enc.pod revision 285830
1=pod 2 3=head1 NAME 4 5enc - symmetric cipher routines 6 7=head1 SYNOPSIS 8 9B<openssl enc -ciphername> 10[B<-in filename>] 11[B<-out filename>] 12[B<-pass arg>] 13[B<-e>] 14[B<-d>] 15[B<-a/-base64>] 16[B<-A>] 17[B<-k password>] 18[B<-kfile filename>] 19[B<-K key>] 20[B<-iv IV>] 21[B<-S salt>] 22[B<-salt>] 23[B<-nosalt>] 24[B<-z>] 25[B<-md>] 26[B<-p>] 27[B<-P>] 28[B<-bufsize number>] 29[B<-nopad>] 30[B<-debug>] 31[B<-none>] 32[B<-engine id>] 33 34=head1 DESCRIPTION 35 36The symmetric cipher commands allow data to be encrypted or decrypted 37using various block and stream ciphers using keys based on passwords 38or explicitly provided. Base64 encoding or decoding can also be performed 39either by itself or in addition to the encryption or decryption. 40 41=head1 OPTIONS 42 43=over 4 44 45=item B<-in filename> 46 47the input filename, standard input by default. 48 49=item B<-out filename> 50 51the output filename, standard output by default. 52 53=item B<-pass arg> 54 55the password source. For more information about the format of B<arg> 56see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. 57 58=item B<-salt> 59 60use a salt in the key derivation routines. This is the default. 61 62=item B<-nosalt> 63 64don't use a salt in the key derivation routines. This option B<SHOULD NOT> be 65used except for test purposes or compatibility with ancient versions of OpenSSL 66and SSLeay. 67 68=item B<-e> 69 70encrypt the input data: this is the default. 71 72=item B<-d> 73 74decrypt the input data. 75 76=item B<-a> 77 78base64 process the data. This means that if encryption is taking place 79the data is base64 encoded after encryption. If decryption is set then 80the input data is base64 decoded before being decrypted. 81 82=item B<-base64> 83 84same as B<-a> 85 86=item B<-A> 87 88if the B<-a> option is set then base64 process the data on one line. 89 90=item B<-k password> 91 92the password to derive the key from. This is for compatibility with previous 93versions of OpenSSL. Superseded by the B<-pass> argument. 94 95=item B<-kfile filename> 96 97read the password to derive the key from the first line of B<filename>. 98This is for compatibility with previous versions of OpenSSL. Superseded by 99the B<-pass> argument. 100 101=item B<-nosalt> 102 103do not use a salt 104 105=item B<-salt> 106 107use salt (randomly generated or provide with B<-S> option) when 108encrypting (this is the default). 109 110=item B<-S salt> 111 112the actual salt to use: this must be represented as a string of hex digits. 113 114=item B<-K key> 115 116the actual key to use: this must be represented as a string comprised only 117of hex digits. If only the key is specified, the IV must additionally specified 118using the B<-iv> option. When both a key and a password are specified, the 119key given with the B<-K> option will be used and the IV generated from the 120password will be taken. It probably does not make much sense to specify 121both key and password. 122 123=item B<-iv IV> 124 125the actual IV to use: this must be represented as a string comprised only 126of hex digits. When only the key is specified using the B<-K> option, the 127IV must explicitly be defined. When a password is being specified using 128one of the other options, the IV is generated from this password. 129 130=item B<-p> 131 132print out the key and IV used. 133 134=item B<-P> 135 136print out the key and IV used then immediately exit: don't do any encryption 137or decryption. 138 139=item B<-bufsize number> 140 141set the buffer size for I/O 142 143=item B<-nopad> 144 145disable standard block padding 146 147=item B<-debug> 148 149debug the BIOs used for I/O. 150 151=item B<-z> 152 153Compress or decompress clear text using zlib before encryption or after 154decryption. This option exists only if OpenSSL with compiled with zlib 155or zlib-dynamic option. 156 157=item B<-none> 158 159Use NULL cipher (no encryption or decryption of input). 160 161=back 162 163=head1 NOTES 164 165The program can be called either as B<openssl ciphername> or 166B<openssl enc -ciphername>. But the first form doesn't work with 167engine-provided ciphers, because this form is processed before the 168configuration file is read and any ENGINEs loaded. 169 170Engines which provide entirely new encryption algorithms (such as ccgost 171engine which provides gost89 algorithm) should be configured in the 172configuration file. Engines, specified in the command line using -engine 173options can only be used for hadrware-assisted implementations of 174ciphers, which are supported by OpenSSL core or other engine, specified 175in the configuration file. 176 177When enc command lists supported ciphers, ciphers provided by engines, 178specified in the configuration files are listed too. 179 180A password will be prompted for to derive the key and IV if necessary. 181 182The B<-salt> option should B<ALWAYS> be used if the key is being derived 183from a password unless you want compatibility with previous versions of 184OpenSSL and SSLeay. 