGXMIGUoYGOpIGLMIGIMQswCQYDVQQGEwJLUjEQMA4G
A1UECBMHd2l6dmVyYTEOMAwGA1UEBxMFc2VvdWwxEDAOBgNVBAoTB3dpenZlcmEx
EDAOBgNVBAsTB3dpenZlcmExEjAQBgNVBAMTCWF4bXNlcnZlcjEfMB0GCSqGSIb3
DQEJARYQcm9vdEB3aXp2ZXJhLmNvbYIBADANBgkqhkiG9w0BAQQFAAOBgQCd3RYF
Nn22ca9x1lD/vvKuDk+DM5/448kKowu0zVheWvaU/GrKTCvtyJNMnr87dEn219BE
iAczBxzYaXnQAK09vptCKbc+tc/QG0NRalSxidIiuPvbIjzko/j4IuX6IWOR+5Ka
/EhbG4N5WrmKZkuSpuFxrwdbh5i/AtEpkqBv9w==
-----END CERTIFICATE-----
D:\stest\wz\apptest\dist\q\realq>openssl smime -encrypt -text -in newxml.txt -out newdata.der -outform der smime.pem
Loading 'screen' into random state - done
D:\stest\wz\apptest\dist\q\realq>openssl smime -verify -inform der-in newdata.der -CAfile ca.pem
Verification failure
8476:error:21075071:PKCS7 routines:PKCS7_verify:wrong content type:.\crypto\pkcs
7\pk7_smime.c:285:
D:\stest\wz\apptest\dist\q\realq>
but as you can see, Verification is failed.
so how can i make signed-data from someone's data. does it possible ?