diff options
Diffstat (limited to 'secure/usr.bin/openssl/man/pkeyutl.1')
-rw-r--r-- | secure/usr.bin/openssl/man/pkeyutl.1 | 439 |
1 files changed, 0 insertions, 439 deletions
diff --git a/secure/usr.bin/openssl/man/pkeyutl.1 b/secure/usr.bin/openssl/man/pkeyutl.1 deleted file mode 100644 index 248996112597..000000000000 --- a/secure/usr.bin/openssl/man/pkeyutl.1 +++ /dev/null @@ -1,439 +0,0 @@ -.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.43) -.\" -.\" Standard preamble: -.\" ======================================================================== -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Vb \" Begin verbatim text -.ft CW -.nf -.ne \\$1 -.. -.de Ve \" End verbatim text -.ft R -.fi -.. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. \*(C+ will -.\" give a nicer C++. Capital omega is used to do unbreakable dashes and -.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, -.\" nothing in troff, for use with C<>. -.tr \(*W- -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" -. ds C` "" -. ds C' "" -'br\} -.el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' -. ds C` -. ds C' -'br\} -.\" -.\" Escape single quotes in literal strings from groff's Unicode transform. -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' -.\" -.\" If the F register is >0, we'll generate index entries on stderr for -.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index -.\" entries marked with X<> in POD. Of course, you'll have to process the -.\" output yourself in some meaningful fashion. -.\" -.\" Avoid warning from groff about undefined register 'F'. -.de IX -.. -.nr rF 0 -.if \n(.g .if rF .nr rF 1 -.if (\n(rF:(\n(.g==0)) \{\ -. if \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" -.. -. if !\nF==2 \{\ -. nr % 0 -. nr F 2 -. \} -. \} -.\} -.rr rF -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). -.\" Fear. Run. Save yourself. No user-serviceable parts. -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C -.\" ======================================================================== -.\" -.IX Title "PKEYUTL 1" -.TH PKEYUTL 1 "2022-05-03" "1.1.1o" "OpenSSL" -.\" For nroff, turn off justification. Always turn off hyphenation; it makes -.\" way too many mistakes in technical documents. -.if n .ad l -.nh -.SH "NAME" -openssl\-pkeyutl, pkeyutl \- public key algorithm utility -.SH "SYNOPSIS" -.IX Header "SYNOPSIS" -\&\fBopenssl\fR \fBpkeyutl\fR -[\fB\-help\fR] -[\fB\-in file\fR] -[\fB\-out file\fR] -[\fB\-sigfile file\fR] -[\fB\-inkey file\fR] -[\fB\-keyform PEM|DER|ENGINE\fR] -[\fB\-passin arg\fR] -[\fB\-peerkey file\fR] -[\fB\-peerform PEM|DER|ENGINE\fR] -[\fB\-pubin\fR] -[\fB\-certin\fR] -[\fB\-rev\fR] -[\fB\-sign\fR] -[\fB\-verify\fR] -[\fB\-verifyrecover\fR] -[\fB\-encrypt\fR] -[\fB\-decrypt\fR] -[\fB\-derive\fR] -[\fB\-kdf algorithm\fR] -[\fB\-kdflen length\fR] -[\fB\-pkeyopt opt:value\fR] -[\fB\-hexdump\fR] -[\fB\-asn1parse\fR] -[\fB\-rand file...\fR] -[\fB\-writerand file\fR] -[\fB\-engine id\fR] -[\fB\-engine_impl\fR] -.SH "DESCRIPTION" -.IX Header "DESCRIPTION" -The \fBpkeyutl\fR command can be used to perform low-level public key operations -using any supported algorithm. -.SH "OPTIONS" -.IX Header "OPTIONS" -.IP "\fB\-help\fR" 4 -.IX Item "-help" -Print out a usage message. -.IP "\fB\-in filename\fR" 4 -.IX Item "-in filename" -This specifies the input filename to read data from or standard input -if this option is not specified. -.IP "\fB\-out filename\fR" 4 -.IX Item "-out filename" -Specifies the output filename to write to or standard output by -default. -.IP "\fB\-sigfile file\fR" 4 -.IX Item "-sigfile file" -Signature file, required for \fBverify\fR operations only -.IP "\fB\-inkey file\fR" 4 -.IX Item "-inkey file" -The input key file, by default it should be a private key. -.IP "\fB\-keyform PEM|DER|ENGINE\fR" 4 -.IX Item "-keyform PEM|DER|ENGINE" -The key format \s-1PEM, DER\s0 or \s-1ENGINE.\s0 Default is \s-1PEM.