KB - Smartcrypt commonly used options with examples

Basics

Create a basic encrypted ZIP file

pkzipc -add -passphrase="opensesame" MyFirstZipFile.zip *.doc

Extract from a ZIP file

pkzipc -extract -passphrase="opensesame" MyFirstZIPFile.zip 

Getting help

pkzipc -help
pkzipc -help=passphrase


Archivetype

Explicitly specifies the type of archive to be acted on by the command. Smartcrypt works with ZIP archives by default or infers the archive type from the archive name. Use the archivetype option if Smartcrypt would assume or infer the wrong type.

Most commonly used to create PGP archives.

Values: bzip2, zip, gzip, pgp, tar, uue, xxe

pkzipc -add -archivetype=pgp myfile.foo

Altconfig

Specifies the name of an alternate configuration to use.  This is useful for when you would like to set certain settings and then be able to recall them.

To create an altconfig file called crypt.xml

pkzipc -config -altconfig=crypt.xml -sign=all -crypalgorithm=aes,256

Example on how to call an existing config file

pkzipc -add -altconfig=crypt.xml save.zip *.doc

Archiveeach

Tells Smartcrypt to take each file specified and create its own zip file. In this example every file in this directory will be zipped

pkzipc -add -archiveeach *
Smartcrypt(TM) Version 15 for Windows
Portions copyright (C) 1989-2016 PKWARE, Inc.  All Rights Reserved.
Reg. U.S. Pat. and Tm. Off.  Patent No. 5,051,745  7,793,099  7,844,579
7,890,465  7,895,434;  Other patents pending
* Using UTF-8 file names and comments
* Using default compression method
Creating .ZIP: C:\Users\mike_he\Desktop\wip\sandbox\Contracts.txt.zip
  Adding File: Contracts.txt Deflating    (13.7%), done.
Creating .ZIP: C:\Users\mike_he\Desktop\wip\sandbox\EULA.txt.zip
  Adding File: EULA.txt     Deflating    (13.7%), done.
Creating .ZIP: C:\Users\mike_he\Desktop\wip\sandbox\License Agreement.txt.zip
  Adding File: License Agreement.txt Deflating    (13.7%), done.
Creating .ZIP: C:\Users\mike_he\Desktop\wip\sandbox\Passwords.txt.zip
  Adding File: Passwords.txt Deflating    (13.7%), done.
Creating .ZIP: C:\Users\mike_he\Desktop\wip\sandbox\Test File 1.txt.zip
  Adding File: Test File 1.txt Deflating    (13.7%), done.

Results
Contracts.txt               Contracts.txt.zip
EULA.txt                    EULA.txt.zip
License Agreement.txt       License Agreement.txt.zip
Passwords.txt               Passwords.txt.zip
Test File 1.txt             Test File 1.txt.zip
              10 File(s)          1,015 bytes

CD

Determines how the central directory of the ZIP archive will be created.

Encrypt file names
pkzipc -add -cryptalg=aes,256 -cd=encrypt -passphrase="topsecret" secret.zip *.*

Certificate

Digitally sign files or central directory with the specified certificate. * The certificate must be imported into the SMARTCRYPT certificate database.

pkzipc -add -sign -certificate="Mike Henry" SignedArchive.zip EULA.txt

Smartcrypt(TM) Version 15 for Windows
Portions copyright (C) 1989-2016 PKWARE, Inc.  All Rights Reserved.
Reg. U.S. Pat. and Tm. Off.  Patent No. 5,051,745  7,793,099  7,844,579
7,890,465  7,895,434;  Other patents pending
* Using UTF-8 file names and comments
* Using default compression method
Creating .ZIP: SignedArchive.zip
  Adding File: EULA.txt     Deflating    (13.7%), done.
Central Directory is signed by: Mike Henry

Cryptalgorithm

Encrypt files in the archive with the specified algorithm. If not specified the default is traditional.

pkzipc -add -cryptalg=aes,256 -passphrase="opensesame" AES-256.zip Passwords.txt

Smartcrypt(TM) Version 15 for Windows
Portions copyright (C) 1989-2016 PKWARE, Inc.  All Rights Reserved.
Reg. U.S. Pat. and Tm. Off.  Patent No. 5,051,745  7,793,099  7,844,579
7,890,465  7,895,434;  Other patents pending
* Strongly encrypting files with a passphrase using AES (256-bit)
* Using UTF-8 file names and comments
* Using default compression method
* Using fastest available AES algorithm
Creating .ZIP: AES-256.zip
  Adding File: Passwords.txt Deflating    ( 0.0%), Encrypting, done.

