| =pod |
| |
| =head1 NAME |
| |
| enc - symmetric cipher routines |
| |
| =head1 SYNOPSIS |
| |
| B<openssl enc -ciphername> |
| [B<-in filename>] |
| [B<-out filename>] |
| [B<-pass arg>] |
| [B<-e>] |
| [B<-d>] |
| [B<-a>] |
| [B<-A>] |
| [B<-k password>] |
| [B<-kfile filename>] |
| [B<-K key>] |
| [B<-iv IV>] |
| [B<-p>] |
| [B<-P>] |
| [B<-bufsize number>] |
| [B<-nopad>] |
| [B<-debug>] |
| |
| =head1 DESCRIPTION |
| |
| The symmetric cipher commands allow data to be encrypted or decrypted |
| using various block and stream ciphers using keys based on passwords |
| or explicitly provided. Base64 encoding or decoding can also be performed |
| either by itself or in addition to the encryption or decryption. |
| |
| =head1 OPTIONS |
| |
| =over 4 |
| |
| =item B<-in filename> |
| |
| the input filename, standard input by default. |
| |
| =item B<-out filename> |
| |
| the output filename, standard output by default. |
| |
| =item B<-pass arg> |
| |
| the password source. For more information about the format of B<arg> |
| see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. |
| |
| =item B<-salt> |
| |
| use a salt in the key derivation routines. This option should B<ALWAYS> |
| be used unless compatibility with previous versions of OpenSSL or SSLeay |
| is required. This option is only present on OpenSSL versions 0.9.5 or |
| above. |
| |
| =item B<-nosalt> |
| |
| don't use a salt in the key derivation routines. This is the default for |
| compatibility with previous versions of OpenSSL and SSLeay. |
| |
| =item B<-e> |
| |
| encrypt the input data: this is the default. |
| |
| =item B<-d> |
| |
| decrypt the input data. |
| |
| =item B<-a> |
| |
| base64 process the data. This means that if encryption is taking place |
| the data is base64 encoded after encryption. If decryption is set then |
| the input data is base64 decoded before being decrypted. |
| |
| =item B<-A> |
| |
| if the B<-a> option is set then base64 process the data on one line. |
| |
| =item B<-k password> |
| |
| the password to derive the key from. This is for compatibility with previous |
| versions of OpenSSL. Superseded by the B<-pass> argument. |
| |
| =item B<-kfile filename> |
| |
| read the password to derive the key from the first line of B<filename>. |
| This is for computability with previous versions of OpenSSL. Superseded by |
| the B<-pass> argument. |
| |
| =item B<-S salt> |
| |
| the actual salt to use: this must be represented as a string comprised only |
| of hex digits. |
| |
| =item B<-K key> |
| |
| the actual key to use: this must be represented as a string comprised only |
| of hex digits. If only the key is specified, the IV must additionally specified |
| using the B<-iv> option. When both a key and a password are specified, the |
| key given with the B<-K> option will be used and the IV generated from the |
| password will be taken. It probably does not make much sense to specify |
| both key and password. |
| |
| =item B<-iv IV> |
| |
| the actual IV to use: this must be represented as a string comprised only |
| of hex digits. When only the key is specified using the B<-K> option, the |
| IV must explicitly be defined. When a password is being specified using |
| one of the other options, the IV is generated from this password. |
| |
| =item B<-p> |
| |
| print out the key and IV used. |
| |
| =item B<-P> |
| |
| print out the key and IV used then immediately exit: don't do any encryption |
| or decryption. |
| |
| =item B<-bufsize number> |
| |
| set the buffer size for I/O |
| |
| =item B<-nopad> |
| |
| disable standard block padding |
| |
| =item B<-debug> |
| |
| debug the BIOs used for I/O. |
| |
| =back |
| |
| =head1 NOTES |
| |
| The program can be called either as B<openssl ciphername> or |
| B<openssl enc -ciphername>. |
| |
| A password will be prompted for to derive the key and IV if necessary. |
| |
| The B<-salt> option should B<ALWAYS> be used if the key is being derived |
| from a password unless you want compatibility with previous versions of |
| OpenSSL and SSLeay. |
| |
