decrypt.rb
Aki Tuomi
aki.tuomi at open-xchange.com
Thu Apr 11 19:50:17 EEST 2019
> On 11 April 2019 17:44 David Salisbury via dovecot <dovecot at dovecot.org> wrote:
>
>
> On 4/11/2019 1:50 AM, Aki Tuomi wrote:
> >
> >> ...
> >> So, not being an expert at encryption, what are the ramifications of
> >> those digests being read as different values in the two different
> >> places?? I do notice that the get_pubid_priv() function is internal to
> >> the decrypt.rb script and calls several OpenSSL functions.
> >>
> >> -Dave
> > Hmm... can you show me how you made the keypair for encryption? Maybe there is some difference?
> >
> > Aki
> >
>
> Aki, I just used the "EC key" instructions from the Dovecot MailCrypt wiki:
> https://wiki.dovecot.org/Plugins/MailCrypt
>
> "
> In order to generate an EC key, you must first choose a curve from the
> output of this command:
> > openssl ecparam -list_curves
>
> If you choose the curve prime256v1, generate and EC key with the command:
> > openssl ecparam -name prime256v1 -genkey | openssl pkey -out
> ecprivkey.pem
>
> Then generate a public key out of your private EC key
> > openssl pkey -in ecprivkey.pem -pubout -out ecpubkey.pem
> "
>
> -Dave
I'm going on a limb and guess that there is something strange happening with ruby and openssl versions here.
The main point of the script is to show how the data can be decrypted, and can be used for small-scale data recovery as well.
Aki
More information about the dovecot
mailing list