enc.pod revision 256281
1226031Sstas=pod 2226031Sstas 3226031Sstas=head1 NAME 4226031Sstas 5226031Sstasenc - symmetric cipher routines 6226031Sstas 7226031Sstas=head1 SYNOPSIS 8226031Sstas 9226031SstasB<openssl enc -ciphername> 10226031Sstas[B<-in filename>] 11226031Sstas[B<-out filename>] 12226031Sstas[B<-pass arg>] 13226031Sstas[B<-e>] 14226031Sstas[B<-d>] 15226031Sstas[B<-a/-base64>] 16226031Sstas[B<-A>] 17226031Sstas[B<-k password>] 18226031Sstas[B<-kfile filename>] 19226031Sstas[B<-K key>] 20226031Sstas[B<-iv IV>] 21226031Sstas[B<-S salt>] 22226031Sstas[B<-salt>] 23226031Sstas[B<-nosalt>] 24226031Sstas[B<-z>] 25226031Sstas[B<-md>] 26226031Sstas[B<-p>] 27226031Sstas[B<-P>] 28226031Sstas[B<-bufsize number>] 29226031Sstas[B<-nopad>] 30226031Sstas[B<-debug>] 31226031Sstas[B<-none>] 32226031Sstas[B<-engine id>] 33226031Sstas 34226031Sstas=head1 DESCRIPTION 35226031Sstas 36226031SstasThe symmetric cipher commands allow data to be encrypted or decrypted 37226031Sstasusing various block and stream ciphers using keys based on passwords 38226031Sstasor explicitly provided. Base64 encoding or decoding can also be performed 39226031Sstaseither by itself or in addition to the encryption or decryption. 40226031Sstas 41226031Sstas=head1 OPTIONS 42226031Sstas 43226031Sstas=over 4 44226031Sstas 45226031Sstas=item B<-in filename> 46226031Sstas 47226031Sstasthe input filename, standard input by default. 48226031Sstas 49226031Sstas=item B<-out filename> 50226031Sstas 51226031Sstasthe output filename, standard output by default. 52226031Sstas 53226031Sstas=item B<-pass arg> 54226031Sstas 55226031Sstasthe password source. For more information about the format of B<arg> 56226031Sstassee the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. 57226031Sstas 58226031Sstas=item B<-salt> 59226031Sstas 60226031Sstasuse a salt in the key derivation routines. This is the default. 61226031Sstas 62226031Sstas=item B<-nosalt> 63226031Sstas 64226031Sstasdon't use a salt in the key derivation routines. This option B<SHOULD NOT> be 65226031Sstasused except for test purposes or compatibility with ancient versions of OpenSSL 66226031Sstasand SSLeay. 67226031Sstas 68226031Sstas=item B<-e> 69226031Sstas 70226031Sstasencrypt the input data: this is the default. 71226031Sstas 72226031Sstas=item B<-d> 73226031Sstas 74226031Sstasdecrypt the input data. 75226031Sstas 76226031Sstas=item B<-a> 77226031Sstas 78226031Sstasbase64 process the data. This means that if encryption is taking place 79226031Sstasthe data is base64 encoded after encryption. If decryption is set then 80226031Sstasthe input data is base64 decoded before being decrypted. 81226031Sstas 82226031Sstas=item B<-base64> 83226031Sstas 84226031Sstassame as B<-a> 85226031Sstas 86226031Sstas=item B<-A> 87226031Sstas 88226031Sstasif the B<-a> option is set then base64 process the data on one line. 89226031Sstas 90226031Sstas=item B<-k password> 91226031Sstas 92226031Sstasthe password to derive the key from. This is for compatibility with previous 93226031Sstasversions of OpenSSL. Superseded by the B<-pass> argument. 94226031Sstas 95226031Sstas=item B<-kfile filename> 96226031Sstas 97226031Sstasread the password to derive the key from the first line of B<filename>. 98226031SstasThis is for compatibility with previous versions of OpenSSL. Superseded by 99226031Sstasthe B<-pass> argument. 100226031Sstas 101226031Sstas=item B<-nosalt> 102226031Sstas 103226031Sstasdo not use a salt 104226031Sstas 105226031Sstas=item B<-salt> 106226031Sstas 107226031Sstasuse salt (randomly generated or provide with B<-S> option) when 108226031Sstasencrypting (this is the default). 109226031Sstas 110226031Sstas=item B<-S salt> 111226031Sstas 112226031Sstasthe actual salt to use: this must be represented as a string of hex digits. 