1b077aed3SPierre Pronchery=pod 2b077aed3SPierre Pronchery{- OpenSSL::safe::output_do_not_edit_headers(); -} 3b077aed3SPierre Pronchery 4b077aed3SPierre Pronchery=head1 NAME 5b077aed3SPierre Pronchery 6b077aed3SPierre Proncheryopenssl-enc - symmetric cipher routines 7b077aed3SPierre Pronchery 8b077aed3SPierre Pronchery=head1 SYNOPSIS 9b077aed3SPierre Pronchery 10b077aed3SPierre ProncheryB<openssl> B<enc>|I<cipher> 11b077aed3SPierre Pronchery[B<-I<cipher>>] 12b077aed3SPierre Pronchery[B<-help>] 13b077aed3SPierre Pronchery[B<-list>] 14b077aed3SPierre Pronchery[B<-ciphers>] 15b077aed3SPierre Pronchery[B<-in> I<filename>] 16b077aed3SPierre Pronchery[B<-out> I<filename>] 17b077aed3SPierre Pronchery[B<-pass> I<arg>] 18b077aed3SPierre Pronchery[B<-e>] 19b077aed3SPierre Pronchery[B<-d>] 20b077aed3SPierre Pronchery[B<-a>] 21b077aed3SPierre Pronchery[B<-base64>] 22b077aed3SPierre Pronchery[B<-A>] 23b077aed3SPierre Pronchery[B<-k> I<password>] 24b077aed3SPierre Pronchery[B<-kfile> I<filename>] 25b077aed3SPierre Pronchery[B<-K> I<key>] 26b077aed3SPierre Pronchery[B<-iv> I<IV>] 27b077aed3SPierre Pronchery[B<-S> I<salt>] 28b077aed3SPierre Pronchery[B<-salt>] 29b077aed3SPierre Pronchery[B<-nosalt>] 30b077aed3SPierre Pronchery[B<-z>] 31b077aed3SPierre Pronchery[B<-md> I<digest>] 32b077aed3SPierre Pronchery[B<-iter> I<count>] 33b077aed3SPierre Pronchery[B<-pbkdf2>] 34b077aed3SPierre Pronchery[B<-p>] 35b077aed3SPierre Pronchery[B<-P>] 36b077aed3SPierre Pronchery[B<-bufsize> I<number>] 37b077aed3SPierre Pronchery[B<-nopad>] 38b077aed3SPierre Pronchery[B<-v>] 39b077aed3SPierre Pronchery[B<-debug>] 40b077aed3SPierre Pronchery[B<-none>] 41b077aed3SPierre Pronchery{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_r_synopsis -} 42b077aed3SPierre Pronchery{- $OpenSSL::safe::opt_provider_synopsis -} 43b077aed3SPierre Pronchery 44b077aed3SPierre ProncheryB<openssl> I<cipher> [B<...>] 45b077aed3SPierre Pronchery 46b077aed3SPierre Pronchery=head1 DESCRIPTION 47b077aed3SPierre Pronchery 48b077aed3SPierre ProncheryThe symmetric cipher commands allow data to be encrypted or decrypted 49b077aed3SPierre Proncheryusing various block and stream ciphers using keys based on passwords 50b077aed3SPierre Proncheryor explicitly provided. Base64 encoding or decoding can also be performed 51b077aed3SPierre Proncheryeither by itself or in addition to the encryption or decryption. 52b077aed3SPierre Pronchery 53b077aed3SPierre Pronchery=head1 OPTIONS 54b077aed3SPierre Pronchery 55b077aed3SPierre Pronchery=over 4 56b077aed3SPierre Pronchery 57b077aed3SPierre Pronchery=item B<-I<cipher>> 58b077aed3SPierre Pronchery 59b077aed3SPierre ProncheryThe cipher to use. 60b077aed3SPierre Pronchery 61b077aed3SPierre Pronchery=item B<-help> 62b077aed3SPierre Pronchery 63b077aed3SPierre ProncheryPrint out a usage message. 64b077aed3SPierre Pronchery 65b077aed3SPierre Pronchery=item B<-list> 66b077aed3SPierre Pronchery 67b077aed3SPierre ProncheryList all supported ciphers. 68b077aed3SPierre Pronchery 69b077aed3SPierre Pronchery=item B<-ciphers> 70b077aed3SPierre Pronchery 71b077aed3SPierre ProncheryAlias of -list to display all supported ciphers. 72b077aed3SPierre Pronchery 73b077aed3SPierre Pronchery=item B<-in> I<filename> 74b077aed3SPierre Pronchery 75b077aed3SPierre ProncheryThe input filename, standard input by default. 76b077aed3SPierre Pronchery 77b077aed3SPierre Pronchery=item B<-out> I<filename> 78b077aed3SPierre Pronchery 79b077aed3SPierre ProncheryThe output filename, standard output by default. 