Decrypt old openssl data

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












I have a git repo encrypted with openssl. I have moved the repo to a new host. The original host was using:



» openssl version
OpenSSL 1.0.2g 1 Mar 2016


The current host is using:



» openssl version
OpenSSL 1.1.0g 2 Nov 2017


These are my filters for the git repo:



[filter "openssl"]
smudge = ~/.gitencrypt/SALT-20131126-01/smudge_filter_openssl
clean = ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
[diff "openssl"]
textconv = ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl


The encoding filter:



» cat ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
#!/bin/bash

# 24 or less hex characters
SALT_FIXED=mysalt
PASS_FIXED=mypass

openssl enc -base64 -aes-256-ecb -S $SALT_FIXED -k $PASS_FIXED


The decoding filter:



» cat ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl
#!/bin/bash

# No salt is needed for decryption.
PASS_FIXED=mypass
# Error messages are redirect to /dev/null.
openssl enc -d -base64 -aes-256-ecb -k $PASS_FIXED -in "$1" 2> /dev/null || cat "$1"


I have read that there are changes regarding the default hash used by OpenSSL. I have tried to force the old hash:



» git show HEAD~1:myfile > /tmp/xxx
» openssl enc -d -md md5 -base64 -aes-256-ecb -k mypass -in /tmp/xxx


But still gives me problems:



error reading input file


What else could I try?










share|improve this question



















  • 1




    Can you downgrade the openssl package temporarily? (I know it's not solution, but just workaround to get to data)
    – Jaroslav Kucera
    Aug 8 at 8:58











  • @JaroslavKucera thanks, but found the solution. If my analisys is correct, the git show command above was already applying a filter, so running the openssl command manually was working on already decrypted data, thus failing. The solution is just to update the filter scripts with the -d -md md5 flags.
    – dangonfast
    Aug 8 at 11:03










  • Good, make it answer then :-)
    – Jaroslav Kucera
    Aug 8 at 13:59














up vote
0
down vote

favorite












I have a git repo encrypted with openssl. I have moved the repo to a new host. The original host was using:



» openssl version
OpenSSL 1.0.2g 1 Mar 2016


The current host is using:



» openssl version
OpenSSL 1.1.0g 2 Nov 2017


These are my filters for the git repo:



[filter "openssl"]
smudge = ~/.gitencrypt/SALT-20131126-01/smudge_filter_openssl
clean = ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
[diff "openssl"]
textconv = ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl


The encoding filter:



» cat ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
#!/bin/bash

# 24 or less hex characters
SALT_FIXED=mysalt
PASS_FIXED=mypass

openssl enc -base64 -aes-256-ecb -S $SALT_FIXED -k $PASS_FIXED


The decoding filter:



» cat ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl
#!/bin/bash

# No salt is needed for decryption.
PASS_FIXED=mypass
# Error messages are redirect to /dev/null.
openssl enc -d -base64 -aes-256-ecb -k $PASS_FIXED -in "$1" 2> /dev/null || cat "$1"


I have read that there are changes regarding the default hash used by OpenSSL. I have tried to force the old hash:



» git show HEAD~1:myfile > /tmp/xxx
» openssl enc -d -md md5 -base64 -aes-256-ecb -k mypass -in /tmp/xxx


But still gives me problems:



error reading input file


What else could I try?










share|improve this question



















  • 1




    Can you downgrade the openssl package temporarily? (I know it's not solution, but just workaround to get to data)
    – Jaroslav Kucera
    Aug 8 at 8:58











  • @JaroslavKucera thanks, but found the solution. If my analisys is correct, the git show command above was already applying a filter, so running the openssl command manually was working on already decrypted data, thus failing. The solution is just to update the filter scripts with the -d -md md5 flags.
    – dangonfast
    Aug 8 at 11:03










  • Good, make it answer then :-)
    – Jaroslav Kucera
    Aug 8 at 13:59












up vote
0
down vote

favorite









up vote
0
down vote

favorite











I have a git repo encrypted with openssl. I have moved the repo to a new host. The original host was using:



» openssl version
OpenSSL 1.0.2g 1 Mar 2016


The current host is using:



» openssl version
OpenSSL 1.1.0g 2 Nov 2017


These are my filters for the git repo:



[filter "openssl"]
smudge = ~/.gitencrypt/SALT-20131126-01/smudge_filter_openssl
clean = ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
[diff "openssl"]
textconv = ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl


The encoding filter:



» cat ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
#!/bin/bash

# 24 or less hex characters
SALT_FIXED=mysalt
PASS_FIXED=mypass

openssl enc -base64 -aes-256-ecb -S $SALT_FIXED -k $PASS_FIXED


The decoding filter:



» cat ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl
#!/bin/bash

# No salt is needed for decryption.
PASS_FIXED=mypass
# Error messages are redirect to /dev/null.
openssl enc -d -base64 -aes-256-ecb -k $PASS_FIXED -in "$1" 2> /dev/null || cat "$1"


I have read that there are changes regarding the default hash used by OpenSSL. I have tried to force the old hash:



» git show HEAD~1:myfile > /tmp/xxx
» openssl enc -d -md md5 -base64 -aes-256-ecb -k mypass -in /tmp/xxx


But still gives me problems:



error reading input file


What else could I try?










share|improve this question















I have a git repo encrypted with openssl. I have moved the repo to a new host. The original host was using:



» openssl version
OpenSSL 1.0.2g 1 Mar 2016


The current host is using:



» openssl version
OpenSSL 1.1.0g 2 Nov 2017


These are my filters for the git repo:



[filter "openssl"]
smudge = ~/.gitencrypt/SALT-20131126-01/smudge_filter_openssl
clean = ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
[diff "openssl"]
textconv = ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl


The encoding filter:



» cat ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
#!/bin/bash

# 24 or less hex characters
SALT_FIXED=mysalt
PASS_FIXED=mypass

openssl enc -base64 -aes-256-ecb -S $SALT_FIXED -k $PASS_FIXED


The decoding filter:



» cat ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl
#!/bin/bash

# No salt is needed for decryption.
PASS_FIXED=mypass
# Error messages are redirect to /dev/null.
openssl enc -d -base64 -aes-256-ecb -k $PASS_FIXED -in "$1" 2> /dev/null || cat "$1"


I have read that there are changes regarding the default hash used by OpenSSL. I have tried to force the old hash:



» git show HEAD~1:myfile > /tmp/xxx
» openssl enc -d -md md5 -base64 -aes-256-ecb -k mypass -in /tmp/xxx


But still gives me problems:



error reading input file


What else could I try?







git openssl






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Aug 8 at 8:57









Jaroslav Kucera

4,3904621




4,3904621










asked Aug 8 at 8:21









dangonfast

2632413




2632413







  • 1




    Can you downgrade the openssl package temporarily? (I know it's not solution, but just workaround to get to data)
    – Jaroslav Kucera
    Aug 8 at 8:58











  • @JaroslavKucera thanks, but found the solution. If my analisys is correct, the git show command above was already applying a filter, so running the openssl command manually was working on already decrypted data, thus failing. The solution is just to update the filter scripts with the -d -md md5 flags.
    – dangonfast
    Aug 8 at 11:03










  • Good, make it answer then :-)
    – Jaroslav Kucera
    Aug 8 at 13:59












  • 1




    Can you downgrade the openssl package temporarily? (I know it's not solution, but just workaround to get to data)
    – Jaroslav Kucera
    Aug 8 at 8:58











  • @JaroslavKucera thanks, but found the solution. If my analisys is correct, the git show command above was already applying a filter, so running the openssl command manually was working on already decrypted data, thus failing. The solution is just to update the filter scripts with the -d -md md5 flags.
    – dangonfast
    Aug 8 at 11:03










  • Good, make it answer then :-)
    – Jaroslav Kucera
    Aug 8 at 13:59







1




1




Can you downgrade the openssl package temporarily? (I know it's not solution, but just workaround to get to data)
– Jaroslav Kucera
Aug 8 at 8:58





Can you downgrade the openssl package temporarily? (I know it's not solution, but just workaround to get to data)
– Jaroslav Kucera
Aug 8 at 8:58













@JaroslavKucera thanks, but found the solution. If my analisys is correct, the git show command above was already applying a filter, so running the openssl command manually was working on already decrypted data, thus failing. The solution is just to update the filter scripts with the -d -md md5 flags.
– dangonfast
Aug 8 at 11:03




@JaroslavKucera thanks, but found the solution. If my analisys is correct, the git show command above was already applying a filter, so running the openssl command manually was working on already decrypted data, thus failing. The solution is just to update the filter scripts with the -d -md md5 flags.
– dangonfast
Aug 8 at 11:03












Good, make it answer then :-)
– Jaroslav Kucera
Aug 8 at 13:59




Good, make it answer then :-)
– Jaroslav Kucera
Aug 8 at 13:59















active

oldest

votes











Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f461222%2fdecrypt-old-openssl-data%23new-answer', 'question_page');

);

Post as a guest



































active

oldest

votes













active

oldest

votes









active

oldest

votes






active

oldest

votes















 

draft saved


draft discarded















































 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f461222%2fdecrypt-old-openssl-data%23new-answer', 'question_page');

);

Post as a guest













































































Popular posts from this blog

How to check contact read email or not when send email to Individual?

Displaying single band from multi-band raster using QGIS

How many registers does an x86_64 CPU actually have?