crypt information
> which openssl
/usr/local/bin/openssl
> openssl version
OpenSSL 1.0.2-chacha (1.0.2k-dev)
> openssl -help
openssl:Error: '-help' is an invalid command.
Standard commands
asn1parse ca ciphers cms
crl crl2pkcs7 dgst dh
dhparam dsa dsaparam ec
ecparam enc engine errstr
gendh gendsa genpkey genrsa
nseq ocsp passwd pkcs12
pkcs7 pkcs8 pkey pkeyparam
pkeyutl prime rand req
rsa rsautl s_client s_server
s_time sess_id smime speed
spkac srp ts verify
version x509
Message Digest commands (see the `dgst' command for more details)
md2 md4 md5 mdc2
rmd160 sha sha1
Cipher commands (see the `enc' command for more details)
aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb
aes-256-cbc aes-256-ecb base64 bf
bf-cbc bf-cfb bf-ecb bf-ofb
camellia-128-cbc camellia-128-ecb camellia-192-cbc camellia-192-ecb
camellia-256-cbc camellia-256-ecb cast cast-cbc
cast5-cbc cast5-cfb cast5-ecb cast5-ofb
des des-cbc des-cfb des-ecb
des-ede des-ede-cbc des-ede-cfb des-ede-ofb
des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb
des-ofb des3 desx idea
idea-cbc idea-cfb idea-ecb idea-ofb
rc2 rc2-40-cbc rc2-64-cbc rc2-cbc
rc2-cfb rc2-ecb rc2-ofb rc4
rc4-40 rc5 rc5-cbc rc5-cfb
rc5-ecb rc5-ofb seed seed-cbc
seed-cfb seed-ecb seed-ofb zlib
> openssl enc -help
unknown option '-help'
options are
-in input file
-out output file
-pass pass phrase source
-e encrypt
-d decrypt
-a/-base64 base64 encode/decode, depending on encryption flag
-k passphrase is the next argument
-kfile passphrase is the first line of the file argument
-md the next argument is the md to use to create a key
from a passphrase. One of md2, md5, sha or sha1
-S salt in hex is the next argument
-K/-iv key/iv in hex is the next argument
-[pP] print the iv/key (then exit if -P)
-bufsize buffer size
-nopad disable standard block padding
-engine e use engine e, possibly a hardware device.
Cipher Types
-aes-128-cbc -aes-128-cbc-hmac-sha1 -aes-128-ccm
-aes-128-cfb -aes-128-cfb1 -aes-128-cfb8
-aes-128-ctr -aes-128-ecb -aes-128-gcm
-aes-128-ofb -aes-128-xts -aes-192-cbc
-aes-192-ccm -aes-192-cfb -aes-192-cfb1
-aes-192-cfb8 -aes-192-ctr -aes-192-ecb
-aes-192-gcm -aes-192-ofb -aes-256-cbc
-aes-256-cbc-hmac-sha1 -aes-256-ccm -aes-256-cfb
-aes-256-cfb1 -aes-256-cfb8 -aes-256-ctr
-aes-256-ecb -aes-256-gcm -aes-256-ofb
-aes-256-xts -aes128 -aes192
-aes256 -bf -bf-cbc
-bf-cfb -bf-ecb -bf-ofb
-blowfish -camellia-128-cbc -camellia-128-cfb
-camellia-128-cfb1 -camellia-128-cfb8 -camellia-128-ecb
-camellia-128-ofb -camellia-192-cbc -camellia-192-cfb
-camellia-192-cfb1 -camellia-192-cfb8 -camellia-192-ecb
-camellia-192-ofb -camellia-256-cbc -camellia-256-cfb
-camellia-256-cfb1 -camellia-256-cfb8 -camellia-256-ecb
-camellia-256-ofb -camellia128 -camellia192
-camellia256 -cast -cast-cbc
-cast5-cbc -cast5-cfb -cast5-ecb
-cast5-ofb -des -des-cbc
-des-cfb -des-cfb1 -des-cfb8
-des-ecb -des-ede -des-ede-cbc
-des-ede-cfb -des-ede-ofb -des-ede3
-des-ede3-cbc -des-ede3-cfb -des-ede3-cfb1
-des-ede3-cfb8 -des-ede3-ofb -des-ofb
-des3 -desx -desx-cbc
-id-aes128-CCM -id-aes128-GCM -id-aes128-wrap
-id-aes192-CCM -id-aes192-GCM -id-aes192-wrap
-id-aes256-CCM -id-aes256-GCM -id-aes256-wrap
-id-smime-alg-CMS3DESwrap -idea -idea-cbc
-idea-cfb -idea-ecb -idea-ofb
-rc2 -rc2-40-cbc -rc2-64-cbc
-rc2-cbc -rc2-cfb -rc2-ecb
-rc2-ofb -rc4 -rc4-40
-rc4-hmac-md5 -rc5 -rc5-cbc
-rc5-cfb -rc5-ecb -rc5-ofb
-seed -seed-cbc -seed-cfb
-seed-ecb -seed-ofb
> yes | head -n 32 |
| openssl enc -k 12345678 -aes-256-ecb |
| hexdump -Cv
yes: stdout: Broken pipe
00000000 53 61 6c 74 65 64 5f 5f a4 48 6b bc 47 40 04 30 |Salted__.Hk.G@.0|
00000010 6b 14 58 85 53 33 b1 61 d6 f1 ee 76 89 38 49 17 |k.X.S3.a...v.8I.|
00000020 6b 14 58 85 53 33 b1 61 d6 f1 ee 76 89 38 49 17 |k.X.S3.a...v.8I.|
00000030 6b 14 58 85 53 33 b1 61 d6 f1 ee 76 89 38 49 17 |k.X.S3.a...v.8I.|
00000040 6b 14 58 85 53 33 b1 61 d6 f1 ee 76 89 38 49 17 |k.X.S3.a...v.8I.|
00000050 d1 8a 4e 3b cd 8b 71 92 6d 2b b1 fc 80 a8 43 70 |..N;..q.m+....Cp|
00000060
> yes | head -n 32 |
| openssl enc -k 12345678 -aes-256-ecb |
| openssl enc -d -k 12345678 -aes-256-ecb | uniq -c
yes: stdout: Broken pipe
32 y
> yes | head -n 32 |
| openssl enc -k 12345678 -aes-256-cbc |
| hexdump -Cv
yes: stdout: Broken pipe
00000000 53 61 6c 74 65 64 5f 5f 66 1d 0a 52 8c c5 93 31 |Salted__f..R...1|
00000010 de 79 a3 c0 e0 45 cb 35 e3 42 57 1e 8d c0 e7 b1 |.y...E.5.BW.....|
00000020 b5 7a f3 07 2c 0d 79 c5 99 45 c2 21 63 8e 64 7f |.z..,.y..E.!c.d.|
00000030 27 0e 16 d0 5b cf 09 14 f8 b9 16 84 67 08 31 21 |'...[.......g.1!|
00000040 c6 6f dd 15 d0 72 fe d4 c7 82 8f 6f d6 75 85 b6 |.o...r.....o.u..|
00000050 6c e7 8b 9c 5b 35 c9 ff 81 ad 45 2d 4c d5 f1 64 |l...[5....E-L..d|
00000060
> yes | head -n 32 |
| openssl enc -k 12345678 -aes-256-cbc |
| openssl enc -d -k 12345678 -aes-256-cbc | uniq -c
yes: stdout: Broken pipe
32 y