80b077aed3SPierre Pronchery 81b077aed3SPierre Pronchery=item B<-pass> I<arg> 82b077aed3SPierre Pronchery 83b077aed3SPierre ProncheryThe password source. For more information about the format of I<arg> 84b077aed3SPierre Proncherysee L<openssl-passphrase-options(1)>. 85b077aed3SPierre Pronchery 86b077aed3SPierre Pronchery=item B<-e> 87b077aed3SPierre Pronchery 88b077aed3SPierre ProncheryEncrypt the input data: this is the default. 89b077aed3SPierre Pronchery 90b077aed3SPierre Pronchery=item B<-d> 91b077aed3SPierre Pronchery 92b077aed3SPierre ProncheryDecrypt the input data. 93b077aed3SPierre Pronchery 94b077aed3SPierre Pronchery=item B<-a> 95b077aed3SPierre Pronchery 96b077aed3SPierre ProncheryBase64 process the data. This means that if encryption is taking place 97b077aed3SPierre Proncherythe data is base64 encoded after encryption. If decryption is set then 98b077aed3SPierre Proncherythe input data is base64 decoded before being decrypted. 99b077aed3SPierre Pronchery 100*a7148ab3SEnji CooperWhen the B<-A> option not given, 101*a7148ab3SEnji Cooperon encoding a newline is inserted after each 64 characters, and 102*a7148ab3SEnji Cooperon decoding a newline is expected among the first 1024 bytes of input. 103*a7148ab3SEnji Cooper 104b077aed3SPierre Pronchery=item B<-base64> 105b077aed3SPierre Pronchery 106b077aed3SPierre ProncherySame as B<-a> 107b077aed3SPierre Pronchery 108b077aed3SPierre Pronchery=item B<-A> 109b077aed3SPierre Pronchery 110*a7148ab3SEnji CooperIf the B<-a> option is set then base64 encoding produces output without any 111*a7148ab3SEnji Coopernewline character, and base64 decoding does not require any newlines. 112*a7148ab3SEnji CooperTherefore it can be helpful to use the B<-A> option when decoding unknown input. 113b077aed3SPierre Pronchery 114b077aed3SPierre Pronchery=item B<-k> I<password> 115b077aed3SPierre Pronchery 116b077aed3SPierre ProncheryThe password to derive the key from. This is for compatibility with previous 117b077aed3SPierre Proncheryversions of OpenSSL. Superseded by the B<-pass> argument. 118b077aed3SPierre Pronchery 119b077aed3SPierre Pronchery=item B<-kfile> I<filename> 120b077aed3SPierre Pronchery 121b077aed3SPierre ProncheryRead the password to derive the key from the first line of I<filename>. 122b077aed3SPierre ProncheryThis is for compatibility with previous versions of OpenSSL. Superseded by 123b077aed3SPierre Proncherythe B<-pass> argument. 124b077aed3SPierre Pronchery 125b077aed3SPierre Pronchery=item B<-md> I<digest> 126b077aed3SPierre Pronchery 127b077aed3SPierre ProncheryUse the specified digest to create the key from the passphrase. 128b077aed3SPierre ProncheryThe default algorithm is sha-256. 129b077aed3SPierre Pronchery 130b077aed3SPierre Pronchery=item B<-iter> I<count> 131b077aed3SPierre Pronchery 132b077aed3SPierre ProncheryUse a given number of iterations on the password in deriving the encryption key. 133b077aed3SPierre ProncheryHigh values increase the time required to brute-force the resulting file. 134b077aed3SPierre ProncheryThis option enables the use of PBKDF2 algorithm to derive the key. 135b077aed3SPierre Pronchery 136b077aed3SPierre Pronchery=item B<-pbkdf2> 137b077aed3SPierre Pronchery 138b077aed3SPierre ProncheryUse PBKDF2 algorithm with a default iteration count of 10000 139b077aed3SPierre Proncheryunless otherwise specified by the B<-iter> command line option. 