enc.pod revision 325337
1=pod 2 3=head1 NAME 4 5openssl-enc, 6enc - symmetric cipher routines 7 8=head1 SYNOPSIS 9 10B<openssl enc -ciphername> 11[B<-in filename>] 12[B<-out filename>] 13[B<-pass arg>] 14[B<-e>] 15[B<-d>] 16[B<-a/-base64>] 17[B<-A>] 18[B<-k password>] 19[B<-kfile filename>] 20[B<-K key>] 21[B<-iv IV>] 22[B<-S salt>] 23[B<-salt>] 24[B<-nosalt>] 25[B<-z>] 26[B<-md>] 27[B<-p>] 28[B<-P>] 29[B<-bufsize number>] 30[B<-nopad>] 31[B<-debug>] 32[B<-none>] 33[B<-engine id>] 34 35=head1 DESCRIPTION 36 37The symmetric cipher commands allow data to be encrypted or decrypted 38using various block and stream ciphers using keys based on passwords 39or explicitly provided. Base64 encoding or decoding can also be performed 40either by itself or in addition to the encryption or decryption. 41 42=head1 OPTIONS 43 44=over 4 45 46=item B<-in filename> 47 48the input filename, standard input by default. 49 50=item B<-out filename> 51 52the output filename, standard output by default. 53 54=item B<-pass arg> 55 56the password source. For more information about the format of B<arg> 57see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. 58 59=item B<-salt> 60 61use a salt in the key derivation routines. This is the default. 62 63=item B<-nosalt> 64 65don't use a salt in the key derivation routines. This option B<SHOULD NOT> be 66used except for test purposes or compatibility with ancient versions of OpenSSL 67and SSLeay. 68 69=item B<-e> 70 71encrypt the input data: this is the default. 72 73=item B<-d> 74 75decrypt the input data. 76 77=item B<-a> 78 79base64 process the data. This means that if encryption is taking place 80the data is base64 encoded after encryption. If decryption is set then 81the input data is base64 decoded before being decrypted. 82 83=item B<-base64> 84 85same as B<-a> 86 87=item B<-A> 88 89if the B<-a> option is set then base64 process the data on one line. 90 91=item B<-k password> 92 93the password to derive the key from. This is for compatibility with previous 94versions of OpenSSL. Superseded by the B<-pass> argument. 95 96=item B<-kfile filename> 97 98read the password to derive the key from the first line of B<filename>. 99This is for compatibility with previous versions of OpenSSL. Superseded by 100the B<-pass> argument. 101 102=item B<-nosalt> 103 104do not use a salt 105 106=item B<-salt> 107 108use salt (randomly generated or provide with B<-S> option) when 109encrypting (this is the default). 110 111=item B<-S salt> 112 113the actual salt to use: this must be represented as a string of hex digits. 114 115=item B<-K key> 116 117the actual key to use: this must be represented as a string comprised only 118of hex digits. If only the key is specified, the IV must additionally specified 119using the B<-iv> option. When both a key and a password are specified, the 120key given with the B<-K> option will be used and the IV generated from the 121password will be taken. It probably does not make much sense to specify 122both key and password. 123 124=item B<-iv IV> 125 126the actual IV to use: this must be represented as a string comprised only 127of hex digits. When only the key is specified using the B<-K> option, the 128IV must explicitly be defined. When a password is being specified using 129one of the other options, the IV is generated from this password. 130 131=item B<-p> 132 133print out the key and IV used. 134 135=item B<-P> 136 137print out the key and IV used then immediately exit: don't do any encryption 138or decryption. 139 140=item B<-bufsize number> 141 142set the buffer size for I/O 143 144=item B<-nopad> 145 146disable standard block padding 147 148=item B<-debug> 149 150debug the BIOs used for I/O. 151 152=item B<-z> 153 154Compress or decompress clear text using zlib before encryption or after 155decryption. This option exists only if OpenSSL with compiled with zlib 156or zlib-dynamic option. 157 158=item B<-none> 159 160Use NULL cipher (no encryption or decryption of input). 161 162=back 163 164=head1 NOTES 165 166The program can be called either as B<openssl ciphername> or 167B<openssl enc -ciphername>. But the first form doesn't work with 168engine-provided ciphers, because this form is processed before the 169configuration file is read and any ENGINEs loaded. 170 171Engines which provide entirely new encryption algorithms (such as ccgost 172engine which provides gost89 algorithm) should be configured in the 173configuration file. Engines, specified in the command line using -engine 174options can only be used for hadrware-assisted implementations of 175ciphers, which are supported by OpenSSL core or other engine, specified 176in the configuration file. 177 178When enc command lists supported ciphers, ciphers provided by engines, 179specified in the configuration files are listed too. 180 181A password will be prompted for to derive the key and IV if necessary. 182 183The B<-salt> option should B<ALWAYS> be used if the key is being derived 184from a password unless you want compatibility with previous versions of 185OpenSSL and SSLeay. 