| version 1.48, 2016/08/10 17:41:08 |
version 1.49, 2016/08/12 06:17:22 |
|
|
| .It Fl text |
.It Fl text |
| Print the EC parameters in human readable form. |
Print the EC parameters in human readable form. |
| .El |
.El |
| .\" |
|
| .\" ENC |
|
| .\" |
|
| .Sh ENC |
.Sh ENC |
| .nr nS 1 |
.nr nS 1 |
| .Nm "openssl enc" |
.Nm "openssl enc" |
| .Bk -words |
|
| .Fl ciphername |
.Fl ciphername |
| .Op Fl AadePp |
.Op Fl AadePp |
| .Op Fl base64 |
.Op Fl base64 |
|
|
| .Op Fl pass Ar arg |
.Op Fl pass Ar arg |
| .Op Fl S Ar salt |
.Op Fl S Ar salt |
| .Op Fl salt |
.Op Fl salt |
| .Ek |
|
| .nr nS 0 |
.nr nS 0 |
| .Pp |
.Pp |
| The symmetric cipher commands allow data to be encrypted or decrypted |
The symmetric cipher commands allow data to be encrypted or decrypted |
|
|
| or explicitly provided. |
or explicitly provided. |
| Base64 encoding or decoding can also be performed either by itself |
Base64 encoding or decoding can also be performed either by itself |
| or in addition to the encryption or decryption. |
or in addition to the encryption or decryption. |
| |
The program can be called either as |
| |
.Nm openssl Ar ciphername |
| |
or |
| |
.Nm openssl enc - Ns Ar ciphername . |
| .Pp |
.Pp |
| |
Some of the ciphers do not have large keys and others have security |
| |
implications if not used correctly. |
| |
All the block ciphers normally use PKCS#5 padding, |
| |
also known as standard block padding. |
| |
If padding is disabled, the input data must be a multiple of the cipher |
| |
block length. |
| |
.Pp |
| The options are as follows: |
The options are as follows: |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
| .It Fl A |
.It Fl A |
|
|
| Base64 process the data. |
Base64 process the data. |
| This means that if encryption is taking place, the data is base64-encoded |
This means that if encryption is taking place, the data is base64-encoded |
| after encryption. |
after encryption. |
| If decryption is set, the input data is base64 decoded before |
If decryption is set, the input data is base64-decoded before |
| being decrypted. |
being decrypted. |
| .It Fl bufsize Ar number |
.It Fl bufsize Ar number |
| Set the buffer size for I/O. |
Set the buffer size for I/O. |
|
|
| .It Fl debug |
.It Fl debug |
| Debug the BIOs used for I/O. |
Debug the BIOs used for I/O. |
| .It Fl e |
.It Fl e |
| Encrypt the input data: this is the default. |
Encrypt the input data. |
| |
This is the default. |
| .It Fl in Ar file |
.It Fl in Ar file |
| The input |
The input file to read from, |
| .Ar file ; |
or standard input if none is specified. |
| standard input by default. |
|
| .It Fl iv Ar IV |
.It Fl iv Ar IV |
| The actual |
The actual |
| .Ar IV |
.Ar IV |
|
|
| .Ar key |
.Ar key |
| is specified using the |
is specified using the |
| .Fl K |
.Fl K |
| option, the |
option, |
| .Ar IV |
the IV must explicitly be defined. |
| must explicitly be defined. |
|
| When a password is being specified using one of the other options, |
When a password is being specified using one of the other options, |
| the |
the IV is generated from this password. |
| .Ar IV |
|
| is generated from this password. |
|
| .It Fl K Ar key |
.It Fl K Ar key |
| The actual |
The actual |
| .Ar key |
.Ar key |
| to use: |
to use: |
| this must be represented as a string comprised only of hex digits. |
this must be represented as a string comprised only of hex digits. |
| If only the key is specified, the |
If only the key is specified, |
| .Ar IV |
the IV must also be specified using the |
| must be additionally specified using the |
|
| .Fl iv |
.Fl iv |
| option. |
option. |
| When both a |
When both a |
|
|
| .Ar key |
.Ar key |
| given with the |
given with the |
| .Fl K |
.Fl K |
| option will be used and the |
option will be used and the IV generated from the password will be taken. |
| .Ar IV |
|
| generated from the password will be taken. |
|
| It probably does not make much sense to specify both |
It probably does not make much sense to specify both |
