[BACK]Return to openssl.1 CVS log [TXT][DIR] Up to [local] / src / usr.bin / openssl

Diff for /src/usr.bin/openssl/openssl.1 between version 1.115 and 1.116

version 1.115, 2019/11/19 10:20:10 version 1.116, 2019/11/28 11:21:33
Line 877 
Line 877 
 .Fl V ,  .Fl V ,
 but without cipher suite codes.  but without cipher suite codes.
 .El  .El
   .Sh CMS
   .Bl -hang -width "openssl cms"
   .It Nm openssl cms
   .Bk -words
   .Oo
   .Fl aes128 | aes192 | aes256 | camellia128 |
   .Fl camellia192 | camellia256 | des | des3 |
   .Fl rc2-40 | rc2-64 | rc2-128
   .Oc
   .Op Fl CAfile Ar file
   .Op Fl CApath Ar directory
   .Op Fl binary
   .Op Fl certfile Ar file
   .Op Fl certsout Ar file
   .Op Fl cmsout
   .Op Fl compress
   .Op Fl content Ar file
   .Op Fl crlfeol
   .Op Fl data_create
   .Op Fl data_out
   .Op Fl debug_decrypt
   .Op Fl decrypt
   .Op Fl digest_create
   .Op Fl digest_verify
   .Op Fl econtent_type Ar type
   .Op Fl encrypt
   .Op Fl EncryptedData_decrypt
   .Op Fl EncryptedData_encrypt
   .Op Fl from Ar addr
   .Op Fl in Ar file
   .Op Fl inform Cm der | pem | smime
   .Op Fl inkey Ar file
   .Op Fl keyform Cm der | pem
   .Op Fl keyid
   .Op Fl keyopt Ar nm:v
   .Op Fl md Ar digest
   .Op Fl no_attr_verify
   .Op Fl no_content_verify
   .Op Fl no_signer_cert_verify
   .Op Fl noattr
   .Op Fl nocerts
   .Op Fl nodetach
   .Op Fl nointern
   .Op Fl nooldmime
   .Op Fl noout
   .Op Fl nosigs
   .Op Fl nosmimecap
   .Op Fl noverify
   .Op Fl out Ar file
   .Op Fl outform Cm der | pem | smime
   .Op Fl passin Ar src
   .Op Fl print
   .Op Fl pwri_password Ar arg
   .Op Fl rctform Cm der | pem | smime
   .Op Fl receipt_request_all | receipt_request_first
   .Op Fl receipt_request_from Ar addr
   .Op Fl receipt_request_print
   .Op Fl receipt_request_to Ar addr
   .Op Fl recip Ar file
   .Op Fl resign
   .Op Fl secretkey Ar key
   .Op Fl secretkeyid Ar id
   .Op Fl sign
   .Op Fl sign_receipt
   .Op Fl signer Ar file
   .Op Fl stream | indef | noindef
   .Op Fl subject Ar s
   .Op Fl text
   .Op Fl to Ar addr
   .Op Fl uncompress
   .Op Fl verify
   .Op Fl verify_receipt Ar file
   .Op Fl verify_retcode
   .Op Ar cert.pem ...
   .Ek
   .El
   .Pp
   The
   .Nm cms
   command handles S/MIME v3.1 mail.
   It can encrypt, decrypt, sign and verify, compress and uncompress S/MIME
   messages.
   .Pp
   The MIME message must be sent without any blank lines between the headers and
   the output.
   Some mail programs will automatically add a blank line.
   Piping the mail directly to sendmail is one way to achieve the correct format.
   .Pp
   The supplied message to be signed or encrypted must include the necessary MIME
   headers or many S/MIME clients won't display it properly (if at all).
   You can use the
   .Fl text
   option to automatically add plain text headers.
   .Pp
   A "signed and encrypted" message is one where a signed message is then
   encrypted.
   This can be produced by encrypting an already signed message.
   .Pp
   There are various operation options that set the type of operation to be
   performed.
   The meaning of the other options varies according to the operation type.
   .Bl -tag -width "XXXX"
   .It Fl encrypt
   Encrypt mail for the given recipient certificates.
   Input file is the message to be encrypted.
   The output file is the encrypted mail in MIME format.
   The actual CMS type is EnvelopedData.
   Note that no revocation check is done for the recipient cert, so if that
   key has been compromised, others may be able to decrypt the text.
   .It Fl decrypt
   Decrypt mail using the supplied certificate and private key.
   Expects an encrypted mail message in MIME format for the input file.
   The decrypted mail is written to the output file.
