How to Encrypt and Decrypt a File
AES key encryption is secure enough for keeping the data safe. In my opinion if the master key M is compromised, it can lead to decrypting all the key X. If you use a public key encryption to encrypt key X, only a partial of the data would be compromised. Oct 10, 2019 Dismiss Join GitHub today. GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.
When you encrypt a file, the original file is not removed or changed.The output file is encrypted.
For solutions to common errors from the encrypt command,see the section that follows the examples.
Create a symmetric key of the appropriatelength.
You have two options. Youcan provide a passphrase from whicha key will be generated. Or you can provide a key.
If you provide a passphrase, you must store or remember thepassphrase. If you store the passphrase online, the passphrase file shouldbe readable only by you.
If you provide a key, it must be the correct size for themechanism. For the procedure, see How to Generate a Symmetric Key by Using the dd Command.
Encrypta file.
Provide a key and use a symmetric key algorithm with the encrypt command.
- -aalgorithm
Is the algorithm to use to encrypt the file. Type the algorithmas the algorithm appears in the output of the encrypt -l command.
- -kkeyfile
Is the file that contains a key of algorithm-specified length. The key length for each algorithm is listed, in bits, in the output of the encrypt -l command.
- -iinput-file
Is the input file that you want to encrypt. This file is leftunchanged by the command.
- -ooutput-file
Is the output file that is the encrypted form of the inputfile.
In the following example, a file is encrypted with the AES algorithm.The key is generated from the passphrase. If the passphrase is stored in afile, the file should not be readable by anyone but the user.
The input file, ticket.to.ride, still exists inits original form.
To decrypt theoutput file, the user uses the same passphrase and encryption mechanism thatencrypted the file.
In the following example, a file is encrypted with the AES algorithm.AES mechanisms use a key of 128 bits, or 16 bytes.
The input file, ticket.to.ride, still exists inits original form.
To decrypt the output file, the user uses the same key and encryptionmechanism that encrypted the file.
In the following example, a file is encrypted with the ARCFOUR algorithm.The ARCFOUR algorithm accepts a key of 8 bits (1 byte), 64 bits (8 bytes),or 128 bits (16 bytes).
To decrypt the output file, the user uses the same key and encryptionmechanism that encrypted the file.
In the following example, a file is encrypted with the 3DES algorithm.The 3DES algorithm requires a key of 192 bits, or 24 bytes.
To decrypt the output file, the user uses the same key and encryptionmechanism that encrypted the file.
Key Generation Failed L Encrypt_aes Informix 12 10
The following messages indicate that the key that you providedto the encrypt command is not permitted by the algorithmthat you are using.
encrypt: unable to create key for crypto operation:CKR_ATTRIBUTE_VALUE_INVALID
encrypt: failed to initialize crypto operation: CKR_KEY_SIZE_RANGE
If you pass a key that does not meet the requirements of the algorithm,you must supply a better key.
Key Generation Failed L Encrypt_aes Informix 12 10
The following messages indicate that the key that you providedto the encrypt command is not permitted by the algorithmthat you are using.
encrypt: unable to create key for crypto operation:CKR_ATTRIBUTE_VALUE_INVALID
encrypt: failed to initialize crypto operation: CKR_KEY_SIZE_RANGE
If you pass a key that does not meet the requirements of the algorithm,you must supply a better key.
Key Generation Failed L Encrypt_aes Informix 12 10
One option is to use a passphrase. The framework then providesa key that meets the requirements.
The second option is to pass a key size that the algorithmaccepts. For example, the DES algorithm requires a key of 64 bits. The 3DESalgorithm requires a key of 192 bits.