| .Ar key |
.Ar key |
| and |
and |
|
|
| The |
The |
| .Ar password |
.Ar password |
| to derive the key from. |
to derive the key from. |
| This is for compatibility with previous versions of |
|
| .Nm OpenSSL . |
|
| Superseded by the |
Superseded by the |
| .Fl pass |
.Fl pass |
| option. |
option. |
| .It Fl kfile Ar file |
.It Fl kfile Ar file |
| Read the password to derive the key from the first line of |
Read the password to derive the key from the first line of |
| .Ar file . |
.Ar file . |
| This is for compatibility with previous versions of |
|
| .Nm OpenSSL . |
|
| Superseded by the |
Superseded by the |
| .Fl pass |
.Fl pass |
| option. |
option. |
|
|
| to create a key from a pass phrase. |
to create a key from a pass phrase. |
| .Ar digest |
.Ar digest |
| may be one of |
may be one of |
| .Dq md5 |
.Cm md5 |
| or |
or |
| .Dq sha1 . |
.Cm sha1 . |
| .It Fl none |
.It Fl none |
| Use NULL cipher (no encryption or decryption of input). |
Use NULL cipher (no encryption or decryption of input). |
| .It Fl nopad |
.It Fl nopad |
| Disable standard block padding. |
Disable standard block padding. |
| .It Fl nosalt |
.It Fl nosalt |
| Don't use a |
Don't use a salt in the key derivation routines. |
| .Ar salt |
|
| in the key derivation routines. |
|
| This option should |
This option should |
| .Em NEVER |
.Em NEVER |
| be used unless compatibility with previous versions of |
be used |
| .Nm OpenSSL |
since it makes it possible to perform efficient dictionary |
| or |
attacks on the password and to attack stream cipher encrypted data. |
| .Nm SSLeay |
|
| is required. |
|
| .It Fl out Ar file |
.It Fl out Ar file |
| The output |
The output file to read from, |
| .Ar file , |
or standard output if none is specified. |
| standard output by default. |
|
| .It Fl P |
.It Fl P |
| Print out the |
Print out the salt, key, and IV used, then immediately exit; |
| .Ar salt , |
|
| .Ar key , |
|
| and |
|
| .Ar IV |
|
| used, then immediately exit; |
|
| don't do any encryption or decryption. |
don't do any encryption or decryption. |
| .It Fl p |
.It Fl p |
| Print out the |
Print out the salt, key, and IV used. |
| .Ar salt , |
|
| .Ar key , |
|
| and |
|
| .Ar IV |
|
| used. |
|
| .It Fl pass Ar arg |
.It Fl pass Ar arg |
| The password source. |
The password source. |
| .It Fl S Ar salt |
.It Fl S Ar salt |
|
|
| to use: |
to use: |
| this must be represented as a string comprised only of hex digits. |
this must be represented as a string comprised only of hex digits. |
| .It Fl salt |
.It Fl salt |
| Use a |
Use a salt in the key derivation routines (the default). |
| .Ar salt |
When the salt is being used |
| in the key derivation routines. |
the first eight bytes of the encrypted data are reserved for the salt: |
| This is the default. |
it is randomly generated when encrypting a file and read from the |
| .El |
|
| .Sh ENC NOTES |
|
| The program can be called either as |
|
| .Nm openssl ciphername |
|
| or |
|
| .Nm openssl enc -ciphername . |
|
| .Pp |
|
| A password will be prompted for to derive the |
|
| .Ar key |
|
| and |
|
| .Ar IV |
|
| if necessary. |
|
| .Pp |
|
| The |
|
| .Fl nosalt |
|
| option should |
|
| .Em NEVER |
|
| be used unless compatibility with previous versions of |
|
| .Nm OpenSSL |
|
| or |
|
| .Nm SSLeay |
|
| is required. |
|
| .Pp |
|
| With the |
|
| .Fl nosalt |
|
| option it is possible to perform efficient dictionary |
|
| attacks on the password and to attack stream cipher encrypted data. |
|
| The reason for this is that without the salt |
|
| the same password always generates the same encryption key. |
|
| When the salt |
|
| is being used the first eight bytes of the encrypted data are reserved |
|
| for the salt: |
|
| it is generated at random when encrypting a file and read from the |
|
| encrypted file when it is decrypted. |
encrypted file when it is decrypted. |
| .Pp |
.El |
| Some of the ciphers do not have large keys and others have security |
|