140b077aed3SPierre Pronchery 141b077aed3SPierre Pronchery=item B<-nosalt> 142b077aed3SPierre Pronchery 143b077aed3SPierre ProncheryDon't use a salt in the key derivation routines. This option B<SHOULD NOT> be 144b077aed3SPierre Proncheryused except for test purposes or compatibility with ancient versions of 145b077aed3SPierre ProncheryOpenSSL. 146b077aed3SPierre Pronchery 147b077aed3SPierre Pronchery=item B<-salt> 148b077aed3SPierre Pronchery 149b077aed3SPierre ProncheryUse salt (randomly generated or provide with B<-S> option) when 150b077aed3SPierre Proncheryencrypting, this is the default. 151b077aed3SPierre Pronchery 152b077aed3SPierre Pronchery=item B<-S> I<salt> 153b077aed3SPierre Pronchery 154b077aed3SPierre ProncheryThe actual salt to use: this must be represented as a string of hex digits. 155b077aed3SPierre ProncheryIf this option is used while encrypting, the same exact value will be needed 156b077aed3SPierre Proncheryagain during decryption. 157b077aed3SPierre Pronchery 158b077aed3SPierre Pronchery=item B<-K> I<key> 159b077aed3SPierre Pronchery 160b077aed3SPierre ProncheryThe actual key to use: this must be represented as a string comprised only 161b077aed3SPierre Proncheryof hex digits. If only the key is specified, the IV must additionally specified 162b077aed3SPierre Proncheryusing the B<-iv> option. When both a key and a password are specified, the 163b077aed3SPierre Proncherykey given with the B<-K> option will be used and the IV generated from the 164b077aed3SPierre Proncherypassword will be taken. It does not make much sense to specify both key 165b077aed3SPierre Proncheryand password. 166b077aed3SPierre Pronchery 167b077aed3SPierre Pronchery=item B<-iv> I<IV> 168b077aed3SPierre Pronchery 169b077aed3SPierre ProncheryThe actual IV to use: this must be represented as a string comprised only 170b077aed3SPierre Proncheryof hex digits. When only the key is specified using the B<-K> option, the 171b077aed3SPierre ProncheryIV must explicitly be defined. When a password is being specified using 172b077aed3SPierre Proncheryone of the other options, the IV is generated from this password. 173b077aed3SPierre Pronchery 174b077aed3SPierre Pronchery=item B<-p> 175b077aed3SPierre Pronchery 176b077aed3SPierre ProncheryPrint out the key and IV used. 177b077aed3SPierre Pronchery 178b077aed3SPierre Pronchery=item B<-P> 179b077aed3SPierre Pronchery 180b077aed3SPierre ProncheryPrint out the key and IV used then immediately exit: don't do any encryption 181b077aed3SPierre Proncheryor decryption. 182b077aed3SPierre Pronchery 183b077aed3SPierre Pronchery=item B<-bufsize> I<number> 184b077aed3SPierre Pronchery 185b077aed3SPierre ProncherySet the buffer size for I/O. 186b077aed3SPierre Pronchery 187b077aed3SPierre Pronchery=item B<-nopad> 188b077aed3SPierre Pronchery 189b077aed3SPierre ProncheryDisable standard block padding. 190b077aed3SPierre Pronchery 191b077aed3SPierre Pronchery=item B<-v> 192b077aed3SPierre Pronchery 193b077aed3SPierre ProncheryVerbose print; display some statistics about I/O and buffer sizes. 194b077aed3SPierre Pronchery 195b077aed3SPierre Pronchery=item B<-debug> 196b077aed3SPierre Pronchery 197b077aed3SPierre ProncheryDebug the BIOs used for I/O. 198b077aed3SPierre Pronchery 199b077aed3SPierre Pronchery=item B<-z> 200b077aed3SPierre Pronchery 201b077aed3SPierre ProncheryCompress or decompress encrypted data using zlib after encryption or before 202b077aed3SPierre Proncherydecryption. This option exists only if OpenSSL was compiled with the zlib 203b077aed3SPierre Proncheryor zlib-dynamic option. 