186 187Without the B<-salt> option it is possible to perform efficient dictionary 188attacks on the password and to attack stream cipher encrypted data. The reason 189for this is that without the salt the same password always generates the same 190encryption key. When the salt is being used the first eight bytes of the 191encrypted data are reserved for the salt: it is generated at random when 192encrypting a file and read from the encrypted file when it is decrypted. 193 194Some of the ciphers do not have large keys and others have security 195implications if not used correctly. A beginner is advised to just use 196a strong block cipher in CBC mode such as bf or des3. 197 198All the block ciphers normally use PKCS#5 padding also known as standard block 199padding: this allows a rudimentary integrity or password check to be 200performed. However since the chance of random data passing the test is 201better than 1 in 256 it isn't a very good test. 202 203If padding is disabled then the input data must be a multiple of the cipher 204block length. 205 206All RC2 ciphers have the same key and effective key length. 207 208Blowfish and RC5 algorithms use a 128 bit key. 209 210=head1 SUPPORTED CIPHERS 211 212Note that some of these ciphers can be disabled at compile time 213and some are available only if an appropriate engine is configured 214in the configuration file. The output of the B<enc> command run with 215unsupported options (for example B<openssl enc -help>) includes a 216list of ciphers, supported by your versesion of OpenSSL, including 217ones provided by configured engines. 218 219The B<enc> program does not support authenticated encryption modes 220like CCM and GCM. The utility does not store or retrieve the 221authentication tag. 222 223 224 base64 Base 64 225 226 bf-cbc Blowfish in CBC mode 227 bf Alias for bf-cbc 228 bf-cfb Blowfish in CFB mode 229 bf-ecb Blowfish in ECB mode 230 bf-ofb Blowfish in OFB mode 231 232 cast-cbc CAST in CBC mode 233 cast Alias for cast-cbc 234 cast5-cbc CAST5 in CBC mode 235 cast5-cfb CAST5 in CFB mode 236 cast5-ecb CAST5 in ECB mode 237 cast5-ofb CAST5 in OFB mode 238 239 des-cbc DES in CBC mode 240 des Alias for des-cbc 241 des-cfb DES in CBC mode 242 des-ofb DES in OFB mode 243 des-ecb DES in ECB mode 244 245 des-ede-cbc Two key triple DES EDE in CBC mode 246 des-ede Two key triple DES EDE in ECB mode 247 des-ede-cfb Two key triple DES EDE in CFB mode 248 des-ede-ofb Two key triple DES EDE in OFB mode 249 250 des-ede3-cbc Three key triple DES EDE in CBC mode 251 des-ede3 Three key triple DES EDE in ECB mode 252 des3 Alias for des-ede3-cbc 253 des-ede3-cfb Three key triple DES EDE CFB mode 254 des-ede3-ofb Three key triple DES EDE in OFB mode 255 256 desx DESX algorithm. 257 258 gost89 GOST 28147-89 in CFB mode (provided by ccgost engine) 259 gost89-cnt `GOST 28147-89 in CNT mode (provided by ccgost engine) 260 261 idea-cbc IDEA algorithm in CBC mode 262 idea same as idea-cbc 263 idea-cfb IDEA in CFB mode 264 idea-ecb IDEA in ECB mode 265 idea-ofb IDEA in OFB mode 266 267 rc2-cbc 128 bit RC2 in CBC mode 268 rc2 Alias for rc2-cbc 269 rc2-cfb 128 bit RC2 in CFB mode 270 rc2-ecb 128 bit RC2 in ECB mode 271 rc2-ofb 128 bit RC2 in OFB mode 272 rc2-64-cbc 64 bit RC2 in CBC mode 273 rc2-40-cbc 40 bit RC2 in CBC mode 274 275 rc4 128 bit RC4 276 rc4-64 64 bit RC4 277 rc4-40 40 bit RC4 278 279 rc5-cbc RC5 cipher in CBC mode 280 rc5 Alias for rc5-cbc 281 rc5-cfb RC5 cipher in CFB mode 282 rc5-ecb RC5 cipher in ECB mode 283 rc5-ofb RC5 cipher in OFB mode 284 285 aes-[128|192|256]-cbc 128/192/256 bit AES in CBC mode 286 aes-[128|192|256] Alias for aes-[128|192|256]-cbc 287 aes-[128|192|256]-cfb 128/192/256 bit AES in 128 bit CFB mode 288 aes-[128|192|256]-cfb1 128/192/256 bit AES in 1 bit CFB mode 289 aes-[128|192|256]-cfb8 128/192/256 bit AES in 8 bit CFB mode 290 aes-[128|192|256]-ecb 128/192/256 bit AES in ECB mode 291 aes-[128|192|256]-ofb 128/192/256 bit AES in OFB mode 292 293=head1 EXAMPLES 294 295Just base64 encode a binary file: 296 297 openssl base64 -in file.bin -out file.b64 298 299Decode the same file 300 301 openssl base64 -d -in file.b64 -out file.bin 302 303Encrypt a file using triple DES in CBC mode using a prompted password: 304 305 openssl des3 -salt -in file.txt -out file.des3 306 307Decrypt a file using a supplied password: 308 309 openssl des3 -d -salt -in file.des3 -out file.txt -k mypassword 310 311Encrypt a file then base64 encode it (so it can be sent via mail for example) 312using Blowfish in CBC mode: 313 314 openssl bf -a -salt -in file.txt -out file.bf 315 316Base64 decode a file then decrypt it: 317 318 openssl bf -d -salt -a -in file.bf -out file.txt 319 320Decrypt some data using a supplied 40 bit RC4 key: 321 322 openssl rc4-40 -in file.rc4 -out file.txt -K 0102030405 323 324=head1 BUGS 325 326The B<-A> option when used with large files doesn't work properly. 327 328There should be an option to allow an iteration count to be included. 329 330The B<enc> program only supports a fixed number of algorithms with 331certain parameters. So if, for example, you want to use RC2 with a 33276 bit key or RC4 with an 84 bit key you can't use this program. 333 334=cut 335