--- /dev/null
+.\" Copyright 2009 Colin Percival
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.Dd May 24, 2009
+.Dt SCRYPT 1
+.Os
+.Sh NAME
+.Nm scrypt
+.Nd encrypt and decrypt files.
+.Sh SYNOPSIS
+.Nm
+.Brq Cm enc | Cm dec
+.Op Fl M Ar maxmem
+.Op Fl m Ar maxmemfrac
+.Op Fl t Ar maxtime
+.Ar infile
+.Op Ar outfile
+.Sh DESCRIPTION
+.Nm Cm enc
+encrypts
+.Ar infile
+and writes the result to
+.Ar outfile
+if specified, or the standard output otherwise.
+The user will be prompted to enter a passphrase (twice) to
+be used to generate a derived encryption key.
+.Pp
+.Nm Cm dec
+decrypts
+.Ar infile
+and writes the result to
+.Ar outfile
+if specified, or the standard output otherwise.
+The user will be prompted to enter the passphrase used at
+encryption time to generate the derived encryption key.
+.Sh OPTIONS
+.Bl -tag -width "-m maxmemfrac"
+.It Fl M Ar maxmem
+Use at most
+.Ar maxmem
+bytes of RAM to compute the derived encryption key.
+.It Fl m Ar maxmemfrac
+Use at most the fraction
+.Ar maxmemfrac
+of the available RAM to compute the derived encryption key.
+.It Fl t Ar maxtime
+Usr at most
+.Ar maxtime
+seconds of CPU time to compute the derived encryption key.
+.El
+In
+.Nm Cm enc ,
+the memory and CPU time limits are enforced by picking
+appropriate parameters to the
+.Nm
+key derivation function.
+In
+.Nm Cm dec ,
+the memory and CPU time limits are enforced by exiting with
+an error if decrypting the file would require too much memory
+or CPU time.
+.Sh EXIT STATUS
+The
+.Nm
+utility exits 0 on success, and >0 if an error occurs.
+.Pp
+Note that if the input encrypted file is corrupted,
+.Nm Cm dec
+may produce output prior to determining that the input
+was corrupt and exiting with a non-zero status; so
+users should direct the output to a safe location and
+check the exit status of
+.Nm
+before using the decrypted data.
+.Sh SEE ALSO
+.Rs
+.%A "Colin Percival"
+.%T "Stronger Key Derivation via Sequential Memory-Hard Functions"
+.%O "Presented at BSDCan'09"
+.%D "May 2009"
+.Re
+.Sh HISTORY
+The
+.Nm
+utility was written in May 2009 by Colin Percival as a
+demonstration of the
+.Nm
+key derivation function.
+The
+.Nm
+key derivation function was invented in March 2009 by Colin
+Percival in order to allow key files from the
+.Nm tarsnap
+backup system to be passphrase protected.
projects / blerg.git / blobdiff