OpenSSL Equivalent
rmasci opened this issue · comments
HI -- I've been trying to use your openssl and in Go I can encrypt and decrypt just fine. It's when I have to get openssl to decrypt I am having an issue.
So I encrypt like this:
func EncryptStr(plaintext, passphrase string) (encStr string, err error) {
o := openssl.New()
// Clean any line endings from secret
secret=strings.TrimSpace(plaintext)
enc, err := o.EncryptBytes(passphrase, []byte(plaintext), openssl.PBKDF2SHA512)
encStr = string(enc)
return encStr, err
}
So then I try to use openssl like this:
openssl aes-256-cbc -d -base64 -pass "pass:passphrase" -md sha512 -pbkdf2 -in
What I am guessing at is the proper openssl commmand to decrypt.
Thanks,
I figured it out, it was openssl. To get this to work I have to pass it through base64 -d instead of using the base64 built in to openssl. So if you have a program written in go that uses the EncryptStr function above, and that program prints out the encrypted string, the openssl string to decrypt looks like this:
mygoprogram | base64 -d | openssl aes-256-cbc -d -pass "pass:passphrase" -md sha512 -pbkdf2 -in
The issue here is OpenSSL does expect a newline at the end of the string, nothing else does… So you can send it directly to OpenSSL by appending a newline to the result:
https://github.com/Luzifer/go-openssl/blob/master/openssl_test.go#L284-L289