ホーム エクスプローラ ヘルプ
サインイン
sl1nk
/
scrypt
同期ミラー https://github.com/Tarsnap/scrypt.git
Watch 1
Star 0
Fork 0
ファイル 課題 0 Wiki
ブランチ: libscrypt-binary
ブランチ タグ
scrypt
/
scrypt.1

scrypt.1 4.1 KB
パーマリンク 履歴 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147 
  1. .\" Copyright 2009 Colin Percival
    2. 

  2. .\" All rights reserved.
    3. 

  3. .\"
    4. 

  4. .\" Redistribution and use in source and binary forms, with or without
    5. 

  5. .\" modification, are permitted provided that the following conditions
    6. 

  6. .\" are met:
    7. 

  7. .\" 1. Redistributions of source code must retain the above copyright
    8. 

  8. .\"    notice, this list of conditions and the following disclaimer.
    9. 

  9. .\" 2. Redistributions in binary form must reproduce the above copyright
    10. 

  10. .\"    notice, this list of conditions and the following disclaimer in the
    11. 

  11. .\"    documentation and/or other materials provided with the distribution.
    12. 

  12. .\"
    13. 

  13. .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
    14. 

  14. .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
    15. 

  15. .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
    16. 

  16. .\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
    17. 

  17. .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
    18. 

  18. .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
    19. 

  19. .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    20. 

  20. .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
    21. 

  21. .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
    22. 

  22. .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
    23. 

  23. .\" SUCH DAMAGE.
    24. 

  24. .Dd @DATE@
    25. 

  25. .Dt SCRYPT 1
    26. 

  26. .Os
    27. 

  27. .Sh NAME
    28. 

  28. .Nm scrypt
    29. 

  29. .Nd encrypt and decrypt files.
    30. 

  30. .Sh SYNOPSIS
    31. 

  31. .Nm
    32. 

  32. .Brq Cm enc | Cm dec | Cm info
    33. 

  33. .Op Fl f
    34. 

  34. .Op Fl M Ar maxmem
    35. 

  35. .Op Fl m Ar maxmemfrac
    36. 

  36. .Op Fl t Ar maxtime
    37. 

  37. .Op Fl P
    38. 

  38. .Ar infile
    39. 

  39. .Op Ar outfile
    40. 

  40. .Nm
    41. 

  41. .Fl -version
    42. 

  42. .Sh DESCRIPTION
    43. 

  43. .Nm Cm enc
    44. 

  44. encrypts
    45. 

  45. .Ar infile
    46. 

  46. and writes the result to
    47. 

  47. .Ar outfile
    48. 

  48. if specified, or the standard output otherwise.
    49. 

  49. The user will be prompted to enter a passphrase (twice) to
    50. 

  50. be used to generate a derived encryption key.
    51. 

  51. .Pp
    52. 

  52. .Nm Cm dec
    53. 

  53. decrypts
    54. 

  54. .Ar infile
    55. 

  55. and writes the result to
    56. 

  56. .Ar outfile
    57. 

  57. if specified, or the standard output otherwise.
    58. 

  58. The user will be prompted to enter the passphrase used at
    59. 

  59. encryption time to generate the derived encryption key.
    60. 

  60. .Pp
    61. 

  61. .Nm Cm info
    62. 

  62. provides information about the encryption parameters used for
    63. 

  63. .Ar infile .
    64. 

  64. .Pp
    65. 

  65. If
    66. 

  66. .Fl P
    67. 

  67. is not given,
    68. 

  68. .Nm
    69. 

  69. reads passphrases from its controlling terminal, or failing that,
    70. 

  70. from stdin.  Prompts are only printed when
    71. 

  71. .Nm
    72. 

  72. is reading passphrases from some terminal.  If
    73. 

  73. .Fl P
    74. 

  74. is given, then
    75. 

  75. .Nm
    76. 

  76. does not print any prompts, and reads a passphrase from stdin.
    77. 

  77. .Sh OPTIONS
    78. 

  78. .Bl -tag -width "-m maxmemfrac"
    79. 

  79. .It Fl f
    80. 

  80. Force the decryption to proceed even if it is anticipated to
    81. 

  81. require an excessive amount of memory or CPU time.
    82. 

  82. .It Fl M Ar maxmem
    83. 

  83. Use at most
    84. 

  84. .Ar maxmem
    85. 

  85. bytes of RAM to compute the derived encryption key.
    86. 

  86. .It Fl m Ar maxmemfrac
    87. 

  87. Use at most the fraction
    88. 

  88. .Ar maxmemfrac
    89. 

  89. of the available RAM to compute the derived encryption key.
    90. 

  90. .It Fl t Ar maxtime
    91. 

  91. Use at most
    92. 

  92. .Ar maxtime
    93. 

  93. seconds of CPU time to compute the derived encryption key.
    94. 

  94. .It Fl P
    95. 

  95. Always read passphrase from stdin, and do so only once even
    96. 

  96. when encrypting.  This cannot be used if
    97. 

  97. .Ar infile
    98. 

  98. is also stdin (aka '-').
    99. 

  99. .It Fl -version
    100. 

  100. Print version of scrypt, and exit.
    101. 

  101. .El
    102. 

  102. .Pp
    103. 

  103. In
    104. 

  104. .Nm Cm enc ,
    105. 

  105. the memory and CPU time limits are enforced by picking
    106. 

  106. appropriate parameters to the
    107. 

  107. .Nm
    108. 

  108. key derivation function.
    109. 

  109. In
    110. 

  110. .Nm Cm dec ,
    111. 

  111. the memory and CPU time limits are enforced by exiting with
    112. 

  112. an error if decrypting the file would require too much memory
    113. 

  113. or CPU time.
    114. 

  114. .Sh EXIT STATUS
    115. 

  115. The
    116. 

  116. .Nm
    117. 

  117. utility exits 0 on success, and >0 if an error occurs.
    118. 

  118. .Pp
    119. 

  119. Note that if the input encrypted file is corrupted,
    120. 

  120. .Nm Cm dec
    121. 

  121. may produce output prior to determining that the input
    122. 

  122. was corrupt and exiting with a non-zero status; so
    123. 

  123. users should direct the output to a safe location and
    124. 

  124. check the exit status of
    125. 

  125. .Nm
    126. 

  126. before using the decrypted data.
    127. 

  127. .Sh SEE ALSO
    128. 

  128. .Rs
    129. 

  129. .%A "Colin Percival"
    130. 

  130. .%T "Stronger Key Derivation via Sequential Memory-Hard Functions"
    131. 

  131. .%O "Presented at BSDCan'09"
    132. 

  132. .%D "May 2009"
    133. 

  133. .Re
    134. 

  134. .Sh HISTORY
    135. 

  135. The
    136. 

  136. .Nm
    137. 

  137. utility was written in May 2009 by Colin Percival as a
    138. 

  138. demonstration of the
    139. 

  139. .Nm
    140. 

  140. key derivation function.
    141. 

  141. The
    142. 

  142. .Nm
    143. 

  143. key derivation function was invented in March 2009 by Colin
    144. 

  144. Percival in order to allow key files from the
    145. 

  145. .Nm tarsnap
    146. 

  146. backup system to be passphrase protected.
    147. 

  147.