什么是标准的加密文件格式? [英] What are the standard encryption file formats?
问题描述
我对加密文件格式感到困惑。
假设我要使用AES-256加密文件。我通过加密算法运行文件,我现在有一个加密字节流。
我显然可以将这个字节流写入一个文件,但任何第三方加密应用程序不会理解它,因为它不会只是加密字节的原始流。
将什么文件格式写入,以便其他加密工具可以理解我认为的(我认为)的是:
PKCS#7
ASN.1
DER
PEM
PKCS#8
但我不知道他们是如何相互关联的。
显然,AESCrypt实用程序也有一种格式,似乎是它自己的专有格式:
http://www.aescrypt.com/aes_file_format.html
这个东西上有没有任何一个作弊书?我一直在搜索,找到了一些零碎的东西,但是从来没有像我完整的图片那样感觉到。
PKCS#8是不是加密文件格式,它是私钥的格式。
ASN.1和DER是将结构化消息转换为二进制的规则。它们本身并不是文件格式,尽管它们用于定义和描述文件格式。
PKCS#7与PEM密切相关,它们都是公钥加密文件的格式。它们是基于base-64封装的DER编码的ASN.1消息定义的。它们是安全互联网邮件的S / MIME格式的基础。 (请参阅 RFC3851 )
在与S / MIME并行是OpenPGP文件格式,也主要用于公钥加密文件。 (见 RFC4880 )
在S / MIME和OpenPGP格式都有一个包含对称密钥加密数据的块。可以创建仅包含此块的有效的S / MIME或OpenPGP文件。这样,S / MIME(a.k.a. PKCS#7)和OpenPGP格式也可用于对称密钥加密。
I'm a bit confused on encryption file formats.
Let's say I want to encrypt a file with AES-256. I run the file through the encryption algorithm and I now have a stream of encrypted bytes.
I obviously can write that stream of bytes to a file, but any third-party encryption application is not going to understand it since it's not expecting just a raw stream of encrypted bytes.
Into what file formats can I write that so that other encryption tools can understand it?
The ones I know of (I think) are:
PKCS#7
ASN.1
DER
PEM
PKCS#8
but I'm not sure how they all relate to each other.
Apparently the AESCrypt utility also has a format, which appears to be its own proprietary format: http://www.aescrypt.com/aes_file_format.html
Is there a cheatsheet anywhere on this stuff? I've been googling and found bits and pieces, but never felt like I had the complete picture.
PKCS#8 is not an encrypted-file format, it's a format for private keys.
ASN.1 and DER are rules for translating a structured message into binary. They are not, in and of themselves, a file format, although they're used to define and describe file formats.
PKCS#7 is closely related to PEM, and they're both formats for public-key encrypted files. They are defined in terms of base-64 encapsulated DER encoded ASN.1 messages. They are the basis of the S/MIME format for secure internet mail. (see RFC3851)
In parallel with S/MIME is the OpenPGP file format, also mainly designed for public-key encrypted files. (See RFC4880)
In both S/MIME and OpenPGP formats, there is a block which contains symmetric-key encrypted data. It is possible to create valid S/MIME or OpenPGP files containing only this block. In this way, the S/MIME (a.k.a. PKCS#7) and OpenPGP formats can be used for symmetric-key encryption also.
这篇关于什么是标准的加密文件格式?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
