Hello When trying to decode a simple 44 character base64 text, I get errors like error reading input file unless I append a \n at the end of the string. You can reproduce the issue with: echo -n U2FsdGVkX1+eutlR490O+0HBLNL19kT2jiUb4RxLxhQ= | openssl enc -aes-256-cbc -pass pass:bar -d -base64 I expected openssl to ignore all space character since they are not part of the base64 alphabet. I can add spaces and \n anywhere in the encoded string. This is weird the last line is a special case. I know a base64 file should be \n-terminated. But I belive openssl should be handle to handle file or pipes who are not. Thanks.
The command from the original report fails for me with openssl 3.0.7 with
I came up with a slightly different set of commands that reproduce this
behaviour, and which also includes -pbkdf2 that now seems to be required to
avoid a warning.
porridge@fujitsu:~$ echo peekaboo | openssl enc -aes-256-cbc -pbkdf2 -pass
pass:bar -base64
U2FsdGVkX190F0Gf0mikyIDlIh9oDADRLtCA0wSMEHg=
porridge@fujitsu:~$ echo -n U2FsdGVkX190F0Gf0mikyIDlIh9oDADRLtCA0wSMEHg= |
openssl enc -aes-256-cbc -pbkdf2 -pass pass:bar -d -base64
error reading input file
I also learned about the -A flag which seems to make openssl work in this
case:
porridge@fujitsu:~$ echo -n U2FsdGVkX190F0Gf0mikyIDlIh9oDADRLtCA0wSMEHg= |
openssl enc -aes-256-cbc -A -pbkdf2 -pass pass:bar -d -base64
peekaboo
However even in the manpage it is mentioned to be buggy:
The -A option when used with large files doesn't work properly.
I also found an upstream issue about base64 handling which seems to be
closely related to this bug report:
https://github.com/openssl/openssl/issues/18780
Jean-Michel, if you consider this a good enough workaround for your use
case, please consider closing this bug.
Marcin
The command from the original report fails for me with openssl 3.0.7 with
I came up with a slightly different set of commands that reproduce this
behaviour, and which also includes -pbkdf2 that now seems to be required to
avoid a warning.
porridge@fujitsu:~$ echo peekaboo | openssl enc -aes-256-cbc -pbkdf2 -pass
pass:bar -base64
U2FsdGVkX190F0Gf0mikyIDlIh9oDADRLtCA0wSMEHg=
porridge@fujitsu:~$ echo -n U2FsdGVkX190F0Gf0mikyIDlIh9oDADRLtCA0wSMEHg= |
openssl enc -aes-256-cbc -pbkdf2 -pass pass:bar -d -base64
error reading input file
I also learned about the -A flag which seems to make openssl work in this
case:
porridge@fujitsu:~$ echo -n U2FsdGVkX190F0Gf0mikyIDlIh9oDADRLtCA0wSMEHg= |
openssl enc -aes-256-cbc -A -pbkdf2 -pass pass:bar -d -base64
peekaboo
However even in the manpage it is mentioned to be buggy:
The -A option when used with large files doesn't work properly.
I also found an upstream issue about base64 handling which seems to be
closely related to this bug report:
https://github.com/openssl/openssl/issues/18780
Jean-Michel, if you consider this a good enough workaround for your use
case, please consider closing this bug.
Marcin