path: root/doc/man1/enc.pod
diff options
Diffstat (limited to 'doc/man1/enc.pod')
1 files changed, 36 insertions, 12 deletions
diff --git a/doc/man1/enc.pod b/doc/man1/enc.pod
index 01cca4ea93f1..2136a9497849 100644
--- a/doc/man1/enc.pod
+++ b/doc/man1/enc.pod
@@ -257,7 +257,7 @@ ones provided by configured engines.
The B<enc> program does not support authenticated encryption modes
like CCM and GCM, and will not support such modes in the future.
The B<enc> interface by necessity must begin streaming output (e.g.,
-to standard output when B<-out> is not used before the authentication
+to standard output when B<-out> is not used) before the authentication
tag could be validated, leading to the usage of B<enc> in pipelines
that begin processing untrusted data and are not capable of rolling
back upon authentication failure. The AEAD modes currently in common
@@ -277,6 +277,7 @@ standard data format and performs the needed key/iv/nonce management.
bf-cbc Blowfish in CBC mode
bf Alias for bf-cbc
+ blowfish Alias for bf-cbc
bf-cfb Blowfish in CFB mode
bf-ecb Blowfish in ECB mode
bf-ofb Blowfish in OFB mode
@@ -288,6 +289,8 @@ standard data format and performs the needed key/iv/nonce management.
cast5-ecb CAST5 in ECB mode
cast5-ofb CAST5 in OFB mode
+ chacha20 ChaCha20 algorithm
des-cbc DES in CBC mode
des Alias for des-cbc
des-cfb DES in CFB mode
@@ -334,6 +337,19 @@ standard data format and performs the needed key/iv/nonce management.
rc5-ecb RC5 cipher in ECB mode
rc5-ofb RC5 cipher in OFB mode
+ seed-cbc SEED cipher in CBC mode
+ seed Alias for seed-cbc
+ seed-cfb SEED cipher in CFB mode
+ seed-ecb SEED cipher in ECB mode
+ seed-ofb SEED cipher in OFB mode
+ sm4-cbc SM4 cipher in CBC mode
+ sm4 Alias for sm4-cbc
+ sm4-cfb SM4 cipher in CFB mode
+ sm4-ctr SM4 cipher in CTR mode
+ sm4-ecb SM4 cipher in ECB mode
+ sm4-ofb SM4 cipher in OFB mode
aes-[128|192|256]-cbc 128/192/256 bit AES in CBC mode
aes[128|192|256] Alias for aes-[128|192|256]-cbc
aes-[128|192|256]-cfb 128/192/256 bit AES in 128 bit CFB mode
@@ -343,6 +359,15 @@ standard data format and performs the needed key/iv/nonce management.
aes-[128|192|256]-ecb 128/192/256 bit AES in ECB mode
aes-[128|192|256]-ofb 128/192/256 bit AES in OFB mode
+ aria-[128|192|256]-cbc 128/192/256 bit ARIA in CBC mode
+ aria[128|192|256] Alias for aria-[128|192|256]-cbc
+ aria-[128|192|256]-cfb 128/192/256 bit ARIA in 128 bit CFB mode
+ aria-[128|192|256]-cfb1 128/192/256 bit ARIA in 1 bit CFB mode
+ aria-[128|192|256]-cfb8 128/192/256 bit ARIA in 8 bit CFB mode
+ aria-[128|192|256]-ctr 128/192/256 bit ARIA in CTR mode
+ aria-[128|192|256]-ecb 128/192/256 bit ARIA in ECB mode
+ aria-[128|192|256]-ofb 128/192/256 bit ARIA in OFB mode
camellia-[128|192|256]-cbc 128/192/256 bit Camellia in CBC mode
camellia[128|192|256] Alias for camellia-[128|192|256]-cbc
camellia-[128|192|256]-cfb 128/192/256 bit Camellia in 128 bit CFB mode
@@ -362,26 +387,25 @@ Decode the same file
openssl base64 -d -in file.b64 -out file.bin
-Encrypt a file using triple DES in CBC mode using a prompted password:
+Encrypt a file using AES-128 using a prompted password
+and PBKDF2 key derivation:
- openssl des3 -salt -in file.txt -out file.des3
+ openssl enc -aes128 -pbkdf2 -in file.txt -out file.aes128
Decrypt a file using a supplied password:
- openssl des3 -d -salt -in file.des3 -out file.txt -k mypassword
+ openssl enc -aes128 -pbkdf2 -d -in file.aes128 -out file.txt \
+ -pass pass:<password>
Encrypt a file then base64 encode it (so it can be sent via mail for example)
-using Blowfish in CBC mode:
- openssl bf -a -salt -in file.txt -out file.bf
-Base64 decode a file then decrypt it:
+using AES-256 in CTR mode and PBKDF2 key derivation:
- openssl bf -d -salt -a -in file.bf -out file.txt
+ openssl enc -aes-256-ctr -pbkdf2 -a -in file.txt -out file.aes256
-Decrypt some data using a supplied 40 bit RC4 key:
+Base64 decode a file then decrypt it using a password supplied in a file:
- openssl rc4-40 -in file.rc4 -out file.txt -K 0102030405
+ openssl enc -aes-256-ctr -pbkdf2 -d -a -in file.aes256 -out file.txt \
+ -pass file:<passfile>
=head1 BUGS