   .It Fl sign
   Sign mail using the supplied certificate and private key.
   Input file is the message to be signed.
   The signed message in MIME format is written to the output file.
   .It Fl verify
   Verify signed mail.
   Expects a signed mail message on input and outputs the signed data.
   Both clear text and opaque signing are supported.
   .It Fl cmsout
   Take an input message and write out a PEM encoded CMS structure.
   .It Fl resign
   Resign a message.
   Take an existing message and one or more new signers.
   This operation uses an existing message digest when adding a new signer.
   This means that attributes must be present in at least one existing
   signer using the same message digest or this operation will fail.
   .It Fl data_create
   Create a CMS Data type.
   .It Fl data_out
   Output a content from the input CMS Data type.
   .It Fl digest_create
   Create a CMS DigestedData type.
   .It Fl digest_verify
   Verify a CMS DigestedData type and output the content.
   .It Fl compress
   Create a CMS CompressedData type.
   Must be compiled with zlib support for this option to work.
   .It Fl uncompress
   Uncompress a CMS CompressedData type and output the content.
   Must be compiled with zlib support for this option to work.
   .It Fl EncryptedData_encrypt
   Encrypt a content using supplied symmetric key and algorithm using a
   CMS EncryptedData type.
   .It Fl EncryptedData_decrypt
   Decrypt a CMS EncryptedData type using supplied symmetric key.
   .It Fl sign_receipt
   Generate and output a signed receipt for the supplied message.
   The input message must contain a signed receipt request.
   Functionality is otherwise similar to the
   .Fl sign
   operation.
   .It Xo
   .Fl verify_receipt Ar file
   .Xc
   Verify a signed receipt in file.
   The input message must contain the original receipt request.
   Functionality is otherwise similar to the
   .Fl verify
   operation.
   .El
   .Pp
   The remaining options are as follows:
   .Bl -tag -width "XXXX"
   .It Xo
   .Fl aes128 | aes192 | aes256 | camellia128 |
   .Fl camellia192 | camellia256 | des | des3 |
   .Fl rc2-40 | rc2-64 | rc2-128
   .Xc
   The encryption algorithm to use.
   128-, 192-, or 256-bit AES, 128-, 192-, or 256-bit CAMELLIA,
   DES (56 bits), triple DES (168 bits),
   or 40-, 64-, or 128-bit RC2, respectively;
   if not specified, triple DES is
   used.
   Only used with
   .Fl encrypt
   and
   .Fl EncryptedData_encrypt
   commands.
   .It Fl binary
   Normally the input message is converted to "canonical" format which is
   effectively using CR/LF as end of line, as required by the S/MIME specification.
   When this option is present no translation occurs.
   This is useful when handling binary data which may not be in MIME format.
   .It Fl CAfile Ar file
   A file containing trusted CA certificates, used with
   .Fl verify
   and
   .Fl verify_receipt .
   .It Fl CApath Ar directory
   A directory containing trusted CA certificates, used with
   .Fl verify
   and
   .Fl verify_receipt .
   This directory must be a standard certificate directory: that is a hash
   of each subject name (using
   .Nm x509 Fl hash )
   should be linked to each certificate.
   .It Ar cert.pem...
   One or more certificates of message recipients: used when encrypting a message.
   .It Fl certfile Ar file
   Allows additional certificates to be specified.
   When signing these will be included with the message.
   When verifying these will be searched for the signer's certificates.
   The certificates should be in PEM format.
   .It Fl certsout Ar file
   A file that any certificates contained in the message are written to.
   .It Xo
   .Fl check_ss_sig ,
   .Fl crl_check ,
   .Fl crl_check_all ,
   .Fl extended_crl ,
   .Fl ignore_critical ,
   .Fl issuer_checks ,
   .Fl policy ,
   .Fl policy_check ,
   .Fl purpose ,
   .Fl x509_strict
   .Xc
   Set various certificate chain validation options.
   See the
   .Nm verify
   command for details.
   .It Fl content Ar file
   A file containing the detached content.
   This is only useful with the
   .Fl verify
   command.
   This is only usable if the CMS structure is using the detached signature
   form where the content is not included.
   This option will override any content if the input format is S/MIME and
   it uses the multipart/signed MIME content type.
   .It Fl crlfeol
   Output a S/MIME message with CR/LF end of line.
   .It Fl debug_decrypt
   Set the CMS_DEBUG_DECRYPT flag when decrypting.
   This option should be used with caution, since this can be used to disable
   the MMA attack protection and return an error if no recipient can be found.
