Difference between revisions of "Enc"
(Page creation, its just the beginning. I started by listing some options. more will follow soon) |
(added some more options and first examples, still a lot to do) |
||
| Line 9: | Line 9: | ||
</pre> | </pre> | ||
| + | You can obtain an incomplete help message by using an invalid option, eg. '''-help'''. | ||
| + | |||
| + | ===Cipher alogorithms=== | ||
| + | |||
| + | To get a list of available ciphers you can use the '''list-cipher-algorithms''' command | ||
| + | <pre> | ||
| + | $ openssl list-cipher-algorithms | ||
| + | </pre> | ||
| + | |||
| + | The output gives you a list of ciphers with its variations in block size an mode of operation. For example '''AES-256-CBC''' for [[AES]] with blocksize 256 in [[CBC|CBC-mode]]. Some ciphers also have short names, for example the one just mentioned is also known as '''aes256'''. These names are case insensitive. In addition '''none''' is a valid ciphername. This algorithms does nothing at all. | ||
===Options=== | ===Options=== | ||
The list of options is rather long. | The list of options is rather long. | ||
| − | + | ;-in ''filename'' | |
| − | + | :This specifies the input file. | |
| + | |||
| + | ;-out ''filename'' | ||
| + | :This specifies the output file. It will be created or overwritten if all ready existent. | ||
| + | |||
| + | ;-e or -d | ||
| + | : This specifies whether to encrypt ('''-e''') or to decrypt ('''-d'''). Encryption is the default. Of course yo have to got all other options right in order function properly. | ||
| + | |||
| + | ;-base64, -a, -A | ||
| + | : These flags tell OpenSSL to apply [[Base64]]-encoding before or after the cryptographic operation. The '''-a''' and '''-base64''' are equivalent. If you want to decode a base64 file it necessary to use the '''-d''' option. By default the encoded file has a line break every 64 characters. To suppress this you can use in addition to '''-base64''' the '''-A''' flag. This will produce a file with no line breaks at all. You can use these flags just for [[#Base64 Encoding|encoding Base64]] without any ciphers involved. | ||
| + | |||
| + | ;-pass '''arg''' | ||
| + | : This specifies the password source. | ||
| + | |||
| + | ===Examples=== | ||
| + | ====Base64 Encoding==== | ||
| + | To encode a file ''text.plain'' you can use | ||
| + | <pre> | ||
| + | $ openssl enc -base64 -in text.plain -out text.base64 | ||
| + | </pre> | ||
| + | |||
| + | To decode a file the the decrypt option ('''-d''') has to be used | ||
| − | + | <pre> | |
| − | + | $ openssl enc -d -base64 -in text.base64 -out text.plain | |
| + | </pre> | ||
Revision as of 08:10, 27 June 2013
This page describes the command line tools for encryption and decryption. Enc is used for various block and stream ciphers using keys based on passwords or explicitly provided. It can also be used for Base64 encoding or decoding.
Synopsis
The basic usage is to specify a ciphername and various options describing the actual task.
$ openssl enc -ciphername [options]
You can obtain an incomplete help message by using an invalid option, eg. -help.
Cipher alogorithms
To get a list of available ciphers you can use the list-cipher-algorithms command
$ openssl list-cipher-algorithms
The output gives you a list of ciphers with its variations in block size an mode of operation. For example AES-256-CBC for AES with blocksize 256 in CBC-mode. Some ciphers also have short names, for example the one just mentioned is also known as aes256. These names are case insensitive. In addition none is a valid ciphername. This algorithms does nothing at all.
Options
The list of options is rather long.
- -in filename
- This specifies the input file.
- -out filename
- This specifies the output file. It will be created or overwritten if all ready existent.
- -e or -d
- This specifies whether to encrypt (-e) or to decrypt (-d). Encryption is the default. Of course yo have to got all other options right in order function properly.
- -base64, -a, -A
- These flags tell OpenSSL to apply Base64-encoding before or after the cryptographic operation. The -a and -base64 are equivalent. If you want to decode a base64 file it necessary to use the -d option. By default the encoded file has a line break every 64 characters. To suppress this you can use in addition to -base64 the -A flag. This will produce a file with no line breaks at all. You can use these flags just for encoding Base64 without any ciphers involved.
- -pass arg
- This specifies the password source.
Examples
Base64 Encoding
To encode a file text.plain you can use
$ openssl enc -base64 -in text.plain -out text.base64
To decode a file the the decrypt option (-d) has to be used
$ openssl enc -d -base64 -in text.base64 -out text.plain