204b077aed3SPierre Pronchery 205b077aed3SPierre Pronchery=item B<-none> 206b077aed3SPierre Pronchery 207b077aed3SPierre ProncheryUse NULL cipher (no encryption or decryption of input). 208b077aed3SPierre Pronchery 209b077aed3SPierre Pronchery{- $OpenSSL::safe::opt_r_item -} 210b077aed3SPierre Pronchery 211b077aed3SPierre Pronchery{- $OpenSSL::safe::opt_provider_item -} 212b077aed3SPierre Pronchery 213b077aed3SPierre Pronchery{- $OpenSSL::safe::opt_engine_item -} 214b077aed3SPierre Pronchery 215b077aed3SPierre Pronchery=back 216b077aed3SPierre Pronchery 217b077aed3SPierre Pronchery=head1 NOTES 218b077aed3SPierre Pronchery 219b077aed3SPierre ProncheryThe program can be called either as C<openssl I<cipher>> or 220b077aed3SPierre ProncheryC<openssl enc -I<cipher>>. The first form doesn't work with 221b077aed3SPierre Proncheryengine-provided ciphers, because this form is processed before the 222b077aed3SPierre Proncheryconfiguration file is read and any ENGINEs loaded. 223b077aed3SPierre ProncheryUse the L<openssl-list(1)> command to get a list of supported ciphers. 224b077aed3SPierre Pronchery 225b077aed3SPierre ProncheryEngines which provide entirely new encryption algorithms (such as the ccgost 226b077aed3SPierre Proncheryengine which provides gost89 algorithm) should be configured in the 227b077aed3SPierre Proncheryconfiguration file. Engines specified on the command line using B<-engine> 228b077aed3SPierre Proncheryoption can only be used for hardware-assisted implementations of 229b077aed3SPierre Proncheryciphers which are supported by the OpenSSL core or another engine specified 230b077aed3SPierre Proncheryin the configuration file. 231b077aed3SPierre Pronchery 232b077aed3SPierre ProncheryWhen the enc command lists supported ciphers, ciphers provided by engines, 233b077aed3SPierre Proncheryspecified in the configuration files are listed too. 234b077aed3SPierre Pronchery 235b077aed3SPierre ProncheryA password will be prompted for to derive the key and IV if necessary. 236b077aed3SPierre Pronchery 237b077aed3SPierre ProncheryThe B<-salt> option should B<ALWAYS> be used if the key is being derived 238b077aed3SPierre Proncheryfrom a password unless you want compatibility with previous versions of 239b077aed3SPierre ProncheryOpenSSL. 240b077aed3SPierre Pronchery 241b077aed3SPierre ProncheryWithout the B<-salt> option it is possible to perform efficient dictionary 242b077aed3SPierre Proncheryattacks on the password and to attack stream cipher encrypted data. The reason 243b077aed3SPierre Proncheryfor this is that without the salt the same password always generates the same 244b077aed3SPierre Proncheryencryption key. 245b077aed3SPierre Pronchery 246b077aed3SPierre ProncheryWhen the salt is generated at random (that means when encrypting using a 247b077aed3SPierre Proncherypassphrase without explicit salt given using B<-S> option), the first bytes 248b077aed3SPierre Proncheryof the encrypted data are reserved to store the salt for later decrypting. 