Decrypt old openssl data
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
I have a git repo encrypted with openssl
. I have moved the repo to a new host. The original host was using:
û openssl version
OpenSSL 1.0.2g 1 Mar 2016
The current host is using:
û openssl version
OpenSSL 1.1.0g 2 Nov 2017
These are my filters for the git
repo:
[filter "openssl"]
smudge = ~/.gitencrypt/SALT-20131126-01/smudge_filter_openssl
clean = ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
[diff "openssl"]
textconv = ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl
The encoding filter:
û cat ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
#!/bin/bash
# 24 or less hex characters
SALT_FIXED=mysalt
PASS_FIXED=mypass
openssl enc -base64 -aes-256-ecb -S $SALT_FIXED -k $PASS_FIXED
The decoding filter:
û cat ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl
#!/bin/bash
# No salt is needed for decryption.
PASS_FIXED=mypass
# Error messages are redirect to /dev/null.
openssl enc -d -base64 -aes-256-ecb -k $PASS_FIXED -in "$1" 2> /dev/null || cat "$1"
I have read that there are changes regarding the default hash used by OpenSSL. I have tried to force the old hash:
û git show HEAD~1:myfile > /tmp/xxx
û openssl enc -d -md md5 -base64 -aes-256-ecb -k mypass -in /tmp/xxx
But still gives me problems:
error reading input file
What else could I try?
git openssl
add a comment |Â
up vote
0
down vote
favorite
I have a git repo encrypted with openssl
. I have moved the repo to a new host. The original host was using:
û openssl version
OpenSSL 1.0.2g 1 Mar 2016
The current host is using:
û openssl version
OpenSSL 1.1.0g 2 Nov 2017
These are my filters for the git
repo:
[filter "openssl"]
smudge = ~/.gitencrypt/SALT-20131126-01/smudge_filter_openssl
clean = ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
[diff "openssl"]
textconv = ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl
The encoding filter:
û cat ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
#!/bin/bash
# 24 or less hex characters
SALT_FIXED=mysalt
PASS_FIXED=mypass
openssl enc -base64 -aes-256-ecb -S $SALT_FIXED -k $PASS_FIXED
The decoding filter:
û cat ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl
#!/bin/bash
# No salt is needed for decryption.
PASS_FIXED=mypass
# Error messages are redirect to /dev/null.
openssl enc -d -base64 -aes-256-ecb -k $PASS_FIXED -in "$1" 2> /dev/null || cat "$1"
I have read that there are changes regarding the default hash used by OpenSSL. I have tried to force the old hash:
û git show HEAD~1:myfile > /tmp/xxx
û openssl enc -d -md md5 -base64 -aes-256-ecb -k mypass -in /tmp/xxx
But still gives me problems:
error reading input file
What else could I try?
git openssl
1
Can you downgrade the openssl package temporarily? (I know it's not solution, but just workaround to get to data)
â Jaroslav Kucera
Aug 8 at 8:58
@JaroslavKucera thanks, but found the solution. If my analisys is correct, thegit show
command above was already applying a filter, so running theopenssl
command manually was working on already decrypted data, thus failing. The solution is just to update the filter scripts with the-d -md md5
flags.
â dangonfast
Aug 8 at 11:03
Good, make it answer then :-)
â Jaroslav Kucera
Aug 8 at 13:59
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I have a git repo encrypted with openssl
. I have moved the repo to a new host. The original host was using:
û openssl version
OpenSSL 1.0.2g 1 Mar 2016
The current host is using:
û openssl version
OpenSSL 1.1.0g 2 Nov 2017
These are my filters for the git
repo:
[filter "openssl"]
smudge = ~/.gitencrypt/SALT-20131126-01/smudge_filter_openssl
clean = ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
[diff "openssl"]
textconv = ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl
The encoding filter:
û cat ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
#!/bin/bash
# 24 or less hex characters
SALT_FIXED=mysalt
PASS_FIXED=mypass
openssl enc -base64 -aes-256-ecb -S $SALT_FIXED -k $PASS_FIXED
The decoding filter:
û cat ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl
#!/bin/bash
# No salt is needed for decryption.
PASS_FIXED=mypass
# Error messages are redirect to /dev/null.
openssl enc -d -base64 -aes-256-ecb -k $PASS_FIXED -in "$1" 2> /dev/null || cat "$1"
I have read that there are changes regarding the default hash used by OpenSSL. I have tried to force the old hash:
û git show HEAD~1:myfile > /tmp/xxx
û openssl enc -d -md md5 -base64 -aes-256-ecb -k mypass -in /tmp/xxx
But still gives me problems:
error reading input file
What else could I try?
