// ENCRYPTING

"openssl des-ecb"
	prompts to enter password, derive key with generated salt and pass,
	prepend salt header.

"openssl des-ecb -S a"
	prompts to enter password, derive key with given salt and generated pass,
	prepend salt header.

"openssl des-ecb -pass pass:asd"
	generate salt and key, prepend salt header.

"openssl des-ecb -S a -pass:asd"
	generate key from givent salt and pass, prepend header.

"openssl des-ecb -S a -pass:asd -K 1"
	encrypt with GIVEN key, prepend GIVEN salt headaer.

"openssl des-ecb -K 1"
	encrypt with given key, doesn't generate and prepend salt.

"openssl des-ecb -S 0 -pass pass:asd -P -pbkdf2"
	generate key using PKCS5_PBKDF2_HMAC with 10000 iteration,
	8 byte salt, 3 byte key, sha256 hash function, prepend salt header.

// DECRYPTING

"echo -n Salted__ | openssl des-ecb -d"
	prompts to enter password, generate key but fails to decode.

"echo -n Salted__aaaaaaaa | openssl des-ecb -d"
	prompts to enter password, generate key but fails to validate padding.

	openssl doesn't expect "Salted__" header only when -K or -S flag supplied
	(or both simultaneously, in this case salt is discarded),
	in any other case salt should be readed from message.