\s0 -.IP "\fB\-passin arg\fR" 4 -.IX Item "-passin arg" -The input key password source. For more information about the format of \fBarg\fR -see \*(L"Pass Phrase Options\*(R" in \fBopenssl\fR\|(1). -.IP "\fB\-peerkey file\fR" 4 -.IX Item "-peerkey file" -The peer key file, used by key derivation (agreement) operations. -.IP "\fB\-peerform PEM|DER|ENGINE\fR" 4 -.IX Item "-peerform PEM|DER|ENGINE" -The peer key format \s-1PEM, DER\s0 or \s-1ENGINE.\s0 Default is \s-1PEM.\s0 -.IP "\fB\-pubin\fR" 4 -.IX Item "-pubin" -The input file is a public key. -.IP "\fB\-certin\fR" 4 -.IX Item "-certin" -The input is a certificate containing a public key. -.IP "\fB\-rev\fR" 4 -.IX Item "-rev" -Reverse the order of the input buffer. This is useful for some libraries -(such as CryptoAPI) which represent the buffer in little endian format. -.IP "\fB\-sign\fR" 4 -.IX Item "-sign" -Sign the input data (which must be a hash) and output the signed result. This -requires a private key. -.IP "\fB\-verify\fR" 4 -.IX Item "-verify" -Verify the input data (which must be a hash) against the signature file and -indicate if the verification succeeded or failed. -.IP "\fB\-verifyrecover\fR" 4 -.IX Item "-verifyrecover" -Verify the input data (which must be a hash) and output the recovered data. -.IP "\fB\-encrypt\fR" 4 -.IX Item "-encrypt" -Encrypt the input data using a public key. -.IP "\fB\-decrypt\fR" 4 -.IX Item "-decrypt" -Decrypt the input data using a private key. -.IP "\fB\-derive\fR" 4 -.IX Item "-derive" -Derive a shared secret using the peer key. -.IP "\fB\-kdf algorithm\fR" 4 -.IX Item "-kdf algorithm" -Use key derivation function \fBalgorithm\fR. The supported algorithms are -at present \fB\s-1TLS1\-PRF\s0\fR and \fB\s-1HKDF\s0\fR. -Note: additional parameters and the \s-1KDF\s0 output length will normally have to be -set for this to work. -See \fBEVP_PKEY_CTX_set_hkdf_md\fR\|(3) and \fBEVP_PKEY_CTX_set_tls1_prf_md\fR\|(3) -for the supported string parameters of each algorithm. -.IP "\fB\-kdflen length\fR" 4 -.IX Item "-kdflen length" -Set the output length for \s-1KDF.\s0 -.IP "\fB\-pkeyopt opt:value\fR" 4 -.IX Item "-pkeyopt opt:value" -Public key options specified as opt:value. See \s-1NOTES\s0 below for more details. -.IP "\fB\-hexdump\fR" 4 -.IX Item "-hexdump" -hex dump the output data. -.IP "\fB\-asn1parse\fR" 4 -.IX Item "-asn1parse" -Parse the \s-1ASN.1\s0 output data, this is useful when combined with the -\&\fB\-verifyrecover\fR option when an \s-1ASN1\s0 structure is signed. -.IP "\fB\-rand file...\fR" 4 -.IX Item "-rand file..." -A file or files containing random data used to seed the random number -generator. -Multiple files can be specified separated by an OS-dependent character. -The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for -all others. -.IP "[\fB\-writerand file\fR]" 4 -.IX Item "[-writerand file]" -Writes random data to the specified \fIfile\fR upon exit. -This can be used with a subsequent \fB\-rand\fR flag. -.IP "\fB\-engine id\fR" 4 -.IX Item "-engine id" -Specifying an engine (by its unique \fBid\fR string) will cause \fBpkeyutl\fR -to attempt to obtain a functional reference to the specified engine, -thus initialising it if needed. The engine will then be set as the default -for all available algorithms. -.IP "\fB\-engine_impl\fR" 4 -.IX Item "-engine_impl" -When used with the \fB\-engine\fR option, it specifies to also use -engine \fBid\fR for crypto operations. -.SH "NOTES" -.IX Header "NOTES" -The operations and options supported vary according to the key algorithm -and its implementation. The OpenSSL operations and options are indicated below. -.PP -Unless otherwise mentioned all algorithms support the \fBdigest:alg\fR option -which specifies the digest in use for sign, verify and verifyrecover operations. -The value \fBalg\fR should represent a digest name as used in the -\&\fBEVP_get_digestbyname()\fR function for example \fBsha1\fR. This value is not used to -hash the input data. It is used (by some algorithms) for sanity-checking the -lengths of data passed in to the \fBpkeyutl\fR and for creating the structures that -make up the signature (e.g. \fBDigestInfo\fR in \s-1RSASSA\s0 PKCS#1 v1.5 signatures). -.PP -This utility does not hash the input data but rather it will use the data -directly as input to the signature algorithm. Depending on the key type, -signature type, and mode of padding, the maximum acceptable lengths of input -data differ. The signed data can't be longer than the key modulus with \s-1RSA.