37 lines
1.2 KiB
Text
37 lines
1.2 KiB
Text
// ENCRYPTING
|
|
|
|
"openssl des-ecb"
|
|
prompts to enter password, derive key with generated salt and pass,
|
|
prepend salt header.
|
|
|
|
"openssl des-ecb -S a"
|
|
prompts to enter password, derive key with given salt and generated pass,
|
|
prepend salt header.
|
|
|
|
"openssl des-ecb -pass pass:asd"
|
|
generate salt and key, prepend salt header.
|
|
|
|
"openssl des-ecb -S a -pass:asd"
|
|
generate key from givent salt and pass, prepend header.
|
|
|
|
"openssl des-ecb -S a -pass:asd -K 1"
|
|
encrypt with GIVEN key, prepend GIVEN salt headaer.
|
|
|
|
"openssl des-ecb -K 1"
|
|
encrypt with given key, doesn't generate and prepend salt.
|
|
|
|
"openssl des-ecb -S 0 -pass pass:asd -P -pbkdf2"
|
|
generate key using PKCS5_PBKDF2_HMAC with 10000 iteration,
|
|
8 byte salt, 3 byte key, sha256 hash function, prepend salt header.
|
|
|
|
// DECRYPTING
|
|
|
|
"echo -n Salted__ | openssl des-ecb -d"
|
|
prompts to enter password, generate key but fails to decode.
|
|
|
|
"echo -n Salted__aaaaaaaa | openssl des-ecb -d"
|
|
prompts to enter password, generate key but fails to validate padding.
|
|
|
|
openssl doesn't expect "Salted__" header only when -K or -S flag supplied
|
|
(or both simultaneously, in this case salt is discarded),
|
|
in any other case salt should be readed from message.
|