Well let's just read the man pages, shall we? > -kfile filename > Read the password to derive the key from the first line of filename. Then > -md digest > Use the specified digest to create the key from the passphrase. > The default algorithm is sha-256. And > -iv IV > ... > When a password is being specified using one of the other options, the IV is generated from this password. The man page doesn't specify the key derivation algorithm, but a quick glance at apps/enc.c shows that it uses EVP_BytesToKey, which is documented here: https://www.openssl.org/docs/man1.1.0/man3/EVP_BytesToKey.html -Marian Am 25.03.19 um 01:20 schrieb Tim Webber: > I just posted a message which i have copied below to a python forum. It > might be better asked here. The coles notes version of my question is this: > > I have received an encrypted data file (mydata.encrypted) and a key > (plain text for now) and the following command to decrypt it: > > openssl enc -d -aes-256-cbc -a -in mydata.encrypted -out > mydata.decrypted -kfile my_symmetric_key > > Question is this. How is the initialization vector calculated? This > command works fine. My issues is that i dont know how the > initialization vetor is calculated. I suspect if its left out there is > some default way of doing it. Can you tell me how its done? Thanks! > > ************************* ORIGINAL QUESTION to python community > ****************** > > I have received an encrypted data file (mydata.encrypted) and a key > (plain text for now) and the following command to decrypt it: > > openssl enc -d -aes-256-cbc -a -in mydata.encrypted -out > mydata.decrypted -kfile my_symmetric_key > > The people who encrypted these data did so with openssl but I dont know > what the encrypt command looks like. I do know that the above command > does decrypt the data successfully though. > > I want to use Python to decrypt this file. I am thinking of using > cryptodome but am open to suggestions. Here's what i know from the above > openssl decrypt command. > > - its uses AES cbc 256 mode for the decryption ( -d ) > - it uses base64 to encode the data "AFTER" (-a) the cryptographic operation > - it does not specify the initialization vector (IV). > > I am struggling with how to code for this using python. What I suspect > is my problem is that i dont know how to properly calculate the IV. > Looking at the openssl documentation they say to see "key derivation" to > find out how they handle IV when its not specified. I cant track down > this key derivation information. Any help will be appreciated! > *******************************