1CLAES(1) Cryptlib Tools CLAES(1)
2
6 claes - conventional encryption tool interoperating with gpg and
7 openssl
8
10 claes [-debug] [-cms | -openssl [-128]] [OPTION] [FILE | -]
11
13 claes encrypts or decrypts data in OpenPGP format, CMS format and
14 OPENSSL format using files or standard input with a passphrase-based
15 AES cipher. If no FILE or "-" is given, data is read from standard in‐
16 put. The size of any input data is limited to 150 MByte. The default
17 mode of operation is encryption with the ciphertext stored base64-en‐
18 coded in the OpenPGP format. To decrypt base64-encoded or binary input
19 data the option "-decrypt" must be used.
20 All input data is processed AS IS and is treated internally as binary
22 data with no changes. For every encryption or decryption a user-pro‐
23 vided passphrase is read from the terminal in which claes is run. So
24 claes always works interactively. There is deliberately no public-key-
25 cryptography build into claes. If you need those, please use clrsa and
26 clkeys.
27
30 -help display this help and exit
31 -version
33 output version information and exit
34 -debug
36 print debugging information to stderr
37 -cms produce CMS enveloped and encrypted data instead of OpenPGP (de‐
39 fault)
40 -openssl
42 produce encrypted data using pbkdf2 in openssl format
43 -128 forces the use of 128 bit AES keys in conjunction with -openssl
45 (256 bits is the default)
46 -decrypt
48 decrypts an encrypted message (default is encrypt)
49
51 Full documentation <https://senderek.ie/cryptlib/tools>
52 This program depends on two packages providing the cryptlib shared ob‐
54 ject library and the python3-bindings to this library.
55 You can download both packages in RPM or DEB format at
57 https://senderek.ie/cryptlib/downloads
58 Using FEDORA you can install the packages cryptlib and cryptlib-python3
60 directly from the repository.
61 In addition the program /bin/systemd-ask-password is needed to read
63 sensible data from stdin. This program is part of the systemd package.
64
67 gpg2
68 Without any options claes produces OpenPGP (base64-encoded) en‐
70 crypted messages using AES-128. It can decrypt any messages
71 (ascii or binary) produced by GnuPG with the following ciphers:
72 AES, AES192, AES256, 3DES and CAST-128.
73 openssl
76 In OpenSSL mode claes writes (base64-encoded) encrypted messages
78 in the proprietary OpenSSL format using AES256 as the default.
79 These messages can be decrypted with openssl :
81 openssl aes-256-cbc -pbkdf2 -d -a -in FILE.asc
82 The use of AES-128 can be forced by the additional option -128
84 both for encryption or decryption of OpenSSL messages.
85 CMS
88 In CMS mode claes produces PKCS#7 formated (base64-encoded) en‐
90 veloped and encrypted messages.
91
94 /usr/bin/systemd-ask-password
95 This program is used to provide the passphrase based on a user's
96 input.
97 /lib64/libcl.so.3.4.6
99 The cryptlib library.
100 /usr/lib/python3.10/site-packages/cryptlib_py.so
102 Bindings to the cryptlib library used by python3.
103
105 Please report bugs to innovation@senderek.ie
106
109 claes is written by Ralf Senderek <innovation@senderek.ie>.
110 Cryptlib is written and maintained by Peter Gutmann <pgut001@cs.auckland.ac.nz>
111
114 Copyright © 2022 Ralf Senderek. All rights reserved.
115 License BSD: <https://senderek.ie/cryptlib/bsd.html>.
117 This is free software: you are free to change and redistribute it.
118 There is NO WARRANTY, to the extent permitted by law.
119
122 cryptlib, clrsa, clkeys
123Cryptlib Tools June 2022 CLAES(1)