Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Is it possible to decrypt a file encrypted with the AES encryption module, at the command line? e.g. Using openssl?
Background:
- I'm using AES Encryption together with Backup Migrate.
- When I restore an encrypted backup on the site that it was created, everything works.
- When I try to restore the same backup on a recent copy of the original site (with the same key file), it fails with a message indicating a corrupt SQL file.
- Backup migrate encypts the file like so:
$data = aes_encrypt($data, FALSE)
and similarly decrypts:$data = aes_decrypt($data, FALSE)
I would like to decrypt the file at the command line just to prove that to myself that the file is recoverable without me having to do any programming. Would I need anything other than the key file?
Comments
Comment #1
dpovshed CreditAttribution: dpovshed commentedI'd suggest you to briefly take a look at this topic: #677756: Coordinate with perl module . There are some info about passing key through some hashfunction before using.
Referenced topic is dated a few years ago, so it might be not really actual, but we still have decoding in the
aes_decrypt
function, at the end of the day it narrows to fragmentsor
depending of used library.
So just writing a few tests might help you.
In brief, if I had a needs like you have I would try the following:
1) Try to use perl scripts from referenced topics;
2) Try to use openssl following any avaliavle recommendation like this one;
3) maybe implemented a drush command which allows me to decrypt/encrypt from commandline.
Not sure was it helpful or not, anyway, when you solve this - please post your solution here to help others, thanks!
Comment #2
crantok CreditAttribution: crantok commentedThanks for pointing me at that PERL topic dpovshed. Now I understand the steps involved. I may pursue that but my focus has changed.
I noticed from the code you included that mcrypt requires $iv in its initialisation (which phpsec does not seem to do.) I had a poke around and ended up using the Devel module variable editor to copy the initialisation vector (my knowledge about encryption has increased drastically in 24 hours :) ! ) from the live site to my local dev site. It worked! Backup migrate module can now import AES encrypted backups.
Thank you :)
Comment #3
dpovshed CreditAttribution: dpovshed commentedI am happy to hear that, @crantok! :)
Discovering the tpic with PERL was not so hard, never underestimate power of search - simple lookup across this module issues gives me the only result - see https://drupal.org/project/issues/aes?text=command+line+decrypt&status=All
I am not so deep in encryption, but I have feeling your message contains enough info for those who may have need to repeat your achievement. Thanks for sharing!
Comment #5
ranelpadon CreditAttribution: ranelpadon as a volunteer commentedFor those wanting to decrypt the AES-encrypted backup files via terminal and not using the Drupal Admin UI (which is not possible when site is down), we ended up creating a stand-alone, custom PHP script that could be run in terminal. Our custom script successfully decrypted the files. See details here: http://dropbucket.org/node/9160.