OpenSSL salted format

OpenSSL salted format is our name for the file format OpenSSL usually uses when writing password-protected encrypted files.

Format
Files have an 8-byte signature, followed by an 8-byte salt. Following the salt is the encrypted data.

The salt and password are to be combined in a particular way, to derive the encryption key and initialization vector.

No information about which encryption cipher was used is stored in the file. In order to decrypt the file, the cipher must be known by external means, or guessed. (Obviously, the same goes for the password.)

Identification
Files begin with an 8-byte signature: the ASCII characters " ".

Example
To encrypt a file: $ openssl aes-128-cbc -in secret.txt -out secret.txt.enc

To decrypt: $ openssl aes-128-cbc -d -in secret.txt.enc -out secret2.txt

Software

 * OpenSSL