enc.pod revision 59191
159191Skris=pod 259191Skris 359191Skris=head1 NAME 459191Skris 559191Skrisenc - symmetric cipher routines 659191Skris 759191Skris=head1 SYNOPSIS 859191Skris 959191SkrisB<openssl enc -ciphername> 1059191Skris[B<-in filename>] 1159191Skris[B<-out filename>] 1259191Skris[B<-pass arg>] 1359191Skris[B<-e>] 1459191Skris[B<-d>] 1559191Skris[B<-a>] 1659191Skris[B<-A>] 1759191Skris[B<-k password>] 1859191Skris[B<-kfile filename>] 1959191Skris[B<-K key>] 2059191Skris[B<-iv IV>] 2159191Skris[B<-p>] 2259191Skris[B<-P>] 2359191Skris[B<-bufsize number>] 2459191Skris[B<-debug>] 2559191Skris 2659191Skris=head1 DESCRIPTION 2759191Skris 2859191SkrisThe symmetric cipher commands allow data to be encrypted or decrypted 2959191Skrisusing various block and stream ciphers using keys based on passwords 3059191Skrisor explicitly provided. Base64 encoding or decoding can also be performed 3159191Skriseither by itself or in addition to the encryption or decryption. 3259191Skris 3359191Skris=head1 OPTIONS 3459191Skris 3559191Skris=over 4 3659191Skris 3759191Skris=item B<-in filename> 3859191Skris 3959191Skristhe input filename, standard input by default. 4059191Skris 4159191Skris=item B<-out filename> 4259191Skris 4359191Skristhe output filename, standard output by default. 4459191Skris 4559191Skris=item B<-pass arg> 4659191Skris 4759191Skristhe password source. For more information about the format of B<arg> 4859191Skrissee the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. 4959191Skris 5059191Skris=item B<-salt> 5159191Skris 5259191Skrisuse a salt in the key derivation routines. This option should B<ALWAYS> 5359191Skrisbe used unless compatibility with previous versions of OpenSSL or SSLeay 5459191Skrisis required. This option is only present on OpenSSL versions 0.9.5 or 5559191Skrisabove. 5659191Skris 5759191Skris=item B<-nosalt> 5859191Skris 5959191Skrisdon't use a salt in the key derivation routines. This is the default for 6059191Skriscompatibility with previous versions of OpenSSL and SSLeay. 6159191Skris 6259191Skris=item B<-e> 6359191Skris 6459191Skrisencrypt the input data: this is the default. 6559191Skris 6659191Skris=item B<-d> 6759191Skris 6859191Skrisdecrypt the input data. 6959191Skris 7059191Skris=item B<-a> 7159191Skris 7259191Skrisbase64 process the data. This means that if encryption is taking place 7359191Skristhe data is base64 encoded after encryption. If decryption is set then 7459191Skristhe input data is base64 decoded before being decrypted. 7559191Skris 7659191Skris=item B<-A> 7759191Skris 7859191Skrisif the B<-a> option is set then base64 process the data on one line. 7959191Skris 8059191Skris=item B<-k password> 8159191Skris 8259191Skristhe password to derive the key from. This is for compatibility with previous 8359191Skrisversions of OpenSSL. Superseded by the B<-pass> argument. 8459191Skris 8559191Skris=item B<-kfile filename> 8659191Skris 8759191Skrisread the password to derive the key from the first line of B<filename>. 8859191SkrisThis is for computability with previous versions of OpenSSL. Superseded by 8959191Skristhe B<-pass> argument. 9059191Skris 9159191Skris=item B<-S salt> 9259191Skris 9359191Skristhe actual salt to use: this must be represented as a string comprised only 9459191Skrisof hex digits. 9559191Skris 9659191Skris=item B<-K key> 9759191Skris 9859191Skristhe actual key to use: this must be represented as a string comprised only 9959191Skrisof hex digits. 10059191Skris 10159191Skris=item B<-iv IV> 10259191Skris 10359191Skristhe actual IV to use: this must be represented as a string comprised only 10459191Skrisof hex digits. 10559191Skris 10659191Skris=item B<-p> 10759191Skris 10859191Skrisprint out the key and IV used. 10959191Skris 11059191Skris=item B<-P> 11159191Skris 11259191Skrisprint out the key and IV used then immediately exit: don't do any encryption 11359191Skrisor decryption. 11459191Skris 11559191Skris=item B<-bufsize number> 11659191Skris 11759191Skrisset the buffer size for I/O 11859191Skris 11959191Skris=item B<-debug> 12059191Skris 12159191Skrisdebug the BIOs used for I/O. 12259191Skris 12359191Skris=back 12459191Skris 12559191Skris=head1 NOTES 12659191Skris 12759191SkrisThe program can be called either as B<openssl ciphername> or 12859191SkrisB<openssl enc -ciphername>. 12959191Skris 13059191SkrisA password will be prompted for to derive the key and IV if necessary. 13159191Skris 13259191SkrisThe B<-salt> option should B<ALWAYS> be used if the key is being derived 13359191Skrisfrom a password unless you want compatibility with previous versions of 13459191SkrisOpenSSL and SSLeay. 13559191Skris 13659191SkrisWithout the B<-salt> option it is possible to perform efficient dictionary 13759191Skrisattacks on the password and to attack stream cipher encrypted data. The reason 13859191Skrisfor this is that without the salt the same password always generates the same 13959191Skrisencryption key. When the salt is being used the first eight bytes of the 14059191Skrisencrypted data are reserved for the salt: it is generated at random when 14159191Skrisencrypting a file and read from the encrypted file when it is decrypted. 