116 lines
3.4 KiB
Groff
116 lines
3.4 KiB
Groff
.\" Copyright 2009 Colin Percival
|
|
.\" All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.Dd May 24, 2009
|
|
.Dt SCRYPT 1
|
|
.Os
|
|
.Sh NAME
|
|
.Nm scrypt
|
|
.Nd encrypt and decrypt files.
|
|
.Sh SYNOPSIS
|
|
.Nm
|
|
.Brq Cm enc | Cm dec
|
|
.Op Fl M Ar maxmem
|
|
.Op Fl m Ar maxmemfrac
|
|
.Op Fl t Ar maxtime
|
|
.Ar infile
|
|
.Op Ar outfile
|
|
.Sh DESCRIPTION
|
|
.Nm Cm enc
|
|
encrypts
|
|
.Ar infile
|
|
and writes the result to
|
|
.Ar outfile
|
|
if specified, or the standard output otherwise.
|
|
The user will be prompted to enter a passphrase (twice) to
|
|
be used to generate a derived encryption key.
|
|
.Pp
|
|
.Nm Cm dec
|
|
decrypts
|
|
.Ar infile
|
|
and writes the result to
|
|
.Ar outfile
|
|
if specified, or the standard output otherwise.
|
|
The user will be prompted to enter the passphrase used at
|
|
encryption time to generate the derived encryption key.
|
|
.Sh OPTIONS
|
|
.Bl -tag -width "-m maxmemfrac"
|
|
.It Fl M Ar maxmem
|
|
Use at most
|
|
.Ar maxmem
|
|
bytes of RAM to compute the derived encryption key.
|
|
.It Fl m Ar maxmemfrac
|
|
Use at most the fraction
|
|
.Ar maxmemfrac
|
|
of the available RAM to compute the derived encryption key.
|
|
.It Fl t Ar maxtime
|
|
Use at most
|
|
.Ar maxtime
|
|
seconds of CPU time to compute the derived encryption key.
|
|
.El
|
|
.Pp
|
|
In
|
|
.Nm Cm enc ,
|
|
the memory and CPU time limits are enforced by picking
|
|
appropriate parameters to the
|
|
.Nm
|
|
key derivation function.
|
|
In
|
|
.Nm Cm dec ,
|
|
the memory and CPU time limits are enforced by exiting with
|
|
an error if decrypting the file would require too much memory
|
|
or CPU time.
|
|
.Sh EXIT STATUS
|
|
The
|
|
.Nm
|
|
utility exits 0 on success, and >0 if an error occurs.
|
|
.Pp
|
|
Note that if the input encrypted file is corrupted,
|
|
.Nm Cm dec
|
|
may produce output prior to determining that the input
|
|
was corrupt and exiting with a non-zero status; so
|
|
users should direct the output to a safe location and
|
|
check the exit status of
|
|
.Nm
|
|
before using the decrypted data.
|
|
.Sh SEE ALSO
|
|
.Rs
|
|
.%A "Colin Percival"
|
|
.%T "Stronger Key Derivation via Sequential Memory-Hard Functions"
|
|
.%O "Presented at BSDCan'09"
|
|
.%D "May 2009"
|
|
.Re
|
|
.Sh HISTORY
|
|
The
|
|
.Nm
|
|
utility was written in May 2009 by Colin Percival as a
|
|
demonstration of the
|
|
.Nm
|
|
key derivation function.
|
|
The
|
|
.Nm
|
|
key derivation function was invented in March 2009 by Colin
|
|
Percival in order to allow key files from the
|
|
.Nm tarsnap
|
|
backup system to be passphrase protected.
|