crypt information
> which openssl
/usr/local/bin/openssl
> openssl version
OpenSSL 1.0.2-chacha (1.0.2k-dev)
> openssl -help
openssl:Error: '-help' is an invalid command.
Standard commands
asn1parse ca ciphers cms
crl crl2pkcs7 dgst dh
dhparam dsa dsaparam ec
ecparam enc engine errstr
gendh gendsa genpkey genrsa
nseq ocsp passwd pkcs12
pkcs7 pkcs8 pkey pkeyparam
pkeyutl prime rand req
rsa rsautl s_client s_server
s_time sess_id smime speed
spkac srp ts verify
version x509
Message Digest commands (see the `dgst' command for more details)
md2 md4 md5 mdc2
rmd160 sha sha1
Cipher commands (see the `enc' command for more details)
aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb
aes-256-cbc aes-256-ecb base64 bf
bf-cbc bf-cfb bf-ecb bf-ofb
camellia-128-cbc camellia-128-ecb camellia-192-cbc camellia-192-ecb
camellia-256-cbc camellia-256-ecb cast cast-cbc
cast5-cbc cast5-cfb cast5-ecb cast5-ofb
des des-cbc des-cfb des-ecb
des-ede des-ede-cbc des-ede-cfb des-ede-ofb
des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb
des-ofb des3 desx idea
idea-cbc idea-cfb idea-ecb idea-ofb
rc2 rc2-40-cbc rc2-64-cbc rc2-cbc
rc2-cfb rc2-ecb rc2-ofb rc4
rc4-40 rc5 rc5-cbc rc5-cfb
rc5-ecb rc5-ofb seed seed-cbc
seed-cfb seed-ecb seed-ofb zlib
> openssl enc -help
unknown option '-help'
options are
-in input file
-out output file
-pass pass phrase source
-e encrypt
-d decrypt
-a/-base64 base64 encode/decode, depending on encryption flag
-k passphrase is the next argument
-kfile passphrase is the first line of the file argument
-md the next argument is the md to use to create a key
from a passphrase. One of md2, md5, sha or sha1
-S salt in hex is the next argument
-K/-iv key/iv in hex is the next argument
-[pP] print the iv/key (then exit if -P)
-bufsize buffer size
-nopad disable standard block padding
-engine e use engine e, possibly a hardware device.
Cipher Types
-aes-128-cbc -aes-128-cbc-hmac-sha1 -aes-128-ccm
-aes-128-cfb -aes-128-cfb1 -aes-128-cfb8
-aes-128-ctr -aes-128-ecb -aes-128-gcm
-aes-128-ofb -aes-128-xts -aes-192-cbc
-aes-192-ccm -aes-192-cfb -aes-192-cfb1
-aes-192-cfb8 -aes-192-ctr -aes-192-ecb
-aes-192-gcm -aes-192-ofb -aes-256-cbc
-aes-256-cbc-hmac-sha1 -aes-256-ccm -aes-256-cfb
-aes-256-cfb1 -aes-256-cfb8 -aes-256-ctr
-aes-256-ecb -aes-256-gcm -aes-256-ofb
-aes-256-xts -aes128 -aes192
-aes256 -bf -bf-cbc
-bf-cfb -bf-ecb -bf-ofb
-blowfish -camellia-128-cbc -camellia-128-cfb
-camellia-128-cfb1 -camellia-128-cfb8 -camellia-128-ecb
-camellia-128-ofb -camellia-192-cbc -camellia-192-cfb
-camellia-192-cfb1 -camellia-192-cfb8 -camellia-192-ecb
-camellia-192-ofb -camellia-256-cbc -camellia-256-cfb
-camellia-256-cfb1 -camellia-256-cfb8 -camellia-256-ecb
-camellia-256-ofb -camellia128 -camellia192
-camellia256 -cast -cast-cbc
-cast5-cbc -cast5-cfb -cast5-ecb
-cast5-ofb -des -des-cbc
-des-cfb -des-cfb1 -des-cfb8
-des-ecb -des-ede -des-ede-cbc
-des-ede-cfb -des-ede-ofb -des-ede3
-des-ede3-cbc -des-ede3-cfb -des-ede3-cfb1
-des-ede3-cfb8 -des-ede3-ofb -des-ofb
-des3 -desx -desx-cbc
-id-aes128-CCM -id-aes128-GCM -id-aes128-wrap
-id-aes192-CCM -id-aes192-GCM -id-aes192-wrap
-id-aes256-CCM -id-aes256-GCM -id-aes256-wrap
-id-smime-alg-CMS3DESwrap -idea -idea-cbc
-idea-cfb -idea-ecb -idea-ofb
-rc2 -rc2-40-cbc -rc2-64-cbc
-rc2-cbc -rc2-cfb -rc2-ecb
-rc2-ofb -rc4 -rc4-40
-rc4-hmac-md5 -rc5 -rc5-cbc
-rc5-cfb -rc5-ecb -rc5-ofb
-seed -seed-cbc -seed-cfb
-seed-ecb -seed-ofb
> yes | head -n 32 |
| openssl enc -k 12345678 -aes-256-ecb |
| hexdump -Cv
yes: stdout: Broken pipe
00000000 53 61 6c 74 65 64 5f 5f 47 76 6d 50 44 5e 3c d1 |Salted__GvmPD^<.|
00000010 3f f5 76 8b f6 7d 96 b9 2b 30 5f d5 3b 61 90 11 |?.v..}..+0_.;a..|
00000020 3f f5 76 8b f6 7d 96 b9 2b 30 5f d5 3b 61 90 11 |?.v..}..+0_.;a..|
00000030 3f f5 76 8b f6 7d 96 b9 2b 30 5f d5 3b 61 90 11 |?.v..}..+0_.;a..|
00000040 3f f5 76 8b f6 7d 96 b9 2b 30 5f d5 3b 61 90 11 |?.v..}..+0_.;a..|
00000050 f7 27 c5 ea fc b5 aa 0f fd 68 2c e3 9a 19 9d aa |.'.......h,.....|
00000060
> yes | head -n 32 |
| openssl enc -k 12345678 -aes-256-ecb |
| openssl enc -d -k 12345678 -aes-256-ecb | uniq -c
yes: stdout: Broken pipe
32 y
> yes | head -n 32 |
| openssl enc -k 12345678 -aes-256-cbc |
| hexdump -Cv
yes: stdout: Broken pipe
00000000 53 61 6c 74 65 64 5f 5f 0e ff e0 d9 79 c8 ca 2c |Salted__....y..,|
00000010 2b 8e 5f 3e 19 65 ec eb d3 3a 91 d0 b8 82 c2 cc |+._>.e...:......|
00000020 0d 92 7a 87 77 f2 fa bb d0 8b f3 df c1 76 a5 db |..z.w........v..|
00000030 b7 cb ba 58 1b c7 d6 24 b9 bf fe 76 59 8b df d5 |...X...$...vY...|
00000040 10 83 cd b2 d9 24 37 f3 70 3e 1a 5b 18 b3 0d be |.....$7.p>.[....|
00000050 06 ab 8a 5d a3 c2 59 db c9 1a 37 73 f6 e4 23 8a |...]..Y...7s..#.|
00000060
> yes | head -n 32 |
| openssl enc -k 12345678 -aes-256-cbc |
| openssl enc -d -k 12345678 -aes-256-cbc | uniq -c
yes: stdout: Broken pipe
32 y