What are the standard encryption file formats?

Question

I'm a bit confused on encryption file formats.

Let's say I want to encrypt a file with AES-256. I run the file through the encryption algorithm and I now have a stream of encrypted bytes.

I obviously can write that stream of bytes to a file, but any third-party encryption application is not going to understand it since it's not expecting just a raw stream of encrypted bytes.

Into what file formats can I write that so that other encryption tools can understand it?

The ones I know of (I think) are:

PKCS#7 ASN.1 DER PEM PKCS#8 

but I'm not sure how they all relate to each other.

Apparently the AESCrypt utility also has a format, which appears to be its own proprietary format: http://www.aescrypt.com/aes_file_format.html

Is there a cheatsheet anywhere on this stuff? I've been googling and found bits and pieces, but never felt like I had the complete picture.

Answer 1

PKCS#8 is not an encrypted-file format, it's a format for private keys.

ASN.1 and DER are rules for translating a structured message into binary. They are not, in and of themselves, a file format, although they're used to define and describe file formats.

PKCS#7 is closely related to PEM, and they're both formats for public-key encrypted files. They are defined in terms of base-64 encapsulated DER encoded ASN.1 messages. They are the basis of the S/MIME format for secure internet mail. (see RFC3851)

In parallel with S/MIME is the OpenPGP file format, also mainly designed for public-key encrypted files. (See RFC4880)

In both S/MIME and OpenPGP formats, there is a block which contains symmetric-key encrypted data. It is possible to create valid S/MIME or OpenPGP files containing only this block. In this way, the S/MIME (a.k.a. PKCS#7) and OpenPGP formats can be used for symmetric-key encryption also.