openssl command line to cipher RC4, not expected result, don't understand

I am ttt picture I am ttt · Dec 2, 2011 · Viewed 7.6k times · Source

this is probably a stupid question, but I cannot figure it out. Currently, I am using this website: http://www.fyneworks.com/encryption/rc4-encryption/ to cipher rc4 for a proof of concept. For instance, I am entering 'a' as a cleartext, 'a' as a password and I get '71' as a ciphertext (this is the ascii representation of the 'q'). I wanted to do the same from the command line, using openssl:

> echo a | openssl rc4 -nosalt  -out /tmp/uuu 
enter rc4 encryption password:
Verifying - enter rc4 encryption password:

> cat /tmp/uuu | xxd
0000000: 5896                                     X.

So we are getting '5896' instead of '71' and this is what I don't understand. If someone could explain to me, I'd be grateful.

Thank you !

Answer

I am ttt picture I am ttt · Dec 2, 2011

Thanks to a friend, we figured out what was wrong. He told me to print the key

echo -ne "a" |  openssl  rc4 -pass pass:a -e  -nopad    -nosalt -p
key=0CC175B9C0F1B6A831C399E269772661

We see that there is some padding added, with the 0x61 we entered at the end. It turns out openssl generates a key from the pass.

Instead, if we enter directly the key with the -K option:

echo -ne "a" |  openssl  rc4 -K 61 -e  -nopad    -nosalt -p
key=61000000000000000000000000000000

We see that there is a padding with '0's. ACtually, it doesn't want us to use a too small key (since for rc4 the key must be at least 40bits long). Now, let's try with a 128b key:

echo -ne "foobar" |  openssl  rc4 -K "6162636465666768696A6B6C6D6E6F70" -e  -nopad    -nosalt  | xxd
0000000: caaf 2cbf d334                           ..,..4

The result is the same as the one on the webpage :)