> From: owner-openssl-us...@openssl.org On Behalf Of Abdulhadi Abulzahab > Sent: Saturday, 05 November, 2011 12:32
> 1 - I want to use the " sha1" command but I need the result to go > into txt file not only to appear on the screen > otherwise I need to print the result of encryption into text file To put the output of the 'sha1' utility (actually 'dgst -sha1') in a file INSTEAD of the screen (or other interactive stdout), use the -out option on any operating system; or standard OS redirection on OSes that have it, which Windows does, on a commandline command. If you want it BOTH places, run the utility twice if the input is repeatable, and not so huge (or frequent) as to be a performance problem; and a hash of nonrepeatable input is valueless anyway. Or use a program that receives one copy from openssl and writes two copies (or even more). On Unix the 'tee' program does this; Windows ports can be found. Also, the result of sha1 is a hash value, not an encrypted one. Encryption can be reversed (back to plaintext) IF you have the key, but not without. A (crypto) hash, or digest, cannot be reversed by anyone. > 2 - I want to create a simple batch file contains the sha1 command > I typed in the cmd : > copy con test.bat > cd c:\openssl\bin > openssl.exe > des -nosalt -in text.txt -out testenc.txt > ctrl+z > but when I execute the batch file it runs the openssl and stop <snip> Actually it hangs, waiting for input. 1: That's not a sha1 command, it's a des command. But the answer is the same for both (and others too). 2: A program run from a Windows batch file does NOT get input from that batch file. In contrast, a program run from a Unix shell script (including some Unix shell ports to Windows) *can* get input from that script using the "here-document" syntax <<terminator . (Actually you *can* do this interactively also, but interactively it's almost always easier to just use terminal-EOF.) 2a: To get input to a program run from a Windows batch file, you can: - pipe it, which is easier for a simple constant like this: echo sha1 -in file | \path\to\openssl - put it in a file and redirect from that: echo sha1 -in file >tempfile \path\to\openssl <tempfile but in both cases if the program reads further from stdin, as the sha1 (or des) utility will do if you don't use -in, you need to have both the utility line and its data in one pipe or file, which is usually harder to get right. 2b: But for openssl in particular, you don't need to feed the utility command as input, you can put it on the commandline: \path\to\openssl sha1 -in file 2c: Single-DES has been brute-forceable for almost a decade; don't use it for any data that actually matters, unless for compatibility with seriously obsolete things. des3 (aka des-ede) or aes (128, 192, 256 all are fine) are common and good. Others are a more advanced topic. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org