249b077aed3SPierre Pronchery 250b077aed3SPierre ProncherySome of the ciphers do not have large keys and others have security 251b077aed3SPierre Proncheryimplications if not used correctly. A beginner is advised to just use 252b077aed3SPierre Proncherya strong block cipher, such as AES, in CBC mode. 253b077aed3SPierre Pronchery 254b077aed3SPierre ProncheryAll the block ciphers normally use PKCS#5 padding, also known as standard 255b077aed3SPierre Proncheryblock padding. This allows a rudimentary integrity or password check to 256b077aed3SPierre Proncherybe performed. However, since the chance of random data passing the test 257b077aed3SPierre Proncheryis better than 1 in 256 it isn't a very good test. 258b077aed3SPierre Pronchery 259b077aed3SPierre ProncheryIf padding is disabled then the input data must be a multiple of the cipher 260b077aed3SPierre Proncheryblock length. 261b077aed3SPierre Pronchery 262b077aed3SPierre ProncheryAll RC2 ciphers have the same key and effective key length. 263b077aed3SPierre Pronchery 264b077aed3SPierre ProncheryBlowfish and RC5 algorithms use a 128 bit key. 265b077aed3SPierre Pronchery 266b077aed3SPierre ProncheryPlease note that OpenSSL 3.0 changed the effect of the B<-S> option. 267b077aed3SPierre ProncheryAny explicit salt value specified via this option is no longer prepended to the 268b077aed3SPierre Proncheryciphertext when encrypting, and must again be explicitly provided when decrypting. 269b077aed3SPierre ProncheryConversely, when the B<-S> option is used during decryption, the ciphertext 270b077aed3SPierre Proncheryis expected to not have a prepended salt value. 271b077aed3SPierre Pronchery 272b077aed3SPierre ProncheryWhen using OpenSSL 3.0 or later to decrypt data that was encrypted with an 273b077aed3SPierre Proncheryexplicit salt under OpenSSL 1.1.1 do not use the B<-S> option, the salt will 274b077aed3SPierre Proncherythen be read from the ciphertext. 275b077aed3SPierre ProncheryTo generate ciphertext that can be decrypted with OpenSSL 1.1.1 do not use 276b077aed3SPierre Proncherythe B<-S> option, the salt will be then be generated randomly and prepended 277b077aed3SPierre Proncheryto the output. 278b077aed3SPierre Pronchery 279b077aed3SPierre Pronchery=head1 SUPPORTED CIPHERS 280b077aed3SPierre Pronchery 281b077aed3SPierre ProncheryNote that some of these ciphers can be disabled at compile time 282b077aed3SPierre Proncheryand some are available only if an appropriate engine is configured 283b077aed3SPierre Proncheryin the configuration file. The output when invoking this command 284b077aed3SPierre Proncherywith the B<-list> option (that is C<openssl enc -list>) is 285b077aed3SPierre Proncherya list of ciphers, supported by your version of OpenSSL, including 286b077aed3SPierre Proncheryones provided by configured engines. 287b077aed3SPierre Pronchery 288b077aed3SPierre ProncheryThis command does not support authenticated encryption modes 289b077aed3SPierre Proncherylike CCM and GCM, and will not support such modes in the future. 290b077aed3SPierre ProncheryThis is due to having to begin streaming output (e.g., to standard output 291b077aed3SPierre Proncherywhen B<-out> is not used) before the authentication tag could be validated. 292b077aed3SPierre ProncheryWhen this command is used in a pipeline, the receiving end will not be 293b077aed3SPierre Proncheryable to roll back upon authentication failure. The AEAD modes currently in 294b077aed3SPierre Proncherycommon use also suffer from catastrophic failure of confidentiality and/or 295b077aed3SPierre Proncheryintegrity upon reuse of key/iv/nonce, and since B<openssl enc> places the 296b077aed3SPierre Proncheryentire burden of key/iv/nonce management upon the user, the risk of 297b077aed3SPierre Proncheryexposing AEAD modes is too great to allow. These key/iv/nonce 298b077aed3SPierre Proncherymanagement issues also affect other modes currently exposed in this command, 299b077aed3SPierre Proncherybut the failure modes are less extreme in these cases, and the 300b077aed3SPierre Proncheryfunctionality cannot be removed with a stable release branch. 