| implications if not used correctly. |
|
| A beginner is advised to just use a strong block cipher in CBC mode |
|
| such as bf or des3. |
|
| .Pp |
|
| All the block ciphers normally use PKCS#5 padding also known as standard block |
|
| padding: |
|
| this allows a rudimentary integrity or password check to be performed. |
|
| However, since the chance of random data passing the test is |
|
| better than 1 in 256, it isn't a very good test. |
|
| .Pp |
|
| If padding is disabled, the input data must be a multiple of the cipher |
|
| block length. |
|
| .Pp |
|
| All RC2 ciphers have the same key and effective key length. |
|
| .Pp |
|
| Blowfish and RC5 algorithms use a 128-bit key. |
|
| .Sh ENC SUPPORTED CIPHERS |
|
| .Bd -unfilled -offset indent |
|
| aes-[128|192|256]-cbc 128/192/256 bit AES in CBC mode |
|
| aes-[128|192|256] Alias for aes-[128|192|256]-cbc |
|
| aes-[128|192|256]-cfb 128/192/256 bit AES in 128 bit CFB mode |
|
| aes-[128|192|256]-cfb1 128/192/256 bit AES in 1 bit CFB mode |
|
| aes-[128|192|256]-cfb8 128/192/256 bit AES in 8 bit CFB mode |
|
| aes-[128|192|256]-ecb 128/192/256 bit AES in ECB mode |
|
| aes-[128|192|256]-ofb 128/192/256 bit AES in OFB mode |
|
| |
|
| base64 Base 64 |
|
| |
|
| bf Alias for bf-cbc |
|
| bf-cbc Blowfish in CBC mode |
|
| bf-cfb Blowfish in CFB mode |
|
| bf-ecb Blowfish in ECB mode |
|
| bf-ofb Blowfish in OFB mode |
|
| |
|
| cast Alias for cast-cbc |
|
| cast-cbc CAST in CBC mode |
|
| cast5-cbc CAST5 in CBC mode |
|
| cast5-cfb CAST5 in CFB mode |
|
| cast5-ecb CAST5 in ECB mode |
|
| cast5-ofb CAST5 in OFB mode |
|
| |
|
| des Alias for des-cbc |
|
| des-cbc DES in CBC mode |
|
| des-cfb DES in CBC mode |
|
| des-ecb DES in ECB mode |
|
| des-ofb DES in OFB mode |
|
| |
|
| des-ede Two key triple DES EDE in ECB mode |
|
| des-ede-cbc Two key triple DES EDE in CBC mode |
|
| des-ede-cfb Two key triple DES EDE in CFB mode |
|
| des-ede-ofb Two key triple DES EDE in OFB mode |
|
| |
|
| des3 Alias for des-ede3-cbc |
|
| des-ede3 Three key triple DES EDE in ECB mode |
|
| des-ede3-cbc Three key triple DES EDE in CBC mode |
|
| des-ede3-cfb Three key triple DES EDE CFB mode |
|
| des-ede3-ofb Three key triple DES EDE in OFB mode |
|
| |
|
| desx DESX algorithm |
|
| |
|
| rc2 Alias for rc2-cbc |
|
| rc2-cbc 128-bit RC2 in CBC mode |
|
| rc2-cfb 128-bit RC2 in CFB mode |
|
| rc2-ecb 128-bit RC2 in ECB mode |
|
| rc2-ofb 128-bit RC2 in OFB mode |
|
| rc2-64-cbc 64-bit RC2 in CBC mode |
|
| rc2-40-cbc 40-bit RC2 in CBC mode |
|
| |
|
| rc4 128-bit RC4 |
|
| rc4-40 40-bit RC4 |
|
| .Ed |
|
| .Sh ENC EXAMPLES |
|
| Just base64 encode a binary file: |
|
| .Pp |
|
| .Dl $ openssl base64 -in file.bin -out file.b64 |
|
| .Pp |
|
| Decode the same file: |
|
| .Pp |
|
| .Dl $ openssl base64 -d -in file.b64 -out file.bin |
|
| .Pp |
|
| Encrypt a file using triple DES in CBC mode using a prompted password: |
|
| .Pp |
|
| .Dl $ openssl des3 -salt -in file.txt -out file.des3 |
|
| .Pp |
|
| Decrypt a file using a supplied password: |
|
| .Pp |
|
| .Dl "$ openssl des3 -d -in file.des3 -out file.txt -k mypassword" |
|
| .Pp |
|
| Encrypt a file then base64 encode it |
|
| (so it can be sent via mail for example) |
|
| using Blowfish in CBC mode: |
|
| .Pp |
|
| .Dl $ openssl bf -a -salt -in file.txt -out file.bf |
|
| .Pp |
|
| Base64 decode a file then decrypt it: |
|
| .Pp |
|
| .Dl "$ openssl bf -d -a -in file.bf -out file.txt" |
|
| .Sh ENC BUGS |
|
| The |
|
| .Fl A |
|
| option when used with large files doesn't work properly. |
|
| .Pp |
|
| There should be an option to allow an iteration count to be included. |
|
| .Pp |
|
| The |
|
| .Nm enc |
|
| program only supports a fixed number of algorithms with certain parameters. |
|
| Therefore it is not possible to use RC2 with a 76-bit key |
|
| or RC4 with an 84-bit key with this program. |
|
| .\" |
.\" |
| .\" ERRSTR |
.\" ERRSTR |
| .\" |
.\" |
![[BACK]](/icons/back.gif){kind=icon}
Return to openssl.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl