openssl unknown option error

Question

I ran this script below:

#!/bin/bash

keyFile=video.key
openssl rand 16 > $keyFile
encryptionKey=$(cat $keyFile | hexdump -e '16/1 "%02x"')

splitFilePrefix=stream
encryptedSplitFilePrefix=enc/${splitFilePrefix}

numberOfTsFiles=$(ls ${splitFilePrefix}*.ts | wc -l)

for (( i=1; i<$numberOfTsFiles; i++ ))
 do
 initializationVector=printf '%032x' $i
 openssl aes-128-cbc -e -in ${splitFilePrefix}$i.ts -out ${encryptedSplitFilePrefix}$i.ts -nosalt -iv $initializationVector -K $encryptionKey
 done

right after the execution, the bash gives me an error:

./script.sh: line 14: fg: no job control
unknown option '9d268d620c68938b4578c3f299c91a1a'
options are
-in <file>     input file
-out <file>    output file
-pass <arg>    pass phrase source
-e             encrypt
-d             decrypt
-a/-base64     base64 encode/decode, depending on encryption flag
-k             passphrase is the next argument
-kfile         passphrase is the first line of the file argument
-md            the next argument is the md to use to create a key
                 from a passphrase.  One of md2, md5, sha or sha1
-S             salt in hex is the next argument
-K/-iv         key/iv in hex is the next argument
-[pP]          print the iv/key (then exit if -P)
-bufsize <n>   buffer size
-nopad         disable standard block padding
-engine e      use engine e, possibly a hardware device.
Cipher Types
-aes-128-cbc               -aes-128-cbc-hmac-sha1     -aes-128-cfb
-aes-128-cfb1              -aes-128-cfb8              -aes-128-ctr
-aes-128-ecb               -aes-128-gcm               -aes-128-ofb
-aes-128-xts               -aes-192-cbc               -aes-192-cfb
-aes-192-cfb1              -aes-192-cfb8              -aes-192-ctr
-aes-192-ecb               -aes-192-gcm               -aes-192-ofb
-aes-256-cbc               -aes-256-cbc-hmac-sha1     -aes-256-cfb
-aes-256-cfb1              -aes-256-cfb8              -aes-256-ctr
-aes-256-ecb               -aes-256-gcm               -aes-256-ofb
-aes-256-xts               -aes128                    -aes192
-aes256                    -bf                        -bf-cbc
-bf-cfb                    -bf-ecb                    -bf-ofb
-blowfish                  -camellia-128-cbc          -camellia-128-cfb
-camellia-128-cfb1         -camellia-128-cfb8         -camellia-128-ecb
-camellia-128-ofb          -camellia-192-cbc          -camellia-192-cfb
-camellia-192-cfb1         -camellia-192-cfb8         -camellia-192-ecb
-camellia-192-ofb          -camellia-256-cbc          -camellia-256-cfb
-camellia-256-cfb1         -camellia-256-cfb8         -camellia-256-ecb
-camellia-256-ofb          -camellia128               -camellia192
-camellia256               -cast                      -cast-cbc
-cast5-cbc                 -cast5-cfb                 -cast5-ecb
-cast5-ofb                 -des                       -des-cbc
-des-cfb                   -des-cfb1                  -des-cfb8
-des-ecb                   -des-ede                   -des-ede-cbc
-des-ede-cfb               -des-ede-ofb               -des-ede3
-des-ede3-cbc              -des-ede3-cfb              -des-ede3-cfb1
-des-ede3-cfb8             -des-ede3-ofb              -des-ofb
-des3                      -desx                      -desx-cbc
-id-aes128-GCM             -id-aes192-GCM             -id-aes256-GCM
-rc2                       -rc2-40-cbc                -rc2-64-cbc
-rc2-cbc                   -rc2-cfb                   -rc2-ecb
-rc2-ofb                   -rc4                       -rc4-40
-rc4-hmac-md5              -seed                      -seed-cbc
-seed-cfb                  -seed-ecb                  -seed-ofb

I read openssl manual and thought either -K or -iv part is wrong, but couldn't figure out which option and why is it wrong

Answer 1

Your problem is that this line:

initializationVector=printf '%032x' $i

Should look like this:

initializationVector=$(printf '%032x' $i)

It made initializationVector empty.

You can find it out if you add set -x at the top, and then see exactly what is the command line you're attempting to run.

before fixing it looked like this:

openssl aes-128-cbc -e -in stream1.ts -out enc/stream1.ts -nosalt -iv -K 7aeb2faae0289b9828b2994f50a4cc3a

which made openssl command think that -K is the value for the -iv option, and the key itself is another command option.
Hence the error: unknown option '7aeb2faae0289b9828b2994f50a4cc3a' (in my case).

Answer 2

do
  initializationVector=printf '%032x' $i
  openssl aes-128-cbc -e -in ${splitFilePrefix}$i.ts -out ${encryptedSplitFilePrefix}$i.ts \
      -nosalt -iv $initializationVector -K $encryptionKey
 done

You are missing the leading dash on the cipher. Try -aes-128-cbc instead. From the enc(1) docs:

SYNOPSIS

openssl enc -ciphername [-in filename] [-out filename] [-pass arg] [-e] [-d] [-a/-base64] [-A]
[-k password] [-kfile filename] [-K key] [-iv IV] [-S salt] [-salt] [-nosalt] [-z] [-md] [-p]
[-P] [-bufsize number] [-nopad] [-debug] [-none] [-engine id]