301b077aed3SPierre ProncheryFor bulk encryption of data, whether using authenticated encryption 302b077aed3SPierre Proncherymodes or other modes, L<openssl-cms(1)> is recommended, as it provides a 303b077aed3SPierre Proncherystandard data format and performs the needed key/iv/nonce management. 304b077aed3SPierre Pronchery 305b077aed3SPierre Pronchery 306b077aed3SPierre Pronchery base64 Base 64 307b077aed3SPierre Pronchery 308b077aed3SPierre Pronchery bf-cbc Blowfish in CBC mode 309b077aed3SPierre Pronchery bf Alias for bf-cbc 310b077aed3SPierre Pronchery blowfish Alias for bf-cbc 311b077aed3SPierre Pronchery bf-cfb Blowfish in CFB mode 312b077aed3SPierre Pronchery bf-ecb Blowfish in ECB mode 313b077aed3SPierre Pronchery bf-ofb Blowfish in OFB mode 314b077aed3SPierre Pronchery 315b077aed3SPierre Pronchery cast-cbc CAST in CBC mode 316b077aed3SPierre Pronchery cast Alias for cast-cbc 317b077aed3SPierre Pronchery cast5-cbc CAST5 in CBC mode 318b077aed3SPierre Pronchery cast5-cfb CAST5 in CFB mode 319b077aed3SPierre Pronchery cast5-ecb CAST5 in ECB mode 320b077aed3SPierre Pronchery cast5-ofb CAST5 in OFB mode 321b077aed3SPierre Pronchery 322b077aed3SPierre Pronchery chacha20 ChaCha20 algorithm 323b077aed3SPierre Pronchery 324b077aed3SPierre Pronchery des-cbc DES in CBC mode 325b077aed3SPierre Pronchery des Alias for des-cbc 326b077aed3SPierre Pronchery des-cfb DES in CFB mode 327b077aed3SPierre Pronchery des-ofb DES in OFB mode 328b077aed3SPierre Pronchery des-ecb DES in ECB mode 329b077aed3SPierre Pronchery 330b077aed3SPierre Pronchery des-ede-cbc Two key triple DES EDE in CBC mode 331b077aed3SPierre Pronchery des-ede Two key triple DES EDE in ECB mode 332b077aed3SPierre Pronchery des-ede-cfb Two key triple DES EDE in CFB mode 333b077aed3SPierre Pronchery des-ede-ofb Two key triple DES EDE in OFB mode 334b077aed3SPierre Pronchery 335b077aed3SPierre Pronchery des-ede3-cbc Three key triple DES EDE in CBC mode 336b077aed3SPierre Pronchery des-ede3 Three key triple DES EDE in ECB mode 337b077aed3SPierre Pronchery des3 Alias for des-ede3-cbc 338b077aed3SPierre Pronchery des-ede3-cfb Three key triple DES EDE CFB mode 339b077aed3SPierre Pronchery des-ede3-ofb Three key triple DES EDE in OFB mode 340b077aed3SPierre Pronchery 341b077aed3SPierre Pronchery desx DESX algorithm. 342b077aed3SPierre Pronchery 343b077aed3SPierre Pronchery gost89 GOST 28147-89 in CFB mode (provided by ccgost engine) 344b077aed3SPierre Pronchery gost89-cnt GOST 28147-89 in CNT mode (provided by ccgost engine) 345b077aed3SPierre Pronchery 346b077aed3SPierre Pronchery idea-cbc IDEA algorithm in CBC mode 347b077aed3SPierre Pronchery idea same as idea-cbc 348b077aed3SPierre Pronchery idea-cfb IDEA in CFB mode 349b077aed3SPierre Pronchery idea-ecb IDEA in ECB mode 350b077aed3SPierre Pronchery idea-ofb IDEA in OFB mode 351b077aed3SPierre Pronchery 352b077aed3SPierre Pronchery rc2-cbc 128 bit RC2 in CBC mode 353b077aed3SPierre Pronchery rc2 Alias for rc2-cbc 354b077aed3SPierre Pronchery rc2-cfb 128 bit RC2 in CFB mode 355b077aed3SPierre Pronchery rc2-ecb 128 bit RC2 in ECB mode 356b077aed3SPierre Pronchery rc2-ofb 128 bit RC2 in OFB mode 357b077aed3SPierre Pronchery rc2-64-cbc 64 bit RC2 in