1ENC(1) OpenSSL ENC(1)
2
6 enc - symmetric cipher routines
7
9 openssl enc -ciphername [-in filename] [-out filename] [-pass arg] [-e]
10 [-d] [-a] [-A] [-k password] [-kfile filename] [-K key] [-iv IV] [-p]
11 [-P] [-bufsize number] [-nopad] [-debug]
12
14 The symmetric cipher commands allow data to be encrypted or decrypted
15 using various block and stream ciphers using keys based on passwords or
16 explicitly provided. Base64 encoding or decoding can also be performed
17 either by itself or in addition to the encryption or decryption.
18
20 -in filename
21 the input filename, standard input by default.
22 -out filename
24 the output filename, standard output by default.
25 -pass arg
27 the password source. For more information about the format of arg
28 see the PASS PHRASE ARGUMENTS section in openssl(1).
29 -salt
31 use a salt in the key derivation routines. This option should
32 ALWAYS be used unless compatibility with previous versions of
33 OpenSSL or SSLeay is required. This option is only present on
34 OpenSSL versions 0.9.5 or above.
35 -nosalt
37 don't use a salt in the key derivation routines. This is the
38 default for compatibility with previous versions of OpenSSL and
39 SSLeay.
40 -e encrypt the input data: this is the default.
42 -d decrypt the input data.
44 -a base64 process the data. This means that if encryption is taking
46 place the data is base64 encoded after encryption. If decryption is
47 set then the input data is base64 decoded before being decrypted.
48 -A if the -a option is set then base64 process the data on one line.
50 -k password
52 the password to derive the key from. This is for compatibility with
53 previous versions of OpenSSL. Superseded by the -pass argument.
54 -kfile filename
56 read the password to derive the key from the first line of file‐
57 name. This is for compatibility with previous versions of OpenSSL.
58 Superseded by the -pass argument.
59 -S salt
61 the actual salt to use: this must be represented as a string com‐
62 prised only of hex digits.
63 -K key
65 the actual key to use: this must be represented as a string com‐
66 prised only of hex digits. If only the key is specified, the IV
67 must additionally specified using the -iv option. When both a key
68 and a password are specified, the key given with the -K option will
69 be used and the IV generated from the password will be taken. It
70 probably does not make much sense to specify both key and password.
71 -iv IV
73 the actual IV to use: this must be represented as a string com‐
74 prised only of hex digits. When only the key is specified using the
75 -K option, the IV must explicitly be defined. When a password is
76 being specified using one of the other options, the IV is generated
77 from this password.
78 -p print out the key and IV used.
80 -P print out the key and IV used then immediately exit: don't do any
82 encryption or decryption.
83 -bufsize number
85 set the buffer size for I/O
86 -nopad
88 disable standard block padding
89 -debug
91 debug the BIOs used for I/O.
92
94 The program can be called either as openssl ciphername or openssl enc
95 -ciphername.
96 A password will be prompted for to derive the key and IV if necessary.
98 The -salt option should ALWAYS be used if the key is being derived from
100 a password unless you want compatibility with previous versions of
101 OpenSSL and SSLeay.
102 Without the -salt option it is possible to perform efficient dictionary
104 attacks on the password and to attack stream cipher encrypted data. The
105 reason for this is that without the salt the same password always gen‐
106 erates the same encryption key. When the salt is being used the first
107 eight bytes of the encrypted data are reserved for the salt: it is gen‐
108 erated at random when encrypting a file and read from the encrypted
109 file when it is decrypted.
110 Some of the ciphers do not have large keys and others have security
112 implications if not used correctly. A beginner is advised to just use a
113 strong block cipher in CBC mode such as bf or des3.
114 All the block ciphers normally use PKCS#5 padding also known as stan‐
116 dard block padding: this allows a rudimentary integrity or password
117 check to be performed. However since the chance of random data passing
118 the test is better than 1 in 256 it isn't a very good test.
