Solved

Encrypt/Decrypt using OpenSSL on Linux

Posted on 2013-01-23
14
1,565 Views
Last Modified: 2013-03-06
I am trying to setup scripts to encrypt a backup in a tarball to a tape drive and then read the tape and/or restore the data and I am getting errors.

I am running under Ubuntu Server 6.06 and using OpenSSL version 0.9.8a.  I am logged in as root user.

I created a script with the following command to backup data to tape:
tar cvf - -T $FILELIST | openssl enc -aes-256-cbc -salt -pass pass:A1b2C3d4E5f6 | dd of=/dev/st0 obs=512 conv=sync

note $FILELIST is location of file containg what is to be backed up


I created a script with the following command to read the contents of the backup tape:
dd if=/dev/st0 | openssl enc -d -aes-256-cbc -pass pass:A1b2C3d4E5f6 | tar tvf -

I created a script with the following command to restore the contents of the backup tape:
dd if=/dev/st0 | openssl enc -d -aes-256-cbc -pass pass:123456 | tar xvf -

The backup runs without any errors.

If I run the tape read or tape restore scripts, the process runs and either displays all the files that were backup or restores all the files correctly, but gives me the following error:

bad decrypt 9670:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:454:

Everything seems to have worked correctly but I receive the error each time.  I have tried this just using the encryption directly to a file without the tape drive and there is not error on read or restore.  It seems to be a tape issue.  Is it possible that it is trying to decrypt a block at the end of the tapes that are not really part of the tar?

Any help is appreciated.
0
Comment
Question by:phetherington
  • 4
  • 4
  • 3
  • +1
14 Comments
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 38813723
Yes it seems likely. Tapes are a pain - I used them for years but backup to USB HDD now - cheaper per gigabyte and soooooo much more convenient (except when it spins down).
If sticking with tapes, you might like to try tar's --use-compress-program option to run openssl enc. You would need to do it through a script which accepts -d to decrypt, because that is what tar gives to compressors to decompress. Then there is no need to write fixed-length tape blocks with dd.
0
 
LVL 36

Expert Comment

by:ArneLovius
ID: 38815401
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 38816613
did your try with ibs=512 option for dd?
0
 
LVL 1

Author Comment

by:phetherington
ID: 38818334
Duncan_Roe: I need to use tapes as the backup needs to be taken off site for storage and I need a 14 day rotation of backups.  Using the --use-compress-program would require another program to be installed and this can not be done (See answer to ArneLovius)

ArneLovius: This server is provided by a service company and we are not allowed to install any programs other than what is already loaded on the server.  This means after checking what was loaded, I was pretty much limited to tar | openSSL | dd.  If this wasn't the case, I would have definitely looked at other software specifically designed for tape backups.

ahoffmann:  tried using the ibs=512 on the dd command but instead of receiving the error at the end of the process, it would give the error "7723:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:461:" after each block read in and then finally give the error "gzip: stdin: decompression OK, trailing garbage ignored, tar: Child returned status 2, tar: Error exit delayed from previous errors" at the end.

Thanks for the suggestions.  Starting to think that there may be no way to get rid of the final error and will just need to ignore it...
0
 
LVL 36

Expert Comment

by:ArneLovius
ID: 38819088
Try adding  the "-nopad" option to your backup command.

http://www.openssl.org/docs/apps/enc.html
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 38820122
quote from openssl's enc man-page:
    If padding is disabled then the input data must be a multiple of the cipher block length.

hence I assume that using -nopad will only change the error message

I had also padding in mind when I suggested the ibs= option

looking at the quote (see above) I think that the stream length must be a multiple of the cipher block length, this means that the a proper padding must be computed before encrypting and added to the stream

@phetherington, can you compute the length of the data first?
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 36

Expert Comment

by:ArneLovius
ID: 38820581
0
 
LVL 1

Accepted Solution

by:
phetherington earned 500 total points
ID: 38836755
ArneLovius and ahoffmann, I did try the -nopad and as stated, it actually caused more errors after each block read in.  The link provided by ArneLovius talked about adding the -nopad working, but it did not work for me on two different machines.  Switching to rc4 streaming cypher seemed to work for them but we needed the security of aes.  I am starting to think it is not so much a problem as everything lists/decrypts correctly, you are just left with the error at the end due to it trying to decrypt the tail block of the tape.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 38837120
> ... but we needed the security of aes
why is aes better than rc4, in your opinion?
0
 
LVL 1

Author Comment

by:phetherington
ID: 38942318
I am not going to get in to a this is better then that debate as that is not the issue I brought to the table.  The Client stated that that was the encryption method that they wanted and that's what I needed to deliver.

At this point I think the question has no real answer and since the restore actually does complete correctly even though the error appears at the end, I am going to consider this a closed issue.
0
 
LVL 1

Author Comment

by:phetherington
ID: 38942359
I've requested that this question be closed as follows:

Accepted answer: 0 points for phetherington's comment #a38942318

for the following reason:

As stated, there does not seem to be a real answer to this issue using a tape and the actual backup and restore are correctly running even though it kicks out the error at the end of the process.
0
 
LVL 36

Expert Comment

by:ArneLovius
ID: 38942360
I would suggest that 38836755 should be marked as the answer
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now