crypt information
> which openssl
/usr/local/bin/openssl
> openssl version
OpenSSL 1.0.2-chacha (1.0.2k-dev)
> openssl -help
openssl:Error: '-help' is an invalid command.
Standard commands
asn1parse ca ciphers cms
crl crl2pkcs7 dgst dh
dhparam dsa dsaparam ec
ecparam enc engine errstr
gendh gendsa genpkey genrsa
nseq ocsp passwd pkcs12
pkcs7 pkcs8 pkey pkeyparam
pkeyutl prime rand req
rsa rsautl s_client s_server
s_time sess_id smime speed
spkac srp ts verify
version x509
Message Digest commands (see the `dgst' command for more details)
md2 md4 md5 mdc2
rmd160 sha sha1
Cipher commands (see the `enc' command for more details)
aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb
aes-256-cbc aes-256-ecb base64 bf
bf-cbc bf-cfb bf-ecb bf-ofb
camellia-128-cbc camellia-128-ecb camellia-192-cbc camellia-192-ecb
camellia-256-cbc camellia-256-ecb cast cast-cbc
cast5-cbc cast5-cfb cast5-ecb cast5-ofb
des des-cbc des-cfb des-ecb
des-ede des-ede-cbc des-ede-cfb des-ede-ofb
des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb
des-ofb des3 desx idea
idea-cbc idea-cfb idea-ecb idea-ofb
rc2 rc2-40-cbc rc2-64-cbc rc2-cbc
rc2-cfb rc2-ecb rc2-ofb rc4
rc4-40 rc5 rc5-cbc rc5-cfb
rc5-ecb rc5-ofb seed seed-cbc
seed-cfb seed-ecb seed-ofb zlib
> openssl enc -help
unknown option '-help'
options are
-in input file
-out output file
-pass pass phrase source
-e encrypt
-d decrypt
-a/-base64 base64 encode/decode, depending on encryption flag
-k passphrase is the next argument
-kfile passphrase is the first line of the file argument
-md the next argument is the md to use to create a key
from a passphrase. One of md2, md5, sha or sha1
-S salt in hex is the next argument
-K/-iv key/iv in hex is the next argument
-[pP] print the iv/key (then exit if -P)
-bufsize buffer size
-nopad disable standard block padding
-engine e use engine e, possibly a hardware device.
Cipher Types
-aes-128-cbc -aes-128-cbc-hmac-sha1 -aes-128-ccm
-aes-128-cfb -aes-128-cfb1 -aes-128-cfb8
-aes-128-ctr -aes-128-ecb -aes-128-gcm
-aes-128-ofb -aes-128-xts -aes-192-cbc
-aes-192-ccm -aes-192-cfb -aes-192-cfb1
-aes-192-cfb8 -aes-192-ctr -aes-192-ecb
-aes-192-gcm -aes-192-ofb -aes-256-cbc
-aes-256-cbc-hmac-sha1 -aes-256-ccm -aes-256-cfb
-aes-256-cfb1 -aes-256-cfb8 -aes-256-ctr
-aes-256-ecb -aes-256-gcm -aes-256-ofb
-aes-256-xts -aes128 -aes192
-aes256 -bf -bf-cbc
-bf-cfb -bf-ecb -bf-ofb
-blowfish -camellia-128-cbc -camellia-128-cfb
-camellia-128-cfb1 -camellia-128-cfb8 -camellia-128-ecb
-camellia-128-ofb -camellia-192-cbc -camellia-192-cfb
-camellia-192-cfb1 -camellia-192-cfb8 -camellia-192-ecb
-camellia-192-ofb -camellia-256-cbc -camellia-256-cfb
-camellia-256-cfb1 -camellia-256-cfb8 -camellia-256-ecb
-camellia-256-ofb -camellia128 -camellia192
-camellia256 -cast -cast-cbc
-cast5-cbc -cast5-cfb -cast5-ecb
-cast5-ofb -des -des-cbc
-des-cfb -des-cfb1 -des-cfb8
-des-ecb -des-ede -des-ede-cbc
-des-ede-cfb -des-ede-ofb -des-ede3
-des-ede3-cbc -des-ede3-cfb -des-ede3-cfb1
-des-ede3-cfb8 -des-ede3-ofb -des-ofb
-des3 -desx -desx-cbc
-id-aes128-CCM -id-aes128-GCM -id-aes128-wrap
-id-aes192-CCM -id-aes192-GCM -id-aes192-wrap
-id-aes256-CCM -id-aes256-GCM -id-aes256-wrap
-id-smime-alg-CMS3DESwrap -idea -idea-cbc
-idea-cfb -idea-ecb -idea-ofb
-rc2 -rc2-40-cbc -rc2-64-cbc
-rc2-cbc -rc2-cfb -rc2-ecb
-rc2-ofb -rc4 -rc4-40
-rc4-hmac-md5 -rc5 -rc5-cbc
-rc5-cfb -rc5-ecb -rc5-ofb
-seed -seed-cbc -seed-cfb
-seed-ecb -seed-ofb
> yes | head -n 32 |
| openssl enc -k 12345678 -aes-256-ecb |
| hexdump -Cv
yes: stdout: Broken pipe
00000000 53 61 6c 74 65 64 5f 5f 6f c2 9a ec 88 c7 9e 06 |Salted__o.......|
00000010 45 c1 56 02 3e 40 13 fe 91 e6 df 79 31 81 f5 0b |E.V.>@.....y1...|
00000020 45 c1 56 02 3e 40 13 fe 91 e6 df 79 31 81 f5 0b |E.V.>@.....y1...|
00000030 45 c1 56 02 3e 40 13 fe 91 e6 df 79 31 81 f5 0b |E.V.>@.....y1...|
00000040 45 c1 56 02 3e 40 13 fe 91 e6 df 79 31 81 f5 0b |E.V.>@.....y1...|
00000050 cd bf 2d 31 1e bf a6 47 64 05 01 cf 81 48 00 4b |..-1...Gd....H.K|
00000060
> yes | head -n 32 |
| openssl enc -k 12345678 -aes-256-ecb |
| openssl enc -d -k 12345678 -aes-256-ecb | uniq -c
yes: stdout: Broken pipe
32 y
> yes | head -n 32 |
| openssl enc -k 12345678 -aes-256-cbc |
| hexdump -Cv
yes: stdout: Broken pipe
00000000 53 61 6c 74 65 64 5f 5f cf cb c2 31 b6 36 a3 6f |Salted__...1.6.o|
00000010 6b b6 1f 5e 87 b0 3d bb 77 70 cc c8 14 ce 25 ed |k..^..=.wp....%.|
00000020 af f3 76 2d dd 26 78 12 95 0d 1b 8a 42 02 89 8c |..v-.&x.....B...|
00000030 55 f2 f1 7b fb 52 9b 33 90 f9 17 cf e7 c4 5f 40 |U..{.R.3......_@|
00000040 68 be b2 38 0d 90 b3 06 a8 f1 60 e4 c9 69 8a d7 |h..8......`..i..|
00000050 79 c0 02 da 02 c2 ce 41 87 0b c7 0f 5d 47 be 0d |y......A....]G..|
00000060
> yes | head -n 32 |
| openssl enc -k 12345678 -aes-256-cbc |
| openssl enc -d -k 12345678 -aes-256-cbc | uniq -c
yes: stdout: Broken pipe
32 y