NAME

crypt, aescbc - data encryption

SYNOPSIS

crypt [ -d ] [ -a alg[/alg] ] [ -f keyfile ] [ -k key ] [ -? ]

auth/aescbc [ -d ] [ -e ] [ -f keyfile ] [ -k key ]

DESCRIPTION

Crypt reads a data stream from its standard input and writes it encrypted to standard output, preceded by a header that gives details of the algorithm used. If the -d option is given, crypt decrypts the standard input instead, writing the clear text on standard output. The options are:

-a alg...

Specifies one or two algorithms, for encryption and/or digests. The algorithms are those supported by ssl (3). If two algorithms are given, they should be separated by a slash (/) or space, following the conventions of ssl (3).

-f keyfile

Read the encryption key from the given file, which obviously should be carefully protected. Trailing newlines are ignored.

-k key

Use key as the encryption key.

-?

Print a list of the available encryption and digest algorithms.

If the secret key is not otherwise supplied, crypt prompts for it on /dev/cons. There is no need to give algorithms when decrypting, because they are taken from the header. The default algorithm is md5/ideacbc. It might be necessary to change that when using crypt for commercial purposes, as noted in keyring-crypt (2).

Aescbc encrypts and decrypts using AES (Rijndael) in cypher block chaining (CBC) mode. It uses input and output formats compatible with Plan 9's aescbc command; it also accepts input in the format used by keyfs (4) and Plan 9's secstore. The -e option causes it to encrypt; the -d option to decrypt. The other options are just as for crypt.

SOURCE

/appl/cmd/crypt.b
/appl/cmd/auth/aescbc.b

SEE ALSO

ssl (3), keyfs (4)