OpenSSL ENC Parsing

Source: Internet
Author: User
Tags cast5 openssl enc

Usage:
OpenSSL ENC-ciphername [-in Filename] [-out filename] [-pass Arg] [-E]
[-D] [-A] [-K Password] [-kfile filename] [-K key] [-IV] [-p]

[-P] [-bufsize number] [-Debug]

Note:

Symmetric encryption algorithm tool. It can encrypt/decrypt data using different symmetric encryption algorithms. Encryption
/Password, and base64 encoding of the result.

Options
-In filename
The input file to be encrypted/decrypted. The default value is standard input.

-Out filename
The output file to be encrypted/decrypted. The default value is standard output.

-Pass ARG
If the input file is password protected, enter the password here.

-Salt
To be compatible with openssl0.9.5 and later versions, you must set this option. salt, which is probably in cryptography.
I didn't quite understand what it was about. In my understanding, this is encrypted and placed in
The character string at the beginning of the password is used to make it more difficult to crack the password. If it is wrong, please master cryptography.
Correction.

-Nosalt
To be compatible with openssl0.9.5 or earlier, set this option.

-E
An option set by default to encrypt the input data.

-D
Decrypts input data.

-
Use base64 encoding to process data. Set this option to indicate that the encrypted data will also be used
The base64 encoding is pinched once, And base64 encoding and decoding is used before decryption.

-K Password
An outdated item to be compatible with previous versions. Now it is replaced by-key.

-Kfile filename
Same as above. It is replaced by passin.

-K key
The password in hexadecimal notation.

-IV
The role is the same as above.

-P
Print the password used.

-P
The function is the same as above, but exits immediately after printing.

-Bufsize number
Set the buffer size for I/O operations

-Debug
Print debugging information.

Note:
In versions 0.9.5 and later,-salt must be set. Otherwise, Dictionary attacks are easy to use.
Your password is broken, and the stream encryption algorithm is easily broken. (The encryption algorithms include block encryption algorithms and stream encryption algorithms.
Two types: block encryption algorithms encrypt data with a fixed length at a time, generally 8 bytes, and stream encryption algorithms encrypt data at a time.
Massive Data ). I cannot figure out why. It is difficult to study encryption algorithms, and it is not the responsibility of our programmers.

This command can use different encryption algorithms. What are the advantages and disadvantages? If you use it improperly
Encryption algorithms also become weak. It is recommended that novice door use des3-cbc.

Encryption algorithms supported by this Instruction

Base64 Base 64

BF-CBC blowfish in CBC Mode
BF alias for BF-CBC
BF-CFB blowfish in CFB Mode
BF-ECB blowfish in ECB Mode
BF-ofB blowfish in ofB Mode

Cast-CBC cast in CBC Mode
Cast alias for Cast-CBC
Cast5-cbc cast5 in CBC Mode
Cast5-cfb (cast5 in CFB Mode)
Cast5-ecb cast5 in ECB Mode
Cast5-ofb cast5 in ofB Mode

Des-CBC des in CBC Mode
Des alias for Des-CBC
Des-CFB des in CBC Mode
Des-ofB des in ofB Mode
Des-ECB des in ECB Mode

Des-Ede-CBC two key Triple DES Ede in CBC Mode
Des-Ede alias for Des-Ede
Des-Ede-CFB two key Triple DES Ede in CFB Mode
Des-Ede-ofB two key Triple DES Ede in ofB Mode

Des-ede3-cbc three key Triple DES Ede in CBC Mode
Des-ede3 alias for des-ede3-cbc
Des3 alias for des-ede3-cbc
Des-ede3-cfb three key Triple DES Ede CFB Mode
Des-ede3-ofb three key Triple DES Ede in ofB Mode

Desx algorithm.

Idea-CBC idea algorithm in CBC Mode
Idea same as idea-CBC
Idea-CFB idea in CFB Mode
Idea-ECB idea in ECB Mode
Idea-ofB idea in ofB Mode

The rc2-cbc 128 bit RC2 in CBC Mode
RC2 alias for rc2-cbc
The rc2-cfb 128 bit RC2 in CBC Mode
The rc2-ecb 128 bit RC2 in CBC Mode
The rc2-ofb 128 bit RC2 in CBC Mode
Rc2-64-cbc 64 bit RC2 in CBC Mode
Rc2-40-cbc 40 bit RC2 in CBC Mode

RC4 128 bit RC4
64 bit rc4-64 RC4
Rc4-40 40 bit RC4

Rc5-cbc RC5 cipher in CBC Mode
RC5 alias for rc5-cbc
Rc5-cfb RC5 cipher in CBC Mode
Rc5-ecb RC5 cipher in CBC Mode
Rc5-ofb RC5 cipher in CBC Mode

We may see that des is divided into Des-ECB, Des-CBC, and Des-CFB. A brief explanation.

ECB encrypts 8 bytes of data every 8 bytes. Not between different data blocks
Any contact. Each time the CBC and CFB encrypt an 8 bytes file, they are connected to the previous 8 bytes file.
The encryption result has an algorithm. Each data block is related.

Example time:

Convert a binary file to a base64 encoding method:
OpenSSL base64-in file. Bin-out file. b64

Converts a base64 encoded file to a binary file.
OpenSSL base64-D-in file. b64-out file. Bin

Encrypts a file in DES-CBC. You will be prompted to enter the password during encryption.
OpenSSL des3-salt-In file.txt-out file. des3

Decrypt the file and use-K to enter the password.
OpenSSL des3-D-salt-in file. des3-out file.txt-K mypassword

Encrypt a file and encode the encrypted result in base64. Use BF + CBC Algorithm for encryption
OpenSSL BF-a-salt-In file.txt-out file. BF
 
First decode a file with base64 and then decrypt it.
OpenSSL BF-D-salt-a-in file. BF-out file.txt

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.