The Wizard's Toolkit Encipher Command-line Utility
The encipher command-line utility converts plaintext to ciphertext.
We list a few examples of the encipher command here to illustrate its usefulness and ease of use. To get started, lets encrypt a text file:
encipher -verbose README.txt README.cip
The attributes are displayed and looks like this:
Filename: README.cip Cipher: type: AES mode: CTR nonce: 85b5546f57c760620000000000000000 Authenticate: method: Secret Key: hash: SHA256 length: 512 session: b69f10215a7b65043faa45443017a8fccacecdd04073d1b9895bdd3a5eb8ace1 Entropy Generator: type: BZip level: 6 Keyed-Hashed Message Authentication Code: hash: SHA256 Random Generator: hash: SHA256 Chunksize: 8kb Dates: modify: 2009-01-19T20:41:19-05:00 create: 2009-01-23T15:10:47-05:00 timestamp: 2009-01-23T15:13:44-05:00 Protocol: 1.0 Version: WizardsToolkit 1.0.6 01/23/08 http://www.wizards-toolkit.org
Here Bob enciphers a message destinated for Alice. To restore the message content, Alice must know the secret key and also have a copy of Bob's private keyring:
encipher -keyring ./keyring.xdm message.txt secret-message.cip
To ensure your ciphertext is not easily revealed, the encipher program takes these precautions:
If your command line does not include the -passphrase filename option, the passphrase is interactively requested and has a maximum length of 4096 characters and symbols. The phrase can be virtually unlimited if obtained from a file. Try to make your passphrases long and unpredictable.
Your secret key is stored in a private keyring. If you lose your keyring, it is impossible to restore your original message content.
If the encipher program appears to halt it may be waiting for your system to generate entropy. Move your mouse or press keystrokes in another window. Once enough entropy is generated, the encipher program will complete.
If simple mistakes are made, an exception message is displayed. For example if you use '-cpher' instead of '-cipher', cipher complains. However, if anything goes wrong inside the cipher engine, the program exits with a simple status code. This precaution is to prevent information leaks about the encipher process.
The encipher command recognizes these options. Click on an option to get more details about how that option works.
|-authenticate method||authenticate with this method: Secret or Public|
|-chunksize bytes||number of bytes in a chunk|
|-cipher type||cipher to encrypt content|
|-debug events||display copious debugging information|
|-(de)compress||automagically (de)compress BZIP and ZIP files|
|-entropy type||increase content entropy|
|-help||print program options|
|-hmac hash||ensure message integrity with this hash|
|-key hash||strengthen the key with this hash|
|-key-length value||cipher key length in bits: 256, 512, 1024, or 2048|
|-keyring filename||get private key from this keyring|
|-level value||entropy level: 1 (less entropy) to 9 (more entropy)|
|-list type||print a list of supported option arguments|
|-log format||format of debugging information|
|-mode type||mode of encryption|
|-passphrase filename||get the passphrase from this file|
|-properties filename||cipher properties to/from this file|
|-random hash||strengthen random data with this hash|
|-true-random||strengthen enciphering with true random numbers|
|-verbose||print detailed information about the secure content|
|-version||print version information|