CBC mode 358b077aed3SPierre Pronchery rc2-40-cbc 40 bit RC2 in CBC mode 359b077aed3SPierre Pronchery 360b077aed3SPierre Pronchery rc4 128 bit RC4 361b077aed3SPierre Pronchery rc4-64 64 bit RC4 362b077aed3SPierre Pronchery rc4-40 40 bit RC4 363b077aed3SPierre Pronchery 364b077aed3SPierre Pronchery rc5-cbc RC5 cipher in CBC mode 365b077aed3SPierre Pronchery rc5 Alias for rc5-cbc 366b077aed3SPierre Pronchery rc5-cfb RC5 cipher in CFB mode 367b077aed3SPierre Pronchery rc5-ecb RC5 cipher in ECB mode 368b077aed3SPierre Pronchery rc5-ofb RC5 cipher in OFB mode 369b077aed3SPierre Pronchery 370b077aed3SPierre Pronchery seed-cbc SEED cipher in CBC mode 371b077aed3SPierre Pronchery seed Alias for seed-cbc 372b077aed3SPierre Pronchery seed-cfb SEED cipher in CFB mode 373b077aed3SPierre Pronchery seed-ecb SEED cipher in ECB mode 374b077aed3SPierre Pronchery seed-ofb SEED cipher in OFB mode 375b077aed3SPierre Pronchery 376b077aed3SPierre Pronchery sm4-cbc SM4 cipher in CBC mode 377b077aed3SPierre Pronchery sm4 Alias for sm4-cbc 378b077aed3SPierre Pronchery sm4-cfb SM4 cipher in CFB mode 379b077aed3SPierre Pronchery sm4-ctr SM4 cipher in CTR mode 380b077aed3SPierre Pronchery sm4-ecb SM4 cipher in ECB mode 381b077aed3SPierre Pronchery sm4-ofb SM4 cipher in OFB mode 382b077aed3SPierre Pronchery 383b077aed3SPierre Pronchery aes-[128|192|256]-cbc 128/192/256 bit AES in CBC mode 384b077aed3SPierre Pronchery aes[128|192|256] Alias for aes-[128|192|256]-cbc 385b077aed3SPierre Pronchery aes-[128|192|256]-cfb 128/192/256 bit AES in 128 bit CFB mode 386b077aed3SPierre Pronchery aes-[128|192|256]-cfb1 128/192/256 bit AES in 1 bit CFB mode 387b077aed3SPierre Pronchery aes-[128|192|256]-cfb8 128/192/256 bit AES in 8 bit CFB mode 388b077aed3SPierre Pronchery aes-[128|192|256]-ctr 128/192/256 bit AES in CTR mode 389b077aed3SPierre Pronchery aes-[128|192|256]-ecb 128/192/256 bit AES in ECB mode 390b077aed3SPierre Pronchery aes-[128|192|256]-ofb 128/192/256 bit AES in OFB mode 391b077aed3SPierre Pronchery 392b077aed3SPierre Pronchery aria-[128|192|256]-cbc 128/192/256 bit ARIA in CBC mode 393b077aed3SPierre Pronchery aria[128|192|256] Alias for aria-[128|192|256]-cbc 394b077aed3SPierre Pronchery aria-[128|192|256]-cfb 128/192/256 bit ARIA in 128 bit CFB mode 395b077aed3SPierre Pronchery aria-[128|192|256]-cfb1 128/192/256 bit ARIA in 1 bit CFB mode 396b077aed3SPierre Pronchery aria-[128|192|256]-cfb8 128/192/256 bit ARIA in 8 bit CFB mode 397b077aed3SPierre Pronchery aria-[128|192|256]-ctr 128/192/256 bit ARIA in CTR mode 398b077aed3SPierre Pronchery aria-[128|192|256]-ecb 128/192/256 bit ARIA in ECB mode 399b077aed3SPierre Pronchery aria-[128|192|256]-ofb 128/192/256 bit ARIA in OFB mode 400b077aed3SPierre Pronchery 401b077aed3SPierre Pronchery camellia-[128|192|256]-cbc 128/192/256 bit Camellia in CBC mode 402b077aed3SPierre Pronchery camellia[128|192|256] Alias for camellia-[128|192|256]-cbc 403b077aed3SPierre Pronchery camellia-[128|192|256]-cfb 128/192/256 bit Camellia in 128 bit CFB mode 404b077aed3SPierre Pronchery camellia-[128|192|256]-cfb1 128/192/256 bit Camellia in 1 bit CFB mode 405b077aed3SPierre Pronchery camellia-[128|192|256]-cfb8 128/192/256 bit Camellia in 8 bit CFB mode 406b077aed3SPierre Pronchery camellia-[128|192|256]-ctr 128/192/256 bit Camellia in CTR mode 407b077aed3SPierre Pronchery camellia-[128|192|256]-ecb 128/192/256 bit Camellia in ECB mode 408b077aed3SPierre Pronchery camellia-[128|192|256]-ofb 128/192/256 