AESCrypt 0.7 review

Download
by rbytes.net on

AESCrypt is a program for encrypting/decrypting streams of data using Rijndael and Cipher Block Feedback mode (CFB-128). Encrypt/d

License: BSD License
File size: 60K
Developer: Eric Lee Green
0 stars award from rbytes.net

AESCrypt is a program for encrypting/decrypting streams of data using Rijndael and Cipher Block Feedback mode (CFB-128).

Encrypt/decrypt stdin using the Advanced Encryption Standard winner "Rijndael" encryption algorithm in Cipher Block Feedback (stream) mode. Uses /dev/urandom to create a salt. Prepends the output stream with salt when encrypting, strips it off when decrypting.

Keyfile format:

kk=hexdits

where hexdits is:

32 chars for 128 bit
48 chars for 196 bits.
64 chars for 256 bits

Note that there may be other text in the file. The key must be at start of a line, and must start with 'kk=', and must be hex.

If the key file is "-", it instead reads the hex-coded key bytes off stdin and treats them as a null-terminated hex key. Care must be taken when reading the key from stdin, as you must supply exactly 33 bytes for 128 bit keys, 49 bytes for 192 bit keys, and 65 bytes for 256 bit keys. The stdin functionality is useful in those cases where having the unencrypted key in a file is undesirable, but it is less forgiving in terms of key format.

Limitations:
1. The keyfile is *NOT* encrypted.
2. Now supports 192 and 256 bit keys! 128 bits is the default, so it is backward compatible with aescrypt versions not endowed with the -s option.
3. Need a key generator! ( This should be a simple shell script -- use dd to grab some data, then md5sum to create a hex mix of that data, then 'awk' to grab the hex part of the output of md5sum ).
4. Relies upon having /dev/urandom. See the Ocotillo PRNG if you don't have a /dev/urandom.
5. This program was deliberately kept extremely simple. It is not intended to be a full encryption solution, it is intended to be used within scripts as part of a complete solution. Keychain management, public key signatures, etc. are all expected to be done external to this program.

AESCrypt 0.7 keywords