The customer needs to decrypt the encrypted files in the board and make the encryption and decryption tool of openssl
The tool removes the encryption, and only needs to decrypt. If you want to encrypt, you only need to do the reverse operation.
Source code:
https://github.com/leolin0518/openssl_dec_enc_tool
Record:
This tool is used for customer testing
1. Mainly, some config and information will be encrypted and backed up on the company's RE board. The customer testing side wants to use a tool to decrypt and view some data.
2. The root-level password of different boards is formed into a string according to the mac address and part of the sn number, and then the string is encrypted, and some X bits of the added key are used as the password, which originally used openssl -aes -256-cbc encryption password, but -aes-256-cbc encryption, the key will change every time, so, the md5 used is calculated.
3. The board is encrypted under the Linux system of the board, and the encrypted and decrypted tools need to be used under Windows.
Ideas:
I wrote it in qt. If I use openssl source code, I feel very troublesome. I just started to write it using source code functions. But the backup files in the board cannot be decrypted. I was in a hurry, and later I thought that because it was just a simple use of encryption, I would directly use Qt as a ui, QProcess would call the openssl process , and get the relevant data in the form of commands.
However, the password for md5 is fine.
The encrypted file is encrypted and decrypted with -aes-256-cbc , and the command can be decrypted on the board. Then I copy the encrypted file to another computer with Linux system. The same command can not be decrypted every time, drunk . Most likely not.
Later, it was found that the encrypted key does not need to use some special characters . The reason may be that the Linux of the board is modified by cutting, and the sdk of mtk. The key in the board and the key entered under Windows may have different encoding formats, and it is ok to remove the special characters. drunk.
Tips:
1. It is best to have the same version of openssl under Linux and openssl under windows.
2. Do not use some special characters
for encrypted keys 3. There is no echo under windows, each encryption is done through the -in -out parameter "`
openssl enc -aes-256-cbc -salt -a -in /tmp/. config.tgz -out /tmp/.config.enc -k xxxxxx
4. Pay attention to the spaces or carriage returns
in the encryption and decryption lines There is also an EOF line in a certain line of the file. So, when decrypting, delete a certain line (md5 line) of the encrypted file first, then decrypt and delete the EOF line. When I first started doing it, I forgot this.
md5 is, in order to maintain consistency with the board, md5 uses OpenSSL> dgst -md5 in.log in openssl
In fact, you can also use the encryption class QCryptographicHash in qt . Has hash, md4, 5 or something.
Qt5 comes with encryption method
How QProcess calls other processes
openssl_md5_all是参数
cmd.exe /c dir /c是执行完dir命令后关闭命令窗口
------------------------------------------------------------------
QProcess p;
QString windwos_cmd="cmd.exe";
p.start(windwos_cmd,QStringList() << "/c" <<openssl_md5_all );
if (p.waitForStarted())
{
p.waitForFinished();
QString p_read = p.readAllStandardOutput();
qDebug() <<p_read;
QStringList p_read_strlist =p_read.split("=");
qDebug() <<"p_read_strlist" << p_read_strlist;
qDebug() << "-------strlist------" << p_read_strlist.last();
ui->plainTextEdit_info->clear();
QString enc_psw = p_read_strlist.last();
qDebug() <<"enc_psw" << enc_psw;
enc_psw = enc_psw.trimmed();//去除字符串首尾的空格
qDebug() <<"enc_psw.trimmed" << enc_psw;
enc_psw = enc_psw.mid(0, 10);
qDebug() <<"enc_psw 前十位" << enc_psw;
ui->plainTextEdit_info->appendPlainText(enc_psw);
qDebug() << "-------ok------";
// ui->plainTextEdit_info->appendPlainText(QString("------------加密完成-------------"));
p.close();
}
else
{
ui->plainTextEdit_info->appendPlainText(QString("------------加密失败-------------"));
qDebug() << "Failed to start";
}
openssl symmetric encryption algorithm enc command detailed explanation
AES encryption and decryption using library functions in openssl - cbc
password_generator
/*************/
openssl enc -aes-256-cbc -salt -a -in /tmp/.config.tgz -out /tmp/.config.enc -k xxxxxx
openssl enc -aes-256-cbc -salt -d -a -in /tmp/RGA_config_v1.02.01_31.10.16_1702.bin -out /tmp/d_config.tgz -k xxxxxx
tar xzf /tmp/d_config.tgz -C /tmp/leo/
enc -aes-256-cbc -salt -d -a -in RGA_config_v1.02.01_31.10.16_1702.bin -out d_config.tgz -k xxxxxxxx
enc -aes-256-cbc -salt -d -a -in in.bin -out d_config.tgz -k xxxxxxx
/*************/
openssl enc -aes-128-cbc -in in.txt -out out.txt -a -k 12345678
openssl enc -aes-128-cbc -d -in RGA_config_v1.02.01_01.11.16_0003.bin -out xx.tar -a -k xxxxxx
openssl enc -aes-128-cbc -d -in out -out de_out -a -k 12345678