bit Camellia in OFB mode 409b077aed3SPierre Pronchery 410b077aed3SPierre Pronchery=head1 EXAMPLES 411b077aed3SPierre Pronchery 412b077aed3SPierre ProncheryJust base64 encode a binary file: 413b077aed3SPierre Pronchery 414b077aed3SPierre Pronchery openssl base64 -in file.bin -out file.b64 415b077aed3SPierre Pronchery 416b077aed3SPierre ProncheryDecode the same file 417b077aed3SPierre Pronchery 418b077aed3SPierre Pronchery openssl base64 -d -in file.b64 -out file.bin 419b077aed3SPierre Pronchery 420b077aed3SPierre ProncheryEncrypt a file using AES-128 using a prompted password 421b077aed3SPierre Proncheryand PBKDF2 key derivation: 422b077aed3SPierre Pronchery 423b077aed3SPierre Pronchery openssl enc -aes128 -pbkdf2 -in file.txt -out file.aes128 424b077aed3SPierre Pronchery 425b077aed3SPierre ProncheryDecrypt a file using a supplied password: 426b077aed3SPierre Pronchery 427b077aed3SPierre Pronchery openssl enc -aes128 -pbkdf2 -d -in file.aes128 -out file.txt \ 428b077aed3SPierre Pronchery -pass pass:<password> 429b077aed3SPierre Pronchery 430b077aed3SPierre ProncheryEncrypt a file then base64 encode it (so it can be sent via mail for example) 431b077aed3SPierre Proncheryusing AES-256 in CTR mode and PBKDF2 key derivation: 432b077aed3SPierre Pronchery 433b077aed3SPierre Pronchery openssl enc -aes-256-ctr -pbkdf2 -a -in file.txt -out file.aes256 434b077aed3SPierre Pronchery 435b077aed3SPierre ProncheryBase64 decode a file then decrypt it using a password supplied in a file: 436b077aed3SPierre Pronchery 437b077aed3SPierre Pronchery openssl enc -aes-256-ctr -pbkdf2 -d -a -in file.aes256 -out file.txt \ 438b077aed3SPierre Pronchery -pass file:<passfile> 439b077aed3SPierre Pronchery 440b077aed3SPierre Pronchery=head1 BUGS 441b077aed3SPierre Pronchery 442b077aed3SPierre ProncheryThe B<-A> option when used with large files doesn't work properly. 443*a7148ab3SEnji CooperOn the other hand, when base64 decoding without the B<-A> option, 444*a7148ab3SEnji Cooperif the first 1024 bytes of input do not include a newline character 445*a7148ab3SEnji Cooperthe first two lines of input are ignored. 446b077aed3SPierre Pronchery 447b077aed3SPierre ProncheryThe B<openssl enc> command only supports a fixed number of algorithms with 448b077aed3SPierre Proncherycertain parameters. So if, for example, you want to use RC2 with a 449b077aed3SPierre Pronchery76 bit key or RC4 with an 84 bit key you can't use this program. 450b077aed3SPierre Pronchery 451b077aed3SPierre Pronchery=head1 HISTORY 452b077aed3SPierre Pronchery 453b077aed3SPierre ProncheryThe default digest was changed from MD5 to SHA256 in OpenSSL 1.1.0. 454b077aed3SPierre Pronchery 455b077aed3SPierre ProncheryThe B<-list> option was added in OpenSSL 1.1.1e. 456b077aed3SPierre Pronchery 457b077aed3SPierre ProncheryThe B<-ciphers> and B<-engine> options were deprecated in OpenSSL 3.0. 458b077aed3SPierre Pronchery 459b077aed3SPierre Pronchery=head1 COPYRIGHT 460b077aed3SPierre Pronchery 461*a7148ab3SEnji CooperCopyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved. 462b077aed3SPierre Pronchery 463b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 464b077aed3SPierre Proncherythis file except in compliance with the License. You can obtain a copy 465b077aed3SPierre Proncheryin the file LICENSE in the source distribution or at 466b077aed3SPierre ProncheryL<https://www.openssl.org/source/license.html>. 467b077aed3SPierre Pronchery 468b077aed3SPierre Pronchery=cut 469