I am working on a little script that crypts a file to be sent to one of our suppliers.
The workflow is as follows:
- We created a key, which we asymetric crypt using the public key they have provided
- With crypted key, we make a symetric encryption of the file we need to send
- We then compress both files (key + file)
- Once received, they unzip the file
- They uncrypt the key using their private key
- Then they uncrypt the file by using the key decrypted
Here are the commands used:
ON LINUX
openssl rand -base64 30 > my.keychmod 700 my.keyopenssl enc -aes-256-cbc -in myfile.zip -out myfile.bin -kfile my.keyopenssl rsautl -encrypt -pubin -inkey supplier_key.pem -in my.key -out encrypted.key
ON WINDOWS
openssl\bin\openssl.exe rand -base64 30 > my.keyopenssl\bin\openssl.exe enc -aes-256-cbc -in myfile.zip -out myfile.bin -kfile my.keyopenssl\bin\openssl.exe rsautl -encrypt -pubin -inkey supplier_key.pem -in my.key -out encrypted.key
We have to do this because the file is too big to be asymetric crypted.
To do that, I was at first on a cygwin environment, and it was working perfectly. But now, I have to make it run on a full Windows environment. I have adapted the script, and downloaded the openssl program for windows.
But, when our supplier receives the file, the step 6) is not working :/
They have this error :
> bad decrypt 6566:error:06065064:digital envelope
> routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:325:
I have changed absolutely nothing to the way of work, the script is basically the exact same, so I don't see why the decryption of the file is not working (they can though decrypt the key)
