[manual index][section index]


crypt, aescbc - data encryption


crypt [ -d ] [ -a alg[/alg] ] [ -f keyfile ] [ -k key ] [ -? ]

auth/aescbc [ -d ] [ -e ] [ -f keyfile ] [ -k key ]


Crypt reads a data stream from its standard input and writes it encrypted to standard output, preceded by a header that gives details of the algorithm used. If the -d option is given, crypt decrypts the standard input instead, writing the clear text on standard output. The options are:

-a alg...
Specifies one or two algorithms, for encryption and/or digests. The algorithms are those supported by ssl(3). If two algorithms are given, they should be separated by a slash (/) or space, following the conventions of ssl(3).
-f keyfile
Read the encryption key from the given file, which obviously should be carefully protected. Trailing newlines are ignored.
-k key
Use key as the encryption key.
Print a list of the available encryption and digest algorithms.

If the secret key is not otherwise supplied, crypt prompts for it on /dev/cons. There is no need to give algorithms when decrypting, because they are taken from the header. The default algorithm is md5/ideacbc. It might be necessary to change that when using crypt for commercial purposes, as noted in keyring-crypt(2).

Aescbc encrypts and decrypts using AES (Rijndael) in cypher block chaining (CBC) mode. It uses input and output formats compatible with Plan 9's aescbc command; it also accepts input in the format used by keyfs(4) and Plan 9's secstore. The -e option causes it to encrypt; the -d option to decrypt. The other options are just as for crypt.




ssl(3), keyfs(4)

CRYPT(1 ) Rev:  Thu Feb 15 14:42:47 GMT 2007