   See the
   .Xr CMS_decrypt 3
   manual page for details of the flag.
   .It Xo
   .Fl from Ar addr ,
   .Fl subject Ar s ,
   .Fl to Ar addr
   .Xc
   The relevant mail headers.
   These are included outside the signed portion of a message so they may
   be included manually.
   If signing then many S/MIME mail clients check the signer's certificate's
   email address matches that specified in the From: address.
   .It Fl econtent_type Ar type
   Set the encapsulated content type, used with
   .Fl sign .
   If not supplied the Data type is used.
   The type argument can be any valid OID name in either text or numerical format.
   .It Fl in Ar file
   The input message to be encrypted or signed or the message to be decrypted or
   verified.
   .It Fl inform Cm der | pem | smime
   The input format for the CMS structure.
   The default is
   .Cm smime ,
   which reads an S/MIME format message.
   .Cm pem
   and
   .Cm der
   format change this to expect PEM and DER format CMS structures instead.
   This currently only affects the input format of the CMS structure; if no
   CMS structure is being input (for example with
   .Fl encrypt
   or
   .Fl sign )
   this option has no effect.
   .It Fl inkey Ar file
   The private key to use when signing or decrypting.
   This must match the corresponding certificate.
   If this option is not specified then the private key must be included in
   the certificate file specified with the
   .Fl recip
   or
   .Fl signer
   file.
   When signing this option can be used multiple times to specify successive keys.
   .It Fl keyform Cm der | pem
   Input private key format.
   The default is
   .Cm pem .
   .It Fl keyid
   Use subject key identifier to identify certificates instead of issuer
   name and serial number.
   The supplied certificate must include a subject key identifier extension.
   Supported by
   .Fl sign
   and
   .Fl encrypt
   operations.
   .It Fl keyopt Ar nm:v
   Set customised parameters for the preceding key or certificate
   for encryption and signing.
   It can currently be used to set RSA-PSS for signing, RSA-OAEP for
   encryption or to modify default parameters for ECDH.
   This option can be used multiple times.
   .It Fl md Ar digest
   The digest algorithm to use when signing or resigning.
   If not present then the default digest algorithm for the signing key
   will be used (usually SHA1).
   .It Fl no_attr_verify
   Do not verify the signer's attribute of a signature.
   .It Fl no_content_verify
   Do not verify the content of a signed message.
   .It Fl no_signer_cert_verify
   Do not verify the signer's certificate of a signed message.
   .It Fl noattr
   Do not include attributes.
   Normally when a message is signed a set of attributes are included which
   include the signing time and supported symmetric algorithms.
   With this option they are not included.
   .It Fl nocerts
   Do not include the signer's certificate.
   This will reduce the size of the signed message but the verifier must
   have a copy of the signer's certificate available locally (passed using
   the
   .Fl certfile
   option for example).
   .It Fl nodetach
   When signing a message use opaque signing.
   This form is more resistant to translation by mail relays but it cannot be
   read by mail agents that do not support S/MIME.
   Without this option cleartext signing with the MIME type multipart/signed is
   used.
   .It Fl nointern
   Only the certificates specified in the
   .Fl certfile
   option are used.
   When verifying a message normally certificates (if any) included in the
   message are searched for the signing certificate.
   The supplied certificates can still be used as untrusted CAs however.
   .It Fl nooldmime
   Output an old S/MIME content type like "application/x-pkcs7-".
   .It Fl noout
   Do not output the parsed CMS structure for the
   .Fl cmsout
   operation.
   This is useful when combined with the
   .Fl print
   option or if the syntax of the CMS structure is being checked.
   .It Fl nosigs
   Do not try to verify the signatures on the message.
   .It Fl nosmimecap
   Exclude the list of supported algorithms from signed attributes; other
   options such as signing time and content type are still included.
   .It Fl noverify
   Do not verify the signer's certificate of a signed message.
   .It Fl out Ar file
   The message text that has been decrypted or verified or the output MIME
   format message that has been signed or verified.
   .It Fl outform Cm der | pem | smime
   This specifies the output format for the CMS structure.
   The default is
   .Cm smime ,
   which writes an S/MIME format message.
   .Cm pem
   and
   .Cm der
   format change this to write PEM and DER format CMS structures instead.
   This currently only affects the output format of the CMS structure; if
   no CMS structure is being output (for example with
   .Fl verify
   or
   .Fl decrypt )
   this option has no effect.
   .It Fl passin Ar src
   The private key password source.
   .It Fl print
   Print out all fields of the CMS structure for the
   .Fl cmsout
   operation.
