Blowfish Cipher Tutorials - Herong's Tutorial Examples - v2.03, by Herong Yang
OpenSSL "enc" Blowfish Ciphers
A tutorial example is provided to show how to use OpenSSL 'enc' command to invoke cipher functions for Blowfish algorithm. 4 Blowfish cipher functions are supported: bf-cbc, bf-cfb, bf-ecb, and bf-ofb.
One nice feature about OpenSSL is that it offers a single standard command called "enc" to invoke any symmetric cipher routines supported in the OpenSSL library.
If you want to know how to use the "enc" command, you can try the following command:
C:\herong>\local\gnuwin32\bin\openssl enc -help unknown option '-help' options are -in <file> input file -out <file> output file -pass <arg> pass phrase source -eencrypt -d decrypt -a/-base64 base64 encode/decode, depending on encryption flag -k passphrase is the next argument -kfile passphrase is the first line of the file argument -md the next argument is the md to use to create a key from a passphrase. One of md2, md5, sha or sha1 -K/-iv key/iv in hex is the next argument -[pP] print the iv/key (then exit if -P) -bufsize <n> buffer size -engine e use engine e, possibly a hardware device. Cipher Types -aes-128-cbc -aes-128-cfb -aes-128-cfb1 -aes-128-cfb8 -aes-128-ecb -aes-128-ofb -aes-192-cbc -aes-192-cfb -aes-192-cfb1 -aes-192-cfb8 -aes-192-ecb -aes-192-ofb -aes-256-cbc -aes-256-cfb -aes-256-cfb1 -aes-256-cfb8 -aes-256-ecb -aes-256-ofb -aes128 -aes192 -aes256 -bf -bf-cbc -bf-cfb -bf-ecb -bf-ofb -blowfish -cast -cast-cbc -cast5-cbc -cast5-cfb -cast5-ecb -cast5-ofb -des -des-cbc -des-cfb -des-cfb1 -des-cfb8 -des-ecb -des-ede -des-ede-cbc -des-ede-cfb -des-ede-ofb -des-ede3 -des-ede3-cbc -des-ede3-cfb -des-ede3-ofb -des-ofb -des3 -desx -desx-cbc -idea -idea-cbc -idea-cfb -idea-ecb -idea-ofb -rc2 -rc2-40-cbc -rc2-64-cbc -rc2-cbc -rc2-cfb -rc2-ecb -rc2-ofb -rc4 -rc4-40
As you can see from the "enc" help text, OpenSSL supports 4 cipher variations of Blowfish algorithm with 6 aliases:
One thing is not very clear in the help text is how to specify the cipher type with "enc" command. OpenSSL actually support two syntaxes:
For example, the following command will run the "enc" command with "bf-cbc" (Blowfish in CBC mode) cipher. It will prompt you for the password, take plaintext from the keyboard and display ciphertext on the screen>
\local\gnuwin32\bin\openssl bf-cbc
Table of Contents
►OpenSSL "enc -bf-ecb" for Blowfish/ECB Encryption
Installing OpenSSL for Windows
►OpenSSL "enc" Blowfish Ciphers
Ways to Control Secret Key and IV
"bf-ecb" Cipher with Literal Key
"bf-ecb" Cipher on Multiple Blocks
Secret Key Padding and Truncation
"bf-ecb" Cipher with Salted Key
Salted Key Generation Algorithm
"bf-ecb" Cipher with Random Salt
OpenSSL Default Padding - PKCS#5
OpenSSL "enc -bf-cbc" for Blowfish/CBC Encryption
OpenSSL "enc -bf-cfb" for Blowfish/CFB Encryption
OpenSSL "enc -bf-ofb" for Blowfish/OFB Encryption