| Without the B<-salt> option it is possible to perform efficient dictionary |
| attacks on the password and to attack stream cipher encrypted data. The reason |
| for this is that without the salt the same password always generates the same |
| encryption key. When the salt is being used the first eight bytes of the |
| encrypted data are reserved for the salt: it is generated at random when |
| encrypting a file and read from the encrypted file when it is decrypted. |
| |
| Some of the ciphers do not have large keys and others have security |
| implications if not used correctly. A beginner is advised to just use |
| a strong block cipher in CBC mode such as bf or des3. |
| |
| All the block ciphers normally use PKCS#5 padding also known as standard block |
| padding: this allows a rudimentary integrity or password check to be |
| performed. However since the chance of random data passing the test is |
| better than 1 in 256 it isn't a very good test. |
| |
| If padding is disabled then the input data must be a multiple of the cipher |
| block length. |
| |
| All RC2 ciphers have the same key and effective key length. |
| |
| Blowfish and RC5 algorithms use a 128 bit key. |
| |
| =head1 SUPPORTED CIPHERS |
| |
| base64 Base 64 |
| |
| bf-cbc Blowfish in CBC mode |
| bf Alias for bf-cbc |
| bf-cfb Blowfish in CFB mode |
| bf-ecb Blowfish in ECB mode |
| bf-ofb Blowfish in OFB mode |
| |
| cast-cbc CAST in CBC mode |
| cast Alias for cast-cbc |
| cast5-cbc CAST5 in CBC mode |
| cast5-cfb CAST5 in CFB mode |
| cast5-ecb CAST5 in ECB mode |
| cast5-ofb CAST5 in OFB mode |
| |
| des-cbc DES in CBC mode |
| des Alias for des-cbc |
| des-cfb DES in CBC mode |
| des-ofb DES in OFB mode |
| des-ecb DES in ECB mode |
| |
| des-ede-cbc Two key triple DES EDE in CBC mode |
| des-ede Alias for des-ede |
| des-ede-cfb Two key triple DES EDE in CFB mode |
| des-ede-ofb Two key triple DES EDE in OFB mode |
| |
| des-ede3-cbc Three key triple DES EDE in CBC mode |
| des-ede3 Alias for des-ede3-cbc |
| des3 Alias for des-ede3-cbc |
| des-ede3-cfb Three key triple DES EDE CFB mode |
| des-ede3-ofb Three key triple DES EDE in OFB mode |
| |
| desx DESX algorithm. |
| |
| idea-cbc IDEA algorithm in CBC mode |
| idea same as idea-cbc |
| idea-cfb IDEA in CFB mode |
| idea-ecb IDEA in ECB mode |
| idea-ofb IDEA in OFB mode |
| |
| rc2-cbc 128 bit RC2 in CBC mode |
| rc2 Alias for rc2-cbc |
| rc2-cfb 128 bit RC2 in CBC mode |
| rc2-ecb 128 bit RC2 in CBC mode |
| rc2-ofb 128 bit RC2 in CBC mode |
| rc2-64-cbc 64 bit RC2 in CBC mode |
| rc2-40-cbc 40 bit RC2 in CBC mode |
| |
| rc4 128 bit RC4 |
| rc4-64 64 bit RC4 |
| rc4-40 40 bit RC4 |
| |
| rc5-cbc RC5 cipher in CBC mode |
| rc5 Alias for rc5-cbc |
| rc5-cfb RC5 cipher in CBC mode |
| rc5-ecb RC5 cipher in CBC mode |
| rc5-ofb RC5 cipher in CBC mode |
| |
| =head1 EXAMPLES |
| |
| Just base64 encode a binary file: |
| |
| openssl base64 -in file.bin -out file.b64 |
| |
| Decode the same file |
| |
| openssl base64 -d -in file.b64 -out file.bin |
| |
| Encrypt a file using triple DES in CBC mode using a prompted password: |
| |
| openssl des3 -salt -in file.txt -out file.des3 |
| |
| Decrypt a file using a supplied password: |
| |
| openssl des3 -d -salt -in file.des3 -out file.txt -k mypassword |
| |
| Encrypt a file then base64 encode it (so it can be sent via mail for example) |
| using Blowfish in CBC mode: |
| |
| openssl bf -a -salt -in file.txt -out file.bf |
| |
| Base64 decode a file then decrypt it: |
| |
| openssl bf -d -salt -a -in file.bf -out file.txt |
| |
| Decrypt some data using a supplied 40 bit RC4 key: |
| |
| openssl rc4-40 -in file.rc4 -out file.txt -K 0102030405 |
| |
| =head1 BUGS |
| |
| The B<-A> option when used with large files doesn't work properly. |
| |
| There should be an option to allow an iteration count to be included. |
| |
| The B<enc> program only supports a fixed number of algorithms with |
| certain parameters. So if, for example, you want to use RC2 with a |
| 76 bit key or RC4 with an 84 bit key you can't use this program. |
| |
| =cut |
