Encrypted openssl aes-256 macOS Monterey cannot be decrypted with Ventura aes-256

jkeller13
New Contributor III

If you are using a decrypt string like the one below, you will encounter an error on macOS Ventura when attempting to decrypt. See below:

#!bin/bash

## Decrypt string using salt and phrase.
function DecryptString() {
echo "${1}" | openssl enc -aes256 -d -a -A -S "${2}" -k "${3}"
}

bad decrypt

4370875948:error:06FFF064:digital envelope routines:CRYPTO_internal:bad decrypt:/AppleInternal/Library/BuildRoots/a0876c02-1788-11ed-b9c4-96898e02b808/Library/Caches/com.apple.xbs/Sources/libressl/libressl-2.8/crypto/evp/evp_enc.c:521:

 

SOLUTION:

You will need to add "-md md5" to your enc string. This will work across macOS versions 13 back through at least 10.12.

#!bin/bash

## Decrypt string using salt and phrase.
function DecryptString() {
echo "${1}" | openssl enc -md md5 -aes256 -d -a -A -S "${2}" -k "${3}"
}

 

5 REPLIES 5

AJPinto
Honored Contributor II

 

I have just been redoing the encrypt and updating the decrypt, I'm just lazy and did not feel like researching. Very good information. 

 

For those who pass passwords in plaintext in scripts. Save this and start encrypting your passwords.

catalana
New Contributor

Thank you for this info.  This was my resolution to my issue/problem.

rcoleman
New Contributor III

Just bumped into this issue. Many thanks for solution.

bradtchapman
Valued Contributor II

This post is still the gift that keeps on giving.

debrat
New Contributor III

Thank you very much! Helped us avoid extra steps on thousands of computers while keeping the information encrypted :) 👍