OpenSSL string decryption issue

Question

I\'ll try to make this succinct as possible.

I want to be able to encrypt & decrypt simple strings using OpenSSL, which I have done before.

HOWEVER, the

Answer 1

The problem is that encryption uses the entire ASCII character set, including unprintable characters. If you want to be able to cut and paste the encrypted data, you need to convert it to only printable characters. You can do this with the -base64 (or -a) option:

echo 'someTextIWantToEncrypt' | \
  openssl enc -base64 -e -aes-256-cbc -nosalt -pass pass:mySecretPass

KPkBkGJ9bs4YHvh24xz7m9jTlYWm1LcIFcWR0DwY4PU=

Then decrypt it the same way:

echo "KPkBkGJ9bs4YHvh24xz7m9jTlYWm1LcIFcWR0DwY4PU=" | \
  openssl enc -base64 -d -aes-256-cbc -nosalt -pass pass:mySecretPass

WARNING: If you're using openssl, I can only assume the confidentiality of the data, and therefore the password, is important to you. If that's the case, you should never supply a password on the command line, because it can be exposed to anyone with the privilege to run ps.

A better solution is to store the password in an environment variable and have openssl read it from there:

export passwd="mySecretPass"
echo "KPkBkGJ9bs4YHvh24xz7m9jTlYWm1LcIFcWR0DwY4PU=" | \
  openssl enc -base64 -d -aes-256-cbc -nosalt -pass env:passwd