A step-by-step guide on using OpenSSL to encrypt and decrypt messages with AES algorithm.
Extract
[...] Encrypt and Decrypt Data with OpenSSL Part Encrypting Messages with OpenSSL In this part, we will encrypt a message with the AES algorithm, using the OpenSSL command-line tool. a. Let's start by creating a file named letter_to_grandmother.txt containing the following text : Hello Grandmother, I'm writing to thank you for the chocolate cookies you sent me. I received them this morning and I've already eaten half the box They're really delicious I'm sending you tender thoughts. Take care, Your little grandson who loves cookies. [...]
[...] The file is unreadable and does not display correctly: it is filled with special characters and non-displayable characters. Furthermore, the command prompt window behaves strangely (the text of the new command is offset). This is normal: the command openSSL of encryption such as invoked writes the mathematical result of the encryption directly to the file as raw bytes. There is therefore no reason for these bytes to correspond to ASCII text characters. The command prompt therefore displays unknown characters to indicate that it is not a known letter or symbol. [...]
[...] As indicated in the statement, we use the following command, to which is appended the password that we chose previouslysupersecret) openssl enc -aes-256-cbc -in message.enc -out decrypted_letter.txt supersecret This time the command calls the utility openssl, for an encryption task (enccrypt), more specifically the décryptography for a Base64 encoded file the input file being message.enc, with output file decrypted_letter.txt, everything using the algorithm AES-256-CBC with the password supersecret that we had chosen for encryption. b. We use once again the command cat to read the file decrypted_letter.txt. As we can see, the letter has been fully decrypted, without any error: Hello Grandmother, I'm writing to thank you for the chocolate cookies you sent me. I received them this morning and I've already eaten half the box They're really delicious I'm sending you tender thoughts. Take care, Your little grandson who loves cookies. This means that the encryption-decryption has worked properly, in both directions. [...]
[...] The interest of having coded in Base64 is therefore to obtain an encrypted message that remains readable. For example, we could print it without losing any data. Furthermore, as stated in the statement, the Base64 encoding is designed to be available on most systems used. Part Decrypting messages with OpenSSL In this part, it is a matter of decrypting the letter written that we encrypted in the previous part. It is therefore a matter of recovering the original text from the file only. message.enc and the encryption password supersecret. a. [...]
