Tuesday, July 30, 2013

OpenSSL - AES

To encrypt and decrypt a file with AES, you can do the following with OpenSSL

Quick Encryption with AES

Encrypt a file with AES key size 256 bit and CBC
openssl enc -aes-256-cbc -in plaintext.txt -out ciphertext.txt
Note: the above command will prompt user to enter passphase

Decrypt a file with AES key size 256 bit and CBC
openssl enc -d -aes-256-cbc  -in ciphertext.txt -out decrypt.txt
Note: the above command will prompt user to enter passphase

Providing passphase at command line
openssl enc -aes-256-cbc -salt -in plaintext.txt -out ciphertext.txt -pass pass:my_passphase

Providing passphase in password file
openssl enc -aes-256-cbc -salt -in plaintext.txt -out ciphertext.txt -pass file:/my/path/to/passphase

AES Encryption with Keys

Generate AES keys with key size 256 bits with CBC and SHA1

openssl enc -aes-256-cbc -k your_passphase -P -md sha1 > my_aes_256_key_info.txt

The above command generate a file with following example information

salt=245D8619A778BBE8
key=16CDE36765F89C3888F48D72F1A41C8522D4ACDBADE6BC4C24E4709E3E33E5A5
iv =D569CFD50F7E93DCFB19867682244BBE

Now, you need the key and iv information for encrypt and decrypt

Encrypt with key and iv and provide a Base64 result (assuming the key and iv is given by the above example)

openssl enc -aes-256-cbc -K 16CDE36765F89C3888F48D72F1A41C8522D4ACDBADE6BC4C24E4709E3E33E5A5 -iv D569CFD50F7E93DCFB19867682244BBE -a -in plain_text.txt -out your_cipher.txt

Decrypt with key and iv for a Base64 encoded ciphertext (assuming the key and iv is given by the above example)

openssl enc -d -aes-256-cbc -K 16CDE36765F89C3888F48D72F1A41C8522D4ACDBADE6BC4C24E4709E3E33E5A5 -iv D569CFD50F7E93DCFB19867682244BBE -a -in  your_cipher.txt -out decrypted.txt



No comments:

Post a Comment