Yeah, I appreciate that. What I can't see in the docs is how the key and IV is defined from the password and if I can do that without calling the openssl enc call. If the key and IV were from an md5 then I could do "echo '1234' | openssl md5". But it isn't md5 and I can't figure out what it is...
Dave Thompson-4 wrote: > >> From: owner-openssl-us...@openssl.org On Behalf Of brechmos >> Sent: Thursday, 12 March, 2009 08:25 > >> I am relatively new at openssl and am just figuring out its >> power. One thing > > General suggestion: for any of the openssl commandline > functions, you can get a brief usage display by adding -? . > On a Unix-type installation (I believe including cygwin) > there are also man pages (you may need to adjust your > MANPATH depending on where OpenSSL is installed). > Note that the command for symmetric crypto is actually 'enc'; > 'des3' is really 'enc -des3', 'rc2-ofb' is 'enc -rc2-ofb', etc.; > so the man page is for 'enc' not for a specific ciphername. > >> I do not understand is the key creation. For example, >> >> $ openssl des3 -nosalt -P -in bob.txt >> >> and I type in the password 1234 (not my normal password :-) and >> it comes up > with: >> >> Verifying - enter des-ede3-cbc encryption password: >> key=81DC9BDB52D04DC20036DBD8313ED055CC5776D16A1FB6E4 >> iv =AFA34B18395DA656 >> >> Is there a way to create the key shown above using an ssl command line? >> > From openssl enc -? : > -k passphrase is the next argument > -pass <arg> pass phrase source > (and elsewhere several options for arg are given including pass:value) > Hence: > openssl enc -des3 -k 1234 -nosalt > openssl enc -des3 -pass pass:1234 -nosalt > > > Subject to the usual caveat: on some OSes and/or in some situations, > commandline parameters can be seen by other programs, and possibly > other users on a multiuser system; this may be insecure for you. > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > > -- View this message in context: http://www.nabble.com/PBE-Key-creation-tp22476230p22486863.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