185 186Without the B<-salt> option it is possible to perform efficient dictionary 187attacks on the password and to attack stream cipher encrypted data. The reason 188for this is that without the salt the same password always generates the same 189encryption key. When the salt is being used the first eight bytes of the 190encrypted data are reserved for the salt: it is generated at random when 191encrypting a file and read from the encrypted file when it is decrypted. 192 193Some of the ciphers do not have large keys and others have security 194implications if not used correctly. A beginner is advised to just use 195a strong block cipher in CBC mode such as bf or des3. 196 197All the block ciphers normally use PKCS#5 padding also known as standard block 198padding: this allows a rudimentary integrity or password check to be 199performed. However since the chance of random data passing the test is 200better than 1 in 256 it isn't a very good test. 201 202If padding is disabled then the input data must be a multiple of the cipher 203block length. 204 205All RC2 ciphers have the same key and effective key length. 206 207Blowfish and RC5 algorithms use a 128 bit key. 208 209=head1 SUPPORTED CIPHERS 210 211Note that some of these ciphers can be disabled at compile time 212and some are available only if an appropriate engine is configured 213in the configuration file. The output of the B<enc> command run with 214unsupported options (for example B<openssl enc -help>) includes a 215list of ciphers, supported by your versesion of OpenSSL, including 216ones provided by configured engines. 217 218The B<enc> program does not support authenticated encryption modes 219like CCM and GCM. The utility does not store or retrieve the 220authentication tag. 221 222 223 base64 Base 64 224 225 bf-cbc Blowfish in CBC mode 226 bf Alias for bf-cbc 227 bf-cfb Blowfish in CFB mode 228 bf-ecb Blowfish in ECB mode 229 bf-ofb Blowfish in OFB mode 230 231 cast-cbc CAST in CBC mode 232 cast Alias for cast-cbc 233 cast5-cbc CAST5 in CBC mode 234 cast5-cfb CAST5 in CFB mode 235 cast5-ecb CAST5 in ECB mode 236 cast5-ofb CAST5 in OFB mode 237 238 des-cbc DES in CBC mode 239 des Alias for des-cbc 240 des-cfb DES in CBC mode 241 des-ofb DES in OFB mode 242 des-ecb DES in ECB mode 243 244 des-ede-cbc Two key triple DES EDE in CBC mode 245 des-ede Two key triple DES EDE in ECB mode 246 des-ede-cfb Two key triple DES EDE in CFB mode 247 des-ede-ofb Two key triple DES EDE in OFB mode 248 249 des-ede3-cbc Three key triple DES EDE in CBC mode 250 des-ede3 Three key triple DES EDE in ECB mode 251 des3 Alias for des-ede3-cbc 252 des-ede3-cfb Three key triple DES EDE CFB mode 253 des-ede3-ofb Three key triple DES EDE in OFB mode 254 255 desx DESX algorithm. 256 257 gost89 GOST 28147-89 in CFB mode (provided by ccgost engine) 258 gost89-cnt `GOST 28147-89 in CNT mode (provided by ccgost engine) 259 260 idea-cbc IDEA algorithm in CBC mode 261 idea same as idea-cbc 262 idea-cfb IDEA in CFB mode 263 idea-ecb IDEA in ECB mode 264 idea-ofb IDEA in OFB mode 265 266 rc2-cbc 128 bit RC2 in CBC mode 267 rc2 Alias for rc2-cbc 268 rc2-cfb 128 bit RC2 in CFB mode 269 rc2-ecb 128 bit RC2 in ECB mode 270 rc2-ofb 128 bit RC2 in OFB mode 271 rc2-64-cbc 64 bit RC2 in CBC mode 272 rc2-40-cbc 40 bit RC2 in CBC mode 273 274 rc4 128 bit RC4 275 rc4-64 64 bit RC4 276 rc4-40 40 bit RC4 277 278 rc5-cbc RC5 cipher in CBC mode 279 rc5 Alias for rc5-cbc 280 rc5-cfb RC5 cipher in CFB mode 281 rc5-ecb RC5 cipher in ECB mode 282 rc5-ofb RC5 cipher in OFB mode 283 284 aes-[128|192|256]-cbc 128/192/256 bit AES in CBC mode 285 aes-[128|192|256] Alias for aes-[128|192|256]-cbc 286 aes-[128|192|256]-cfb 128/192/256 bit AES in 128 bit CFB mode 287 aes-[128|192|256]-cfb1 128/192/256 bit AES in 1 bit CFB mode 288 aes-[128|192|256]-cfb8 128/192/256 bit AES in 8 bit CFB mode 289 aes-[128|192|256]-ecb 128/192/256 bit AES in ECB mode 290 aes-[128|192|256]-ofb 128/192/256 bit AES in OFB mode 291 292=head1 EXAMPLES 293 294Just base64 encode a binary file: 295 296 openssl base64 -in file.bin -out file.b64 297 298Decode the same file 299 300 openssl base64 -d -in file.b64 -out file.bin 301 302Encrypt a file using triple DES in CBC mode using a prompted password: 303 304 openssl des3 -salt -in file.txt -out file.des3 305 306Decrypt a file using a supplied password: 307 308 openssl des3 -d -salt -in file.des3 -out file.txt -k mypassword 309 310Encrypt a file then base64 encode it (so it can be sent via mail for example) 311using Blowfish in CBC mode: 312 313 openssl bf -a -salt -in file.txt -out file.bf 314 315Base64 decode a file then decrypt it: 316 317 openssl bf -d -salt -a -in file.bf -out file.txt 318 319Decrypt some data using a supplied 40 bit RC4 key: 320 321 openssl rc4-40 -in file.rc4 -out file.txt -K 0102030405 322 323=head1 BUGS 324 325The B<-A> option when used with large files doesn't work properly. 326 327There should be an option to allow an iteration count to be included. 328 329The B<enc> program only supports a fixed number of algorithms with 330certain parameters. So if, for example, you want to use RC2 with a 33176 bit key or RC4 with an 84 bit key you can't use this program. 332 333=cut 334