Python – How do I (successfully) decode encoded ciphers from command line openSSL?

How do I (successfully) decode encoded ciphers from command line openSSL?… here is a solution to the problem.

How do I (successfully) decode encoded ciphers from command line openSSL?

Use PyCrypto (although I also tried using OpenSSL binding (bind) in ObjC):

from Crypto.Cipher import DES
import base64'abcdefgh', DES. MODE_ECB)
plain="Guido van Rossum is a space alien. XXXXXX"
#print ciph
print enc

Output base64-encoded value:


If you are in the interpreter, CIPH will give it to you


Very simple. I should be able to pipe this output to OpenSSL and decode it:

I tested to make sure the b64 decoding works –

python | openssl enc -base64 -d
+ python
+ openssl enc -base64 -d
,? Nq? DY? T?pA??? s??,?jب??? I?5w61?dgb/

Not pretty, but you can see that it decodes fine, “dgb” and “nq” are still there.

But go all out:

python | openssl enc -base64 -d | openssl enc -nosalt -des-ecb -d -pass pass:abcdefgh
+ python
+ openssl enc -nosalt -des-ecb -d -pass pass:abcdefgh
+ openssl enc -base64 -d
bad decrypt
15621:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:461:
j?7???? vc]??? LE?m³?? q?

What am I doing wrong? I’ve tried using -k abcdefgh -iv 00000000000000000 or interactively entering passwords – same issue.


echo ESzjTnGMRFnfVOJwQfqtyXOI8yzAatioyufiSdE1dx02McNkZ2IvBg== | openssl enc -nopad -a -des-ecb -K 6162636465666768 -iv 0 -p -d

6162636465666768 is ASCII “abcdefgh” written in hexadecimal.

Note, however, that DES

in ECB mode may not be a good way to encode passwords, nor is it the “DES crypt” you may have heard of used on Unix systems.
(For passwords, it’s usually best to use an algorithm that is difficult to reverse (checking the password by regenerating the result instead of decrypting the stored password). Even if you do need to be able to decrypt these encrypted passwords, single DES and the ECB in particular are poor choices in terms of confidentiality. )

Related Problems and Solutions