encryption - 使用 aes 128 加密文件

Question

我想在 Linux 中使用此命令加密文件 sudo openssl enc –aes-128-ecb –nosalt -p –in poraka.txt -out poraka.aes 但是终端给我这个错误给出了额外的参数。


我应该从此命令行中删除什么？

Answer 1

首先检查输出:

$ openssl enc –aes-128-ecb –nosalt -p –in poraka.txt -out poraka.aes
Extra arguments given.
enc: Use -help for summary.

好的让我们用-help运行

$ openssl enc -help
Usage: enc [options]
Valid options are:
 -help               Display this summary
 -ciphers            List ciphers
 -in infile          Input file
 -out outfile        Output file
 -pass val           Passphrase source
 -e                  Encrypt
 -d                  Decrypt
 -p                  Print the iv/key
 -P                  Print the iv/key and exit
 -v                  Verbose output
 -nopad              Disable standard block padding
 -salt               Use salt in the KDF (default)
 -nosalt             Do not use salt in the KDF
 -debug              Print debug info
 -a                  Base64 encode/decode, depending on encryption flag
 -base64             Same as option -a
 -A                  Used with -[base64|a] to specify base64 buffer as a single line
 -bufsize val        Buffer size
 -k val              Passphrase
 -kfile infile       Read passphrase from file
 -K val              Raw key, in hex
 -S val              Salt, in hex
 -iv val             IV in hex
 -md val             Use specified digest to create a key from the passphrase
 -iter +int          Specify the iteration count and force use of PBKDF2
 -pbkdf2             Use password-based key derivation function 2
 -none               Don't encrypt
 -*                  Any supported cipher
 -rand val           Load the file(s) into the random number generator
 -writerand outfile  Write random data to the specified file
 -engine val         Use engine, possibly a hardware device

看起来 -p 被误用了

$ touch poraka.txt
$ openssl enc -aes-128-ecb -nosalt  -in poraka.txt -out poraka.aes
enter aes-128-ecb encryption password:
Verifying - enter aes-128-ecb encryption password:
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.

我认为这是可行的