1=pod 2 3=head1 NAME 4 5enc - symmetric cipher routines 6 7=head1 SYNOPSIS 8 9B<openssl enc -ciphername> 10[B<-in filename>] 11[B<-out filename>] 12[B<-pass arg>] 13[B<-e>] 14[B<-d>] 15[B<-a/-base64>] 16[B<-A>] 17[B<-k password>] 18[B<-kfile filename>] 19[B<-K key>] 20[B<-iv IV>] 21[B<-S salt>] 22[B<-salt>] 23[B<-nosalt>] 24[B<-z>] 25[B<-md>] 26[B<-p>] 27[B<-P>] 28[B<-bufsize number>] 29[B<-nopad>] 30[B<-debug>] 31[B<-none>] 32[B<-engine id>] 33 34=head1 DESCRIPTION 35 36The symmetric cipher commands allow data to be encrypted or decrypted 37using various block and stream ciphers using keys based on passwords 38or explicitly provided. Base64 encoding or decoding can also be performed 39either by itself or in addition to the encryption or decryption. 40 41=head1 OPTIONS 42 43=over 4 44 45=item B<-in filename> 46 47the input filename, standard input by default. 48 49=item B<-out filename> 50 51the output filename, standard output by default. 52 53=item B<-pass arg> 54 55the password source. For more information about the format of B<arg> 56see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. 57 58=item B<-salt> 59 60use a salt in the key derivation routines. This is the default. 61 62=item B<-nosalt> 63 64don't use a salt in the key derivation routines. This option B<SHOULD NOT> be 65used except for test purposes or compatibility with ancient versions of OpenSSL 66and SSLeay. 67 68=item B<-e> 69 70encrypt the input data: this is the default. 71 72=item B<-d> 73 74decrypt the input data. 75 76=item B<-a> 77 78base64 process the data. This means that if encryption is taking place 79the data is base64 encoded after encryption. If decryption is set then 80the input data is base64 decoded before being decrypted. 81 82=item B<-base64> 83 84same as B<-a> 85 86=item B<-A> 87 88if the B<-a> option is set then base64 process the data on one line. 89 90=item B<-k password> 91 92the password to derive the key from. This is for compatibility with previous 93versions of OpenSSL. Superseded by the B<-pass> argument. 94 95=item B<-kfile filename> 96 97read the password to derive the key from the first line of B<filename>. 98This is for compatibility with previous versions of OpenSSL. Superseded by 99the B<-pass> argument. 100 101=item B<-nosalt> 102 103do not use a salt 104 105=item B<-salt> 106 107use salt (randomly generated or provide with B<-S> option) when 108encrypting (this is the default). 109 110=item B<-S salt> 111 112the actual salt to use: this must be represented as a string of hex digits. 113 114=item B<-K key> 115 116the actual key to use: this must be represented as a string comprised only 117of hex digits. If only the key is specified, the IV must additionally specified 118using the B<-iv> option. When both a key and a password are specified, the 119key given with the B<-K> option will be used and the IV generated from the 120password will be taken. It probably does not make much sense to specify 121both key and password. 122 123=item B<-iv IV> 124 125the actual IV to use: this must be represented as a string comprised only 126of hex digits. When only the key is specified using the B<-K> option, the 127IV must explicitly be defined. When a password is being specified using 128one of the other options, the IV is generated from this password. 129 130=item B<-p> 131 132print out the key and IV used. 133 134=item B<-P> 135 136print out the key and IV used then immediately exit: don't do any encryption 137or decryption. 138 139=item B<-bufsize number> 140 141set the buffer size for I/O 142 143=item B<-nopad> 144 145disable standard block padding 146 147=item B<-debug> 148 149debug the BIOs used for I/O. 150 151=item B<-z> 152 153Compress or decompress clear text using zlib before encryption or after 154decryption. This option exists only if OpenSSL with compiled with zlib 155or zlib-dynamic option. 156 157=item B<-none> 158 159Use NULL cipher (no encryption or decryption of input). 160 161=back 162 163=head1 NOTES 164 165The program can be called either as B<openssl ciphername> or 166B<openssl enc -ciphername>. But the first form doesn't work with 167engine-provided ciphers, because this form is processed before the 168configuration file is read and any ENGINEs loaded. 169 170Engines which provide entirely new encryption algorithms (such as ccgost 171engine which provides gost89 algorithm) should be configured in the 172configuration file. Engines, specified in the command line using -engine 173options can only be used for hadrware-assisted implementations of 174ciphers, which are supported by OpenSSL core or other engine, specified 175in the configuration file. 176 177When enc command lists supported ciphers, ciphers provided by engines, 178specified in the configuration files are listed too. 179 180A password will be prompted for to derive the key and IV if necessary. 181 182The B<-salt> option should B<ALWAYS> be used if the key is being derived 183from a password unless you want compatibility with previous versions of 184OpenSSL and SSLeay. 