113226031Sstas 114226031Sstas=item B<-K key> 115226031Sstas 116226031Sstasthe actual key to use: this must be represented as a string comprised only 117226031Sstasof hex digits. If only the key is specified, the IV must additionally specified 118226031Sstasusing the B<-iv> option. When both a key and a password are specified, the 119226031Sstaskey given with the B<-K> option will be used and the IV generated from the 120226031Sstaspassword will be taken. It probably does not make much sense to specify 121226031Sstasboth key and password. 122226031Sstas 123226031Sstas=item B<-iv IV> 124226031Sstas 125226031Sstasthe actual IV to use: this must be represented as a string comprised only 126226031Sstasof hex digits. When only the key is specified using the B<-K> option, the 127226031SstasIV must explicitly be defined. When a password is being specified using 128226031Sstasone of the other options, the IV is generated from this password. 129226031Sstas 130226031Sstas=item B<-p> 131226031Sstas 132226031Sstasprint out the key and IV used. 133226031Sstas 134226031Sstas=item B<-P> 135226031Sstas 136226031Sstasprint out the key and IV used then immediately exit: don't do any encryption 137226031Sstasor decryption. 138226031Sstas 139226031Sstas=item B<-bufsize number> 140226031Sstas 141226031Sstasset the buffer size for I/O 142226031Sstas 143226031Sstas=item B<-nopad> 144226031Sstas 145226031Sstasdisable standard block padding 146226031Sstas 147226031Sstas=item B<-debug> 148226031Sstas 149226031Sstasdebug the BIOs used for I/O. 150226031Sstas 151226031Sstas=item B<-z> 152226031Sstas 153226031SstasCompress or decompress clear text using zlib before encryption or after 154226031Sstasdecryption. This option exists only if OpenSSL with compiled with zlib 155226031Sstasor zlib-dynamic option. 156226031Sstas 157226031Sstas=item B<-none> 158 159Use NULL cipher (no encryption or decryption of input). 160 161=back 162 163=head1 NOTES 164 165The program can be called either as B<openssl ciphername> or 166B<openssl enc -ciphername>. But the first form doesn't work with 167engine-provided ciphers, because this form is processed before the 168configuration file is read and any ENGINEs loaded. 169 170Engines which provide entirely new encryption algorithms (such as ccgost 171engine which provides gost89 algorithm) should be configured in the 172configuration file. Engines, specified in the command line using -engine 173options can only be used for hadrware-assisted implementations of 174ciphers, which are supported by OpenSSL core or other engine, specified 175in the configuration file. 176 177When enc command lists supported ciphers, ciphers provided by engines, 178specified in the configuration files are listed too. 179 180A password will be prompted for to derive the key and IV if necessary. 181 182The B<-salt> option should B<ALWAYS> be used if the key is being derived 183from a password unless you want compatibility with previous versions of 184OpenSSL and SSLeay. 185 186Without the B<-salt> option it is possible to perform efficient dictionary 187attacks on the password and to attack stream cipher encrypted data. The reason 188for this is that without the salt the same password always generates the same 189encryption key. When the salt is being used the first eight bytes of the 190encrypted data are reserved for the salt: it is generated at random when 191encrypting a file and read from the encrypted file when it is decrypted. 192 193Some of the ciphers do not have large keys and others have security 194implications if not used correctly. A beginner is advised to just use 195a strong block cipher in CBC mode such as bf or des3. 196 197All the block ciphers normally use PKCS#5 padding also known as standard block 198padding: this allows a rudimentary integrity or password check to be 199performed. However since the chance of random data passing the test is 200better than 1 in 256 it isn't a very good test. 201 202If padding is disabled then the input data must be a multiple of the cipher 203block length. 204 205All RC2 ciphers have the same key and effective key length. 