AESCrypt on FreeBSD 8.2
提供:MDWiki
目次 |
概要
AES (Rijndael) でファイルを暗号化・復号化する。但し、この程度の処理は既に openssl などでもできるため、わざわざインストールする必要はなかった(笑)。
DESCRIPTION
The aescrypt utility encrypts data using the Rijndael algorithm, the win-
ner of the Advanced Encryption Standard (AES) competition. The encryp-
tion is done in Cipher Block Feedback (CFB-128) mode, with the salt ran-
domly generated from data read from the /dev/urandom device. The plain-
text data is read from standard input and the encrypted data is written
to standard output.
The encryption key may be read from standard input or from a file,
depending on the argument passed to the -k command-line option. If ``-''
is used as a filename, the aescrypt utility reads as many hexadecimal
digits as needed from standard input and then one additional byte to
allow for a newline separating the key from the actual data to be
encrypted. If the filename is not ``-'', the aescrypt utility opens the
specified file and reads text lines from it until a line starting with
the characters kk= is reached. Those characters should be immediately
followed by as many hexadecimal digits as needed; the rest of the line,
as well as the rest of the file, is ignored.
The encryption key may be 128, 192, or 256 bits long. By default, the
aescrypt utility uses (and expects to read) a 128-bit key, unless a dif-
ferent size is supplied by the -s keysize command-line option.
The aescrypt utility reads 16 bytes (128 bits) from the /dev/urandom
device to initialize the salt for the CFB-128 encryption. The salt is
prepended to the encrypted data in the output.
HISTORY
The aescrypt utility was written by Eric Lee Green, and was modified to
use Rijndael rather than Twofish by Randy Kaelber. It uses the freely
available Rijndael implementation by Antoon Bosselaers and Vincent
Rijmen. This manual page was written by Peter Pentchev in 2008.
AUTHORS
The aescrypt utility - Eric Lee Green <eric@badtux.org>, Randy Kaelber
<randyk@sourceforge.net>.
The manual page - Peter Pentchev <roam@ringlet.net>.
インストール
例によって FreeBSD 8.2 release 上での操作を前提にする。/usr/ports/security/aescrypt に移動して、以下のとおり。
freebsd# make ===> Vulnerability check disabled, database not found ===> License check disabled, port has not defined LICENSE => aescrypt-0.7.tar.gz doesn't seem to exist in /usr/ports/distfiles/. => Attempting to fetch http://heanet.dl.sourceforge.net/project/aescrypt/aescrypt/0.7.0/aescrypt-0.7.tar.gz aescrypt-0.7.tar.gz 100% of 60 kB 23 kBps => aescrypt-0.7-roam-whopper-01.patch.gz doesn't seem to exist in /usr/ports/distfiles/. => Attempting to fetch http://devel.ringlet.net/security/aescrypt/patches/aescrypt-0.7-roam-whopper-01.patch.gz aescrypt-0.7-roam-whopper-01.patch.gz 100% of 7418 B 1407 Bps ===> Extracting for aescrypt-0.7_1 => SHA256 Checksum OK for aescrypt-0.7.tar.gz. => SHA256 Checksum OK for aescrypt-0.7-roam-whopper-01.patch.gz. ===> Patching for aescrypt-0.7_1 ===> Applying distribution patches for aescrypt-0.7_1 ===> Configuring for aescrypt-0.7_1 creating cache ./config.cache checking for gcc... cc checking whether the C compiler (cc -O2 -pipe -fno-strict-aliasing ) works... yes checking whether the C compiler (cc -O2 -pipe -fno-strict-aliasing ) is a cross-compiler... no checking whether we are using GNU C... yes checking whether cc accepts -g... yes checking how to run the C preprocessor... cpp checking for ANSI C header files... yes checking for fcntl.h... yes checking for working const... yes checking for size_t... yes checking size of int... 4 checking size of long... 4 checking whether byte ordering is bigendian... no updating cache ./config.cache creating ./config.status creating Makefile creating config.h ===> Building for aescrypt-0.7_1 cc -c -O2 -pipe -fno-strict-aliasing aescmdline.c cc -c -O2 -pipe -fno-strict-aliasing bin2hex.c cc -c -O2 -pipe -fno-strict-aliasing dorandom.c cc -c -Wall -W -O2 -DSTRICT_ALIGN=0 rijndael.c rijndael.c: In function 'blockEncrypt': rijndael.c:625: warning: suggest parentheses around arithmetic in operand of | rijndael.c: In function 'blockDecrypt': rijndael.c:645: warning: suggest parentheses around && within || rijndael.c:732: warning: suggest parentheses around arithmetic in operand of | cc -c -O2 -pipe -fno-strict-aliasing aescrypt.c cc -c -O2 -pipe -fno-strict-aliasing dstring.c cc -O2 -pipe -fno-strict-aliasing -o aescrypt aescrypt.o dorandom.o aescmdline.o bin2hex.o rijndael.o dstring.o cc -c -O2 -pipe -fno-strict-aliasing aesget.c cc -O2 -pipe -fno-strict-aliasing -o aesget aesget.o aescmdline.o bin2hex.o rijndael.o dstring.o cc -O2 -pipe -fno-strict-aliasing -o tobin bin2hex.o dstring.o tobin.c gzip -c -9 aescrypt.1 > aescrypt.1.gz || rm -f aescrypt.1.gz gzip -c -9 aesget.1 > aesget.1.gz || rm -f aesget.1.gz freebsd# make install ===> Installing for aescrypt-0.7_1 ===> Generating temporary packing list ===> Checking if security/aescrypt already installed install -c -s -o root -g wheel -m 555 aescrypt aesget /usr/local/bin/ install -c -o root -g wheel -m 444 aescrypt.1.gz aesget.1.gz /usr/local/man/man1/ /bin/mkdir -p /usr/local/share/doc/aescrypt install -o root -g wheel -m 444 /usr/ports/security/aescrypt/work/aescrypt-0.7/README.html /usr/local/share/doc/aescrypt ===> Registering installation for aescrypt-0.7_1 freebsd#
使い方
- SYNOPSIS
- aescrypt -k keyfile [-s keysize]
とは言え、まず秘密鍵を用意しなければならない。秘密鍵のジェネレータは付属していないので、他に用意する。
リンク
- サーバ&ネットワーク運用メモのトップヘ
- メインページへ
