1.\" Copyright (c) 2008 Peter Pentchev 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.Dd June 8, 2008 26.Dt AESCRYPT 1 27.Os 28.Sh NAME 29.Nm aescrypt 30.Nd encrypt data using Rijndael, the Advanced Encryption Standard winner 31.Sh SYNOPSIS 32.Nm 33.Fl k 34.Ar keyfile 35.Op Fl s Ar keysize 36.Sh DESCRIPTION 37The 38.Nm 39utility encrypts data using the Rijndael algorithm, the winner of 40the Advanced Encryption Standard (AES) competition. 41The encryption is done in Cipher Block Feedback (CFB-128) mode, with 42the salt randomly generated from data read from the 43.Pa /dev/urandom 44device. 45The plaintext data is read from standard input and the encrypted data 46is written to standard output. 47.Pp 48The encryption key may be read from standard input or from a file, 49depending on the argument passed to the 50.Fl k 51command-line option. 52If 53.Dq - 54is used as a filename, the 55.Nm 56utility reads as many hexadecimal digits as needed from standard input 57and then one additional byte to allow for a newline separating the key 58from the actual data to be encrypted. 59If the filename is not 60.Dq - , 61the 62.Nm 63utility opens the specified file and reads text lines from it until 64a line starting with the characters 65.Li kk= 66is reached. 67Those characters should be immediately followed by as many hexadecimal 68digits as needed; the rest of the line, as well as the rest of the file, 69is ignored. 70.Pp 71The encryption key may be 128, 192, or 256 bits long. 72By default, the 73.Nm 74utility uses (and expects to read) a 128-bit key, unless a different size 75is supplied by the 76.Fl s Ar keysize 77command-line option. 78.Pp 79The 80.Nm 81utility reads 16 bytes (128 bits) from the 82.Pa /dev/urandom 83device to initialize the salt for the CFB-128 encryption. 84The salt is prepended to the encrypted data in the output. 85.Sh EXAMPLES 86Generate a random 128-bit value and store it into a keyfile suitable for the 87.Nm 88utility: 89.Pp 90.Dl perl -e 'open(F, \&"<", \&"/dev/random") or die(\&"$!\en"); read(F, $s, 32); print \&"kk=".unpack("H*", $s).\&"\en"' 91.Pp 92Encrypt the contents of the 93.Pa /etc/hosts 94file with the generated (128-bit by default) key: 95.Pp 96.Dl aescrypt -k key.txt < /etc/hosts > hosts.aes 97.Pp 98Encrypt a string with a 192-bit key supplied directly: 99.Pp 100.Dl (echo '012345678901234567890123456789012345678901234567'; echo 'This is a test.') | ./aescrypt -s 192 -k - > test.aes 101.Sh SEE ALSO 102.Xr aesget 1 103.Pp 104The SourceForge project page: http://sourceforge.net/projects/aescrypt/ 105.Sh HISTORY 106The 107.Nm 108utility was written by 109.An Eric Lee Green , 110and was modified to use Rijndael rather than Twofish by 111.An Randy Kaelber . 112It uses the freely available Rijndael implementation by 113.An Antoon Bosselaers 114and 115.An Vincent Rijmen . 116This manual page was written by 117.An Peter Pentchev 118in 2008. 119.Sh AUTHORS 120The 121.Nm 122utility - 123.An -nosplit 124.An Eric Lee Green 125.Aq eric@badtux.org , 126.An Randy Kaelber 127.Aq randyk@sourceforge.net . 128.Pp 129The manual page - 130.An Peter Pentchev 131.Aq roam@ringlet.net . 132