Dir

Store directory path names during compression, or recreate directory path names while extracting. Includes subdirectories.

pkzipc -add -dir save.zip 

FIPSMode

Enables FIPS-140 mode. This only allows FIPS approved encryption algorithms to be used. Some government agencies will only allow FIPS approved algorithms to be used for encryption.

pkzipc -add -fipsmode -passphrase="opensesame" FIPS.zip Passwords.txt

Smartcrypt(TM) Version 15 for Windows
Portions copyright (C) 1989-2016 PKWARE, Inc.  All Rights Reserved.
Reg. U.S. Pat. and Tm. Off.  Patent No. 5,051,745  7,793,099  7,844,579
7,890,465  7,895,434;  Other patents pending
* Strongly encrypting files with a passphrase using AES (256-bit)
* Using UTF-8 file names and comments
* Using default compression method
* FIPS 140 mode enabled
Creating .ZIP: FIPS.zip
  Adding File: Passwords.txt Deflating    ( 0.0%), Encrypting, done.

Keypassphrase

Specifies the passphrase used to decrypt private key information. If not supplied, you will be prompted for the keypassphrase on the console. This is not ideal for scripted operations.

pkzipc -extract -keypassphrase="123456789" KPP.zip

SecureZIP(R) Server  Version 14 for Linux X86 Registered Version
Portions copyright (C) 1989-2014 PKWARE, Inc.  All Rights Reserved.
Reg. U.S. Pat. and Tm. Off.  Patent No. 5,051,745  7,793,099  7,844,579
7,890,465  7,895,434;  Other patents pending

Extracting files from .ZIP: /home/mike_he/KPP.zip

LogError

Informs Smartcrypt to log errors and warnings to a file and specifies where to write them.

pkzipc -extract -silent=input -logerror=errorlog.txt KPP.zip

NoArchiveExtension

Disables the possible appending of a default extension to the archive file named entered on the command line. By default .ZIP is the extension.

pkzipc -add -noarchiveextension NoExtension test.key

SecureZIP(R) Server  Version 14 for Linux X86 Registered Version
Portions copyright (C) 1989-2014 PKWARE, Inc.  All Rights Reserved.
Reg. U.S. Pat. and Tm. Off.  Patent No. 5,051,745  7,793,099  7,844,579
7,890,465  7,895,434;  Other patents pending
 Using UTF-8 file names and comments
 Using default compression method
Creating .ZIP: NoExtension
  Adding File: test.key     Deflating    (23.7%), done.

Overwrite

Determine whether or not to overwrite files on  your hard drive with the files being extracted or files being added to the archive.

pkzipc -extract -overwrite=all save.zip

Passphrase

Encrypt an archive with a passphrase (password) or decrypt an archive that was encrypted with a passphrase

pkzipc -add -passphrase="123456789" archive.zip *.txt
pkzipc -extract -passphrase="123456789" archive.zip

PGPPublicKey

Specify the file containing PGP public keys. 

pkzipc -add -PGPPublicKey=mypubring.pkr -recipient="John Smith" test.pgp *.doc

PGPSecretKey

Specify the file containing PGP secret keys

pkzipc -extract -PGPSecretKeys=mysecring.skr test.pgp

Recipient

Encrypt files for the specified recipient.  Only those with access to the recipient's private key can extract the files. 
@ = specify a list of recipients to be used from a text file
pkzipc -add -recipient=@team.txt save.zip *.doc
Email address
pkzipc -add -recipient="Mike Henry" save.zip *.doc

Sign

Digitally sign and/or optionally timestamp .ZIP files.

pkzipc -add -certificate="Mike Henry" -sign=cd save.zip *.doc

Smartkey

Specify an existing Smartkey to be used for encryption

pkzipc -add -smartkey="Sales Group" save.zip *.doc
pkzipc -add -smartkey="urn=smartcrypt-Y247c6yBI2D0EefGiT000wj3dMYjOD4b-MA_4_l2Pvdb0BK4rmRM9kZG+fl9t_36iRT8WQBx0CFgNkdfc=" save.zip *.doc

SmartkeyAllow

Allows specified recipient(s) access to the Smartkey. Can only be used with the -smartkeycreate or -smartkeymodify commands.

pkzipc -smartkeym="urn=smartcrypt--IT" -smartkeya=Moss@domain.com -smartkeya=Roy@domain.com

SmartkeyDeny

Denies specified recipient(s) access to the Smartkey. Can only be used with -smartkeycreate or -smartkeymodify commands

pkzipc -smartkeym="urn=smartcrypt-IT" -smartkeyd=Douglas@domain.com -smartkeyd=Jen@domain.com
pkzipc -smartkeym="urn=smartcrypt-Y247c6yBI2D0EefGiT000wj3dMYjOD4b-MA_4_l2Pvdb0BK4rmRM9kZG+fl9t_36iRT8WQBx0CFgNkdfc=" -smartkeyd=@fired.txt

SmartkeyName

Renames the specified Smartkey.  Can only be used with the -smartkeymodify command

pkzipc -smartkeym="urn=smartcrypt-Y247c6yBI2D0EefGiT000wj3dMYjOD4b-MA_4_l2Pvdb0BK4rmRM9kZG+fl9t_36iRT8WQBx0CFgNkdfc=" -smartkeyn="Test 123"
pkzipc -smartkeym="Test 123" -smartkeyn="Test 123456"

SmartkeyPass