*** DAES 0.41
*** (C)opyleft 2009 by Dettus
*** dettus@dettus.net

known bugs:
I JUST STARTED CODING IT!! SO BEWARE!

todo:
- write a better readme
- make it safer to use
- make input and key readable through stdin
- speed it up
- implement AES-192 and AES-256


what:
this program is called daes, and its goal is to have a little program which
is as handy and usable as gzip or bzip2 to encrypt your files. like you pack
your sources with
  % tar cvf sources.tar src/
  % bzip2 sources.tar
and unpack them with
  % bzip2 -d sources.tar.bz2
  % tar xvf sources.tar
you should be able to cipher them with
  % tar cvf sources.tar src/
  % bzip2 sources.tar
  % daes -k keyfile.key sources.tar.bz2
and unpack them with
  % daes -k keyfile.key sources.tar.bz2.aes
  % bzip2 -d sources.tar.bz2
  % tar xvf sources.tar



usage:
first daes needs a keyfile. use any file you want or create it like this:
  % dd if=/dev/urandom of=keyfile.key count=16 bs=1
it should be 16 bytes or more in size. keep this file warm and save! then use
it to cipher your inputfile:
  % daes -k keyfile.key inputfile
which gives you a file called inputfile.aes which you can decipher later
  % daes -d -k keyfile.key inputfile.aes
using the same keyfile.

you can also use commandline parameters to create a key by yourself:
  % daes -K 0 -1 2 66678 inputfile
or
  % daes -d -K 0 -1 2 66678 inputfile.aes
respectively. you have to provide 4 numbers from -2^31 to 2^31.


If you do not want to make up one on your own, use
  % daes -R inputfile
this will tell you a key, WRITE IT DOWN!!!


no guarantee for loosing your data, though! 
use 
  % daes -gpl 
to view the license.

fileformat:
the .aes format looks like this:

DAES040A%xxxxxxxxxxxxxxxxxxxxxxxxn

it starts with the word "DAES", "040" is the version of the fileformat, "A" 
means that the file was ciphered using the AES-128 algorithm. the header ends
with the %, the xxxxx is the ciphered text. if the last block of the sourcefile
was smaller than 16 bytes, the last byte tells how big it was.



DAES041A%xxxxxxxxxxxxxxxxxxxxxxxxn

it starts with the word "DAES", "041" is the version of the fileformat, "A" 
means that the file was ciphered using the AES-128 algorithm. the header ends
with the %, the xxxxx is the ciphered text. if the last block of the sourcefile
was smaller than 16 bytes, the last byte tells how big it was.


DAES041a%ssssxxxxxxxxxxxxxxxxxxxxn

it starts with the word "DAES", "041" is the version of the fileformat, "a" 
means that the file was ciphered using the AES-128 algorithm and is salted. 
the header ends with the %, the ssss is the salt (little endian), the xxxxx 
is the ciphered text. if the last block of the sourcefile was smaller than 
16 bytes, the last byte tells how big it was.





internals:
i don't know how important this is, but i iterate the key with every 16 bytes, 
instead of using the same one over and over again. see fips-197 for more 
information.

installation:
run
  % make
  % cp daes /usr/local/bin
as root.
