[OpenSSL Command] File Encryption/Decryption
1. enc 명령
- 대칭 암호 기능 (Symmetric cipher routines)
- 파일의 암호화/복호화
- "$ man enc" 참고
$ openssl enc [-e|d] [-p] <cipher type> -in <infile> -out <outfile>
$ openssl enc [-e|d] [-p] <cipher type> -in <infile> -out <outfile> -k <passphrase>
$ openssl enc [-e|d] [-p] <cipher type> -in <infile> -out <outfile> -K <key(hex)> -iv <IV(hex)> -S <salt(hex)>
...
options are
-in <file> input file
-out <file> output file
-pass <arg> pass phrase source
-e encrypt
-d decrypt
-a/-base64 base64 encode/decode, depending on encryption flag
-k passphrase is the next argument
-kfile passphrase is the first line of the file argument
-md the next argument is the md to use to create a key
from a passphrase. One of md2, md5, sha or sha1
-S salt in hex is the next argument
-K/-iv key/iv in hex is the next argument
-[pP] print the iv/key (then exit if -P)
-bufsize <n> buffer size
-nopad disable standard block padding
-engine e use engine e, possibly a hardware device.
2. 암호화
- "-e" 옵션이 기본값, "-e"이 없으면 기본적으로 암호화
- <cipher type> 목록은 "$ man enc" 또는 "$ openssl enc -help"로 확인 가능
$ openssl enc [-e] <cipher type> -in <infile> -out <outfile>
$ openssl enc [-e] <cipher type> -in <infile> -out <outfile> -k <passphrase>
$ openssl enc [-e] <cipher type> -in <infile> -out <outfile> -K <key(hex)> -iv <IV(hex)> -S <salt(hex)>
...
예1)
$ openssl enc -e -aes-128-cbc -in text.txt -out text.bin
예2)
$ openssl enc -e -aes-128-cbc -in text.txt -out text.bin -k "password1234"
예3)
$ openssl enc -e -aes-128-cbc -in text.txt -out text.bin -K 83A0423EB66693020B7A78AA0F08DE6C -iv EBA02B3EF93F14FDEB64E09A815DE8E8 -S 07C95502C4D5F3D5
3. 복호화
- "-d" 옵션을 사용해야 복호화
$ openssl enc -d <cipher type> -in <infile> -out <outfile>
$ openssl enc -d <cipher type> -in <infile> -out <outfile> -k <passphrase>
$ openssl enc -d <cipher type> -in <infile> -out <outfile> -K <key(hex)> -iv <IV(hex)> -S <salt(hex)>
...
예1)
$ openssl enc -d -aes-128-cbc -in text.bin -out text.txt
예2)
$ openssl enc -d -aes-128-cbc -in text.bin -out text.txt -k "password1234"
예3)
$ openssl enc -d -aes-128-cbc -in text.bin -out text.txt -K 83A0423EB66693020B7A78AA0F08DE6C -iv EBA02B3EF93F14FDEB64E09A815DE8E8 -S 07C95502C4D5F3D5
[출처] http://blog.naver.com/seongjeongki7/220815806184 [OpenSSL Command] File Encryption/Decryption|작성자 JK