206 207Blowfish and RC5 algorithms use a 128 bit key. 208 209=head1 SUPPORTED CIPHERS 210 211Note that some of these ciphers can be disabled at compile time 212and some are available only if an appropriate engine is configured 213in the configuration file. The output of the B<enc> command run with 214unsupported options (for example B<openssl enc -help>) includes a 215list of ciphers, supported by your versesion of OpenSSL, including 216ones provided by configured engines. 217 218 219 base64 Base 64 220 221 bf-cbc Blowfish in CBC mode 222 bf Alias for bf-cbc 223 bf-cfb Blowfish in CFB mode 224 bf-ecb Blowfish in ECB mode 225 bf-ofb Blowfish in OFB mode 226 227 cast-cbc CAST in CBC mode 228 cast Alias for cast-cbc 229 cast5-cbc CAST5 in CBC mode 230 cast5-cfb CAST5 in CFB mode 231 cast5-ecb CAST5 in ECB mode 232 cast5-ofb CAST5 in OFB mode 233 234 des-cbc DES in CBC mode 235 des Alias for des-cbc 236 des-cfb DES in CBC mode 237 des-ofb DES in OFB mode 238 des-ecb DES in ECB mode 239 240 des-ede-cbc Two key triple DES EDE in CBC mode 241 des-ede Two key triple DES EDE in ECB mode 242 des-ede-cfb Two key triple DES EDE in CFB mode 243 des-ede-ofb Two key triple DES EDE in OFB mode 244 245 des-ede3-cbc Three key triple DES EDE in CBC mode 246 des-ede3 Three key triple DES EDE in ECB mode 247 des3 Alias for des-ede3-cbc 248 des-ede3-cfb Three key triple DES EDE CFB mode 249 des-ede3-ofb Three key triple DES EDE in OFB mode 250 251 desx DESX algorithm. 252 253 gost89 GOST 28147-89 in CFB mode (provided by ccgost engine) 254 gost89-cnt `GOST 28147-89 in CNT mode (provided by ccgost engine) 255 256 idea-cbc IDEA algorithm in CBC mode 257 idea same as idea-cbc 258 idea-cfb IDEA in CFB mode 259 idea-ecb IDEA in ECB mode 260 idea-ofb IDEA in OFB mode 261 262 rc2-cbc 128 bit RC2 in CBC mode 263 rc2 Alias for rc2-cbc 264 rc2-cfb 128 bit RC2 in CFB mode 265 rc2-ecb 128 bit RC2 in ECB mode 266 rc2-ofb 128 bit RC2 in OFB mode 267 rc2-64-cbc 64 bit RC2 in CBC mode 268 rc2-40-cbc 40 bit RC2 in CBC mode 269 270 rc4 128 bit RC4 271 rc4-64 64 bit RC4 272 rc4-40 40 bit RC4 273 274 rc5-cbc RC5 cipher in CBC mode 275 rc5 Alias for rc5-cbc 276 rc5-cfb RC5 cipher in CFB mode 277 rc5-ecb RC5 cipher in ECB mode 278 rc5-ofb RC5 cipher in OFB mode 279 280 aes-[128|192|256]-cbc 128/192/256 bit AES in CBC mode 281 aes-[128|192|256] Alias for aes-[128|192|256]-cbc 282 aes-[128|192|256]-cfb 128/192/256 bit AES in 128 bit CFB mode 283 aes-[128|192|256]-cfb1 128/192/256 bit AES in 1 bit CFB mode 284 aes-[128|192|256]-cfb8 128/192/256 bit AES in 8 bit CFB mode 285 aes-[128|192|256]-ecb 128/192/256 bit AES in ECB mode 286 aes-[128|192|256]-ofb 128/192/256 bit AES in OFB mode 287 288=head1 EXAMPLES 289 290Just base64 encode a binary file: 291 292 openssl base64 -in file.bin -out file.b64 293 294Decode the same file 295 296 openssl base64 -d -in file.b64 -out file.bin 297 298Encrypt a file using triple DES in CBC mode using a prompted password: 299 300 openssl des3 -salt -in file.txt -out file.des3 301 302Decrypt a file using a supplied password: 303 304 openssl des3 -d -salt -in file.des3 -out file.txt -k mypassword 305 306Encrypt a file then base64 encode it (so it can be sent via mail for example) 307using Blowfish in CBC mode: 308 309 openssl bf -a -salt -in file.txt -out file.bf 310 311Base64 decode a file then decrypt it: 312 313 openssl bf -d -salt -a -in file.bf -out file.txt 314 315Decrypt some data using a supplied 40 bit RC4 key: 316 317 openssl rc4-40 -in file.rc4 -out file.txt -K 0102030405 318 319=head1 BUGS 320 321The B<-A> option when used with large files doesn't work properly. 322 323There should be an option to allow an iteration count to be included. 324 325The B<enc> program only supports a fixed number of algorithms with 326certain parameters. So if, for example, you want to use RC2 with a 32776 bit key or RC4 with an 84 bit key you can't use this program. 328 329=cut 330