Talk:Enc
Rarely Used -K option
"This is rarely used, normally you specify a password from which a key is derived."
Is this true? Does it not depend fairly heavily on your use case? Just not sure what the basis for this statement is.
--Matt 21:39, 27 June 2013 (UTC)
Probably you are right. Its a biased statement. I'll change it.
--Frukto 07:27, 28 June 2013 (UTC)
Zlib compression
"Use this flag to enable zlib-compression. After a file is encrypted (and maybe base64 encoded) it will be compressed via zlib. Vice versa while decrypting, zlib will be applied first."
I think this happens the other way around. Doesn't compression occur before encryption, or after decryption? It doesn't make sense to do it the other way around - after encryption the data will appear indistinguishable from random data, and therefore should not have any appreciable ability to be compressed.
--Matt 12:17, 5 July 2013 (UTC)
Yes, i had the same question. But i tried it and it works actually like this: encryption -> base64 -> zlib
encrypt + unzip:
$ openssl enc -des -in message.plain -a -out message.enc -nosalt -z
$ printf "\x1f\x8b\x08\x00\x00\x00\x00\x00" |cat - message.enc | gzip -dc
gives the same as:
$ openssl enc -des -in message.plain -a -out message.enc -nosalt
--Frukto 14:05, 5 July 2013 (UTC)
Interesting. I checked the source code and you appear to be right. The manual page however says this about -z: "Compress or decompress clear text using zlib before encryption or after decryption. This option exists only if OpenSSL with compiled with zlib or zlib-dynamic option. "
--Matt 11:41, 6 July 2013 (UTC)
Block size vs Key size
I changed references to block size to key size as I think that is what you meant. AES-256 has a 256-bit key. The block size is always 128 bits for AES.
--Matt 11:41, 6 July 2013 (UTC)