119 If padding is disabled then the input data must be a multiple of the
121 cipher block length.
122 All RC2 ciphers have the same key and effective key length.
124 Blowfish and RC5 algorithms use a 128 bit key.
126
128 base64 Base 64
129 bf-cbc Blowfish in CBC mode
131 bf Alias for bf-cbc
132 bf-cfb Blowfish in CFB mode
133 bf-ecb Blowfish in ECB mode
134 bf-ofb Blowfish in OFB mode
135 cast-cbc CAST in CBC mode
137 cast Alias for cast-cbc
138 cast5-cbc CAST5 in CBC mode
139 cast5-cfb CAST5 in CFB mode
140 cast5-ecb CAST5 in ECB mode
141 cast5-ofb CAST5 in OFB mode
142 des-cbc DES in CBC mode
144 des Alias for des-cbc
145 des-cfb DES in CBC mode
146 des-ofb DES in OFB mode
147 des-ecb DES in ECB mode
148 des-ede-cbc Two key triple DES EDE in CBC mode
150 des-ede Two key triple DES EDE in ECB mode
151 des-ede-cfb Two key triple DES EDE in CFB mode
152 des-ede-ofb Two key triple DES EDE in OFB mode
153 des-ede3-cbc Three key triple DES EDE in CBC mode
155 des-ede3 Three key triple DES EDE in ECB mode
156 des3 Alias for des-ede3-cbc
157 des-ede3-cfb Three key triple DES EDE CFB mode
158 des-ede3-ofb Three key triple DES EDE in OFB mode
159 desx DESX algorithm.
161 idea-cbc IDEA algorithm in CBC mode
163 idea same as idea-cbc
164 idea-cfb IDEA in CFB mode
165 idea-ecb IDEA in ECB mode
166 idea-ofb IDEA in OFB mode
167 rc2-cbc 128 bit RC2 in CBC mode
169 rc2 Alias for rc2-cbc
170 rc2-cfb 128 bit RC2 in CFB mode
171 rc2-ecb 128 bit RC2 in ECB mode
172 rc2-ofb 128 bit RC2 in OFB mode
173 rc2-64-cbc 64 bit RC2 in CBC mode
174 rc2-40-cbc 40 bit RC2 in CBC mode
175 rc4 128 bit RC4
177 rc4-64 64 bit RC4
178 rc4-40 40 bit RC4
179 rc5-cbc RC5 cipher in CBC mode
181 rc5 Alias for rc5-cbc
182 rc5-cfb RC5 cipher in CFB mode
183 rc5-ecb RC5 cipher in ECB mode
184 rc5-ofb RC5 cipher in OFB mode
185
187 Just base64 encode a binary file:
188 openssl base64 -in file.bin -out file.b64
190 Decode the same file
192 openssl base64 -d -in file.b64 -out file.bin
194 Encrypt a file using triple DES in CBC mode using a prompted password:
196 openssl des3 -salt -in file.txt -out file.des3
198 Decrypt a file using a supplied password:
200 openssl des3 -d -salt -in file.des3 -out file.txt -k mypassword
202 Encrypt a file then base64 encode it (so it can be sent via mail for
204 example) using Blowfish in CBC mode:
205 openssl bf -a -salt -in file.txt -out file.bf
207 Base64 decode a file then decrypt it:
209 openssl bf -d -salt -a -in file.bf -out file.txt
211 Decrypt some data using a supplied 40 bit RC4 key:
213 openssl rc4-40 -in file.rc4 -out file.txt -K 0102030405
215
217 The -A option when used with large files doesn't work properly.
218 There should be an option to allow an iteration count to be included.
220 The enc program only supports a fixed number of algorithms with certain
222 parameters. So if, for example, you want to use RC2 with a 76 bit key
223 or RC4 with an 84 bit key you can't use this program.
2240.9.8b 2005-09-15 ENC(1)