   This is mainly useful for testing purposes.
   .It Fl pwri_password Ar arg
   Specify PasswordRecipientInfo (PWRI) password to use.
   Supported by the
   .Fl encrypt
   and
   .Fl decrypt
   operations.
   .It Fl rctform Cm der | pem | smime
   Specify the format for a signed receipt for use with the
   .Fl receipt_verify
   operation.
   The default is
   .Cm smime .
   .It Fl receipt_request_all | receipt_request_first
   Indicate requests should be provided by all recipient or first tier
   recipients (those mailed directly and not from a mailing list), for the
   .Fl sign
   operation to include a signed receipt request.
   Ignored if
   .Fl receipt_request_from
   is included.
   .It Fl receipt_request_from Ar addr
   Add an explicit email address where receipts should be supplied.
   .It Fl receipt_request_print
   Print out the contents of any signed receipt requests for the
   .Fl verify
   operation.
   .It Fl receipt_request_to Ar addr
   Add an explicit email address where signed receipts should be sent to.
   This option must be supplied if a signed receipt is requested.
   .It Fl recip Ar file
   When decrypting a message this specifies the recipient's certificate.
   The certificate must match one of the recipients of the message or an
   error occurs.
   When encrypting a message this option may be used multiple times to
   specify each recipient.
   This form must be used if customised parameters are required (for example to
   specify RSA-OAEP).
   Only certificates carrying RSA, Diffie-Hellman or EC keys are supported
   by this option.
   .It Fl secretkey Ar key
   Specify symmetric key to use.
   The key must be supplied in hex format and be consistent with the
   algorithm used.
   Supported by the
   .Fl EncryptedData_encrypt ,
   .Fl EncryptedData_decrypt ,
   .Fl encrypt
   and
   .Fl decrypt
   operations.
   When used with
   .Fl encrypt
   or
   .Fl decrypt
   the supplied key is used to wrap or unwrap the content encryption key
   using an AES key in the KEKRecipientInfo type.
   .It Fl secretkeyid Ar id
   The key identifier for the supplied symmetric key for KEKRecipientInfo type.
   This option must be present if the
   .Fl secretkey
   option is used with
   .Fl encrypt .
   With
   .Fl decrypt
   operations the id is used to locate the relevant key; if it is not supplied
   then an attempt is used to decrypt any KEKRecipientInfo structures.
   .It Fl signer Ar file
   A signing certificate when signing or resigning a message; this option
   can be used multiple times if more than one signer is required.
   If a message is being verified then the signers certificates will be
   written to this file if the verification was successful.
   .It Xo
   .Fl stream |
   .Fl indef |
   .Fl noindef
   .Xc
   The
   .Fl stream
   and
   .Fl indef
   options are equivalent and enable streaming I/O for encoding operations.
   This permits single pass processing of data without the need to hold the
   entire contents in memory, potentially supporting very large files.
   Streaming is automatically set for S/MIME signing with detached data if
   the output format is
   .Cm smime ;
   it is currently off by default for all other operations.
   .Fl noindef
   disable streaming I/O where it would produce an indefinite length
   constructed encoding.
   This option currently has no effect.
   .It Fl text
   Add plain text (text/plain) MIME headers to the supplied message if
   encrypting or signing.
   If decrypting or verifying it strips off text headers: if the decrypted
   or verified message is not of MIME type text/plain then an error occurs.
   .It Fl verify_retcode
   Set verification error code to exit code to indicate what verification error
   has occurred.
   Supported by
   .Fl verify
   operation only.
   Exit code value minus 32 shows verification error code.
   See
   .Nm verify
   command for the list of verification error code.
   .El
   .Pp
   The exit codes for
   .Nm cms
   are as follows:
   .Pp
   .Bl -tag -width "XXXX" -offset 3n -compact
   .It 0
   The operation was completely successful.
   .It 1
   An error occurred parsing the command options.
   .It 2
   One of the input files could not be read.
   .It 3
   An error occurred creating the CMS file or when reading the MIME message.
   .It 4
   An error occurred decrypting or verifying the message.
   .It 5
   The message was verified correctly but an error occurred writing out the
   signer's certificates.
   .It 6
   An error occurred writing the output file.
   .It 32+
   A verify error occurred while
   .Fl verify_retcode
   is specified.
   .El
 .Sh CRL  .Sh CRL
 .Bl -hang -width "openssl crl"  .Bl -hang -width "openssl crl"
 .It Nm openssl crl  .It Nm openssl crl
Legend:
Removed from v.1.115  
changed lines
  Added in v.1.116