14259191Skris 14359191SkrisSome of the ciphers do not have large keys and others have security 14459191Skrisimplications if not used correctly. A beginner is advised to just use 14559191Skrisa strong block cipher in CBC mode such as bf or des3. 14659191Skris 14759191SkrisAll the block ciphers use PKCS#5 padding also known as standard block 14859191Skrispadding: this allows a rudimentary integrity or password check to be 14959191Skrisperformed. However since the chance of random data passing the test is 15059191Skrisbetter than 1 in 256 it isn't a very good test. 15159191Skris 15259191SkrisAll RC2 ciphers have the same key and effective key length. 15359191Skris 15459191SkrisBlowfish and RC5 algorithms use a 128 bit key. 15559191Skris 15659191Skris=head1 SUPPORTED CIPHERS 15759191Skris 15859191Skris base64 Base 64 15959191Skris 16059191Skris bf-cbc Blowfish in CBC mode 16159191Skris bf Alias for bf-cbc 16259191Skris bf-cfb Blowfish in CFB mode 16359191Skris bf-ecb Blowfish in ECB mode 16459191Skris bf-ofb Blowfish in OFB mode 16559191Skris 16659191Skris cast-cbc CAST in CBC mode 16759191Skris cast Alias for cast-cbc 16859191Skris cast5-cbc CAST5 in CBC mode 16959191Skris cast5-cfb CAST5 in CFB mode 17059191Skris cast5-ecb CAST5 in ECB mode 17159191Skris cast5-ofb CAST5 in OFB mode 17259191Skris 17359191Skris des-cbc DES in CBC mode 17459191Skris des Alias for des-cbc 17559191Skris des-cfb DES in CBC mode 17659191Skris des-ofb DES in OFB mode 17759191Skris des-ecb DES in ECB mode 17859191Skris 17959191Skris des-ede-cbc Two key triple DES EDE in CBC mode 18059191Skris des-ede Alias for des-ede 18159191Skris des-ede-cfb Two key triple DES EDE in CFB mode 18259191Skris des-ede-ofb Two key triple DES EDE in OFB mode 18359191Skris 18459191Skris des-ede3-cbc Three key triple DES EDE in CBC mode 18559191Skris des-ede3 Alias for des-ede3-cbc 18659191Skris des3 Alias for des-ede3-cbc 18759191Skris des-ede3-cfb Three key triple DES EDE CFB mode 18859191Skris des-ede3-ofb Three key triple DES EDE in OFB mode 18959191Skris 19059191Skris desx DESX algorithm. 19159191Skris 19259191Skris idea-cbc IDEA algorithm in CBC mode 19359191Skris idea same as idea-cbc 19459191Skris idea-cfb IDEA in CFB mode 19559191Skris idea-ecb IDEA in ECB mode 19659191Skris idea-ofb IDEA in OFB mode 19759191Skris 19859191Skris rc2-cbc 128 bit RC2 in CBC mode 19959191Skris rc2 Alias for rc2-cbc 20059191Skris rc2-cfb 128 bit RC2 in CBC mode 20159191Skris rc2-ecb 128 bit RC2 in CBC mode 20259191Skris rc2-ofb 128 bit RC2 in CBC mode 20359191Skris rc2-64-cbc 64 bit RC2 in CBC mode 20459191Skris rc2-40-cbc 40 bit RC2 in CBC mode 20559191Skris 20659191Skris rc4 128 bit RC4 20759191Skris rc4-64 64 bit RC4 20859191Skris rc4-40 40 bit RC4 20959191Skris 21059191Skris rc5-cbc RC5 cipher in CBC mode 21159191Skris rc5 Alias for rc5-cbc 21259191Skris rc5-cfb RC5 cipher in CBC mode 21359191Skris rc5-ecb RC5 cipher in CBC mode 21459191Skris rc5-ofb RC5 cipher in CBC mode 21559191Skris 21659191Skris=head1 EXAMPLES 21759191Skris 21859191SkrisJust base64 encode a binary file: 21959191Skris 22059191Skris openssl base64 -in file.bin -out file.b64 22159191Skris 22259191SkrisDecode the same file 22359191Skris 22459191Skris openssl base64 -d -in file.b64 -out file.bin 22559191Skris 22659191SkrisEncrypt a file using triple DES in CBC mode using a prompted password: 22759191Skris 22859191Skris openssl des3 -salt -in file.txt -out file.des3 22959191Skris 23059191SkrisDecrypt a file using a supplied password: 23159191Skris 23259191Skris openssl des3 -d -salt -in file.des3 -out file.txt -k mypassword 23359191Skris 23459191SkrisEncrypt a file then base64 encode it (so it can be sent via mail for example) 23559191Skrisusing Blowfish in CBC mode: 23659191Skris 23759191Skris openssl bf -a -salt -in file.txt -out file.bf 23859191Skris 23959191SkrisBase64 decode a file then decrypt it: 24059191Skris 24159191Skris openssl bf -d -salt -a -in file.bf -out file.txt 24259191Skris 24359191SkrisDecrypt some data using a supplied 40 bit RC4 key: 24459191Skris 24559191Skris openssl rc4-40 -in file.rc4 -out file.txt -K 0102030405 24659191Skris 24759191Skris=head1 BUGS 24859191Skris 24959191SkrisThe B<-A> option when used with large files doesn't work properly. 25059191Skris 25159191SkrisThere should be an option to allow an iteration count to be included. 25259191Skris 25359191SkrisLike the EVP library the B<enc> program only supports a fixed number of 25459191Skrisalgorithms with certain parameters. So if, for example, you want to use RC2 25559191Skriswith a 76 bit key or RC4 with an 84 bit key you can't use this program. 25659191Skris 25759191Skris=cut 258