185 186Without the B<-salt> option it is possible to perform efficient dictionary 187attacks on the password and to attack stream cipher encrypted data. The reason 188for this is that without the salt the same password always generates the same 189encryption key. When the salt is being used the first eight bytes of the 190encrypted data are reserved for the salt: it is generated at random when 191encrypting a file and read from the encrypted file when it is decrypted. 192 193Some of the ciphers do not have large keys and others have security 194implications if not used correctly. A beginner is advised to just use 195a strong block cipher in CBC mode such as bf or des3. 196 197All the block ciphers normally use PKCS#5 padding also known as standard block 198padding: this allows a rudimentary integrity or password check to be 199performed. However since the chance of random data passing the test is 200better than 1 in 256 it isn't a very good test. 201 202If padding is disabled then the input data must be a multiple of the cipher 203block length. 204 205All RC2 ciphers have the same key and effective key length. 206 207Blowfish and RC5 algorithms use a 128 bit key. 208 209=head1 SUPPORTED CIPHERS 210 211Note that some of these ciphers can be disabled at compile time 212and some are available only if an appropriate engine is configured 213in the configuration file. The output of the B<enc> command run with 214unsupported options (for example B<openssl enc -help>) includes a 215list of ciphers, supported by your versesion of OpenSSL, including 216ones provided by configured engines. 217 218 219 base64 Base 64 220 221 bf-cbc Blowfish in CBC mode 222 bf Alias for bf-cbc 223 bf-cfb Blowfish in CFB mode 224 bf-ecb Blowfish in ECB mode 225 bf-ofb Blowfish in OFB mode 226 227 cast-cbc CAST in CBC mode 228 cast Alias for cast-cbc 229 cast5-cbc CAST5 in CBC mode 230 cast5-cfb CAST5 in CFB mode 231 cast5-ecb CAST5 in ECB mode 232 cast5-ofb CAST5 in OFB mode 233 234 des-cbc DES in CBC mode 235 des Alias for des-cbc 236 des-cfb DES in CBC mode 237 des-ofb DES in OFB mode 238 des-ecb DES in ECB mode 239 240 des-ede-cbc Two key triple DES EDE in CBC mode 241 des-ede Two key triple DES EDE in ECB mode 242 des-ede-cfb Two key triple DES EDE in CFB mode 243 des-ede-ofb Two key triple DES EDE in OFB mode 244 245 des-ede3-cbc Three key triple DES EDE in CBC mode 246 des-ede3 Three key triple DES EDE in ECB mode 247 des3 Alias for des-ede3-cbc 248 des-ede3-cfb Three key triple DES EDE CFB mode 249 des-ede3-ofb Three key triple DES EDE in OFB mode 250 251 desx DESX algorithm. 252 253 gost89 GOST 28147-89 in CFB mode (provided by ccgost engine) 254 gost89-cnt `GOST 28147-89 in CNT mode (provided by ccgost engine) 255 256 idea-cbc IDEA algorithm in CBC mode 257 idea same as idea-cbc 258 idea-cfb IDEA in CFB mode 259 idea-ecb IDEA in ECB mode 260 idea-ofb IDEA in OFB mode 261 262 rc2-cbc 128 bit RC2 in CBC mode 263 rc2 Alias for rc2-cbc 264 rc2-cfb 128 bit RC2 in CFB mode 265 rc2-ecb 128 bit RC2 in ECB mode 266 rc2-ofb 128 bit RC2 in OFB mode 267 rc2-64-cbc 64 bit RC2 in CBC mode 268 rc2-40-cbc 40 bit RC2 in CBC mode 269 270 rc4 128 bit RC4 271 rc4-64 64 bit RC4 272 rc4-40 40 bit RC4 273 274 rc5-cbc RC5 cipher in CBC mode 275 rc5 Alias for rc5-cbc 276 rc5-cfb RC5 cipher in CFB mode 277 rc5-ecb RC5 cipher in ECB mode 278 rc5-ofb RC5 cipher in OFB mode 279 280 aes-[128|192|256]-cbc 128/192/256 bit AES in CBC mode 281 aes-[128|192|256] Alias for aes-[128|192|256]-cbc 282 aes-[128|192|256]-cfb 128/192/256 bit AES in 128 bit CFB mode 283 aes-[128|192|256]-cfb1 128/192/256 bit AES in 1 bit CFB mode 284 aes-[128|192|256]-cfb8 128/192/256 bit AES in 8 bit CFB mode 285 aes-[128|192|256]-ecb 128/192/256 bit AES in ECB mode 286 aes-[128|192|256]-ofb 128/192/256 bit AES in OFB mode 287 288=head1 EXAMPLES 289 290Just base64 encode a binary file: 291 292 openssl base64 -in file.bin -out file.b64 293 294Decode the same file 295 296 openssl base64 -d -in file.b64 -out file.bin 297 298Encrypt a file using triple DES in CBC mode using a prompted password: 299 300 openssl des3 -salt -in file.txt -out file.des3 301 302Decrypt a file using a supplied password: 303 304 openssl des3 -d -salt -in file.des3 -out file.txt -k mypassword 305 306Encrypt a file then base64 encode it (so it can be sent via mail for example) 307using Blowfish in CBC mode: 308 309 openssl bf -a -salt -in file.txt -out file.bf 310 311Base64 decode a file then decrypt it: 312 313 openssl bf -d -salt -a -in file.bf -out file.txt 314 315Decrypt some data using a supplied 40 bit RC4 key: 316 317 openssl rc4-40 -in file.rc4 -out file.txt -K 0102030405 318 319=head1 BUGS 320 321The B<-A> option when used with large files doesn't work properly. 322 323There should be an option to allow an iteration count to be included. 324 325The B<enc> program only supports a fixed number of algorithms with 326certain parameters. So if, for example, you want to use RC2 with a 32776 bit key or RC4 with an 84 bit key you can't use this program. 328 329=cut 330