git openssl
I have a git repo encrypted with openssl
. I have moved the repo to a new host. The original host was using:
û openssl version
OpenSSL 1.0.2g 1 Mar 2016
The current host is using:
û openssl version
OpenSSL 1.1.0g 2 Nov 2017
These are my filters for the git
repo:
[filter "openssl"]
smudge = ~/.gitencrypt/SALT-20131126-01/smudge_filter_openssl
clean = ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
[diff "openssl"]
textconv = ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl
The encoding filter:
û cat ~/.gitencrypt/SALT-20131126-01/clean_filter_openssl
#!/bin/bash
# 24 or less hex characters
SALT_FIXED=mysalt
PASS_FIXED=mypass
openssl enc -base64 -aes-256-ecb -S $SALT_FIXED -k $PASS_FIXED
The decoding filter:
û cat ~/.gitencrypt/SALT-20131126-01/diff_filter_openssl
#!/bin/bash
# No salt is needed for decryption.
PASS_FIXED=mypass
# Error messages are redirect to /dev/null.
openssl enc -d -base64 -aes-256-ecb -k $PASS_FIXED -in "$1" 2> /dev/null || cat "$1"
I have read that there are changes regarding the default hash used by OpenSSL. I have tried to force the old hash:
û git show HEAD~1:myfile > /tmp/xxx
û openssl enc -d -md md5 -base64 -aes-256-ecb -k mypass -in /tmp/xxx
But still gives me problems:
error reading input file
What else could I try?
git openssl
git openssl
edited Aug 8 at 8:57
Jaroslav Kucera
4,3904621
4,3904621
asked Aug 8 at 8:21
dangonfast
2632413
2632413
1
Can you downgrade the openssl package temporarily? (I know it's not solution, but just workaround to get to data)
â Jaroslav Kucera
Aug 8 at 8:58
@JaroslavKucera thanks, but found the solution. If my analisys is correct, thegit show
command above was already applying a filter, so running theopenssl
command manually was working on already decrypted data, thus failing. The solution is just to update the filter scripts with the-d -md md5
flags.
â dangonfast
Aug 8 at 11:03
Good, make it answer then :-)
â Jaroslav Kucera
Aug 8 at 13:59
add a comment |Â
1
Can you downgrade the openssl package temporarily? (I know it's not solution, but just workaround to get to data)
â Jaroslav Kucera
Aug 8 at 8:58
@JaroslavKucera thanks, but found the solution. If my analisys is correct, thegit show
command above was already applying a filter, so running theopenssl
command manually was working on already decrypted data, thus failing. The solution is just to update the filter scripts with the-d -md md5
flags.
â dangonfast
Aug 8 at 11:03
Good, make it answer then :-)
â Jaroslav Kucera
Aug 8 at 13:59
1
1
Can you downgrade the openssl package temporarily? (I know it's not solution, but just workaround to get to data)
â Jaroslav Kucera
Aug 8 at 8:58
Can you downgrade the openssl package temporarily? (I know it's not solution, but just workaround to get to data)
â Jaroslav Kucera
Aug 8 at 8:58
@JaroslavKucera thanks, but found the solution. If my analisys is correct, the
git show
command above was already applying a filter, so running the openssl
command manually was working on already decrypted data, thus failing. The solution is just to update the filter scripts with the -d -md md5
flags.â dangonfast
Aug 8 at 11:03
@JaroslavKucera thanks, but found the solution. If my analisys is correct, the
git show
command above was already applying a filter, so running the openssl
command manually was working on already decrypted data, thus failing. The solution is just to update the filter scripts with the -d -md md5
flags.â dangonfast
Aug 8 at 11:03
Good, make it answer then :-)
â Jaroslav Kucera
Aug 8 at 13:59
Good, make it answer then :-)
â Jaroslav Kucera
Aug 8 at 13:59
add a comment |Â
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f461222%2fdecrypt-old-openssl-data%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
1
Can you downgrade the openssl package temporarily? (I know it's not solution, but just workaround to get to data)
â Jaroslav Kucera
Aug 8 at 8:58
@JaroslavKucera thanks, but found the solution. If my analisys is correct, the
git show
command above was already applying a filter, so running theopenssl
command manually was working on already decrypted data, thus failing. The solution is just to update the filter scripts with the-d -md md5
flags.â dangonfast
Aug 8 at 11:03
Good, make it answer then :-)
â Jaroslav Kucera
Aug 8 at 13:59