\s0 In -case of \s-1ECDSA\s0 and \s-1DSA\s0 the data shouldn't be longer than the field -size, otherwise it will be silently truncated to the field size. In any event -the input size must not be larger than the largest supported digest size. -.PP -In other words, if the value of digest is \fBsha1\fR the input should be the 20 -bytes long binary encoding of the \s-1SHA\-1\s0 hash function output. -.PP -The Ed25519 and Ed448 signature algorithms are not supported by this utility. -They accept non-hashed input, but this utility can only be used to sign hashed -input. -.SH "RSA ALGORITHM" -.IX Header "RSA ALGORITHM" -The \s-1RSA\s0 algorithm generally supports the encrypt, decrypt, sign, -verify and verifyrecover operations. However, some padding modes -support only a subset of these operations. The following additional -\&\fBpkeyopt\fR values are supported: -.IP "\fBrsa_padding_mode:mode\fR" 4 -.IX Item "rsa_padding_mode:mode" -This sets the \s-1RSA\s0 padding mode. Acceptable values for \fBmode\fR are \fBpkcs1\fR for -PKCS#1 padding, \fBsslv23\fR for SSLv23 padding, \fBnone\fR for no padding, \fBoaep\fR -for \fB\s-1OAEP\s0\fR mode, \fBx931\fR for X9.31 mode and \fBpss\fR for \s-1PSS.\s0 -.Sp -In PKCS#1 padding if the message digest is not set then the supplied data is -signed or verified directly instead of using a \fBDigestInfo\fR structure. If a -digest is set then the a \fBDigestInfo\fR structure is used and its the length -must correspond to the digest type. -.Sp -For \fBoaep\fR mode only encryption and decryption is supported. -.Sp -For \fBx931\fR if the digest type is set it is used to format the block data -otherwise the first byte is used to specify the X9.31 digest \s-1ID.\s0 Sign, -verify and verifyrecover are can be performed in this mode. -.Sp -For \fBpss\fR mode only sign and verify are supported and the digest type must be -specified. -.IP "\fBrsa_pss_saltlen:len\fR" 4 -.IX Item "rsa_pss_saltlen:len" -For \fBpss\fR mode only this option specifies the salt length. Three special -values are supported: \*(L"digest\*(R" sets the salt length to the digest length, -\&\*(L"max\*(R" sets the salt length to the maximum permissible value. When verifying -\&\*(L"auto\*(R" causes the salt length to be automatically determined based on the -\&\fB\s-1PSS\s0\fR block structure. -.IP "\fBrsa_mgf1_md:digest\fR" 4 -.IX Item "rsa_mgf1_md:digest" -For \s-1PSS\s0 and \s-1OAEP\s0 padding sets the \s-1MGF1\s0 digest. If the \s-1MGF1\s0 digest is not -explicitly set in \s-1PSS\s0 mode then the signing digest is used. -.IP "\fBrsa_oaep_md:\fR\fIdigest\fR" 4 -.IX Item "rsa_oaep_md:digest" -Sets the digest used for the \s-1OAEP\s0 hash function. If not explicitly set then -\&\s-1SHA1\s0 is used. -.SH "RSA-PSS ALGORITHM" -.IX Header "RSA-PSS ALGORITHM" -The RSA-PSS algorithm is a restricted version of the \s-1RSA\s0 algorithm which only -supports the sign and verify operations with \s-1PSS\s0 padding. The following -additional \fBpkeyopt\fR values are supported: -.IP "\fBrsa_padding_mode:mode\fR, \fBrsa_pss_saltlen:len\fR, \fBrsa_mgf1_md:digest\fR" 4 -.IX Item "rsa_padding_mode:mode, rsa_pss_saltlen:len, rsa_mgf1_md:digest" -These have the same meaning as the \fB\s-1RSA\s0\fR algorithm with some additional -restrictions. The padding mode can only be set to \fBpss\fR which is the -default value. -.Sp -If the key has parameter restrictions than the digest, \s-1MGF1\s0 -digest and salt length are set to the values specified in the parameters. -The digest and \s-1MG\s0 cannot be changed and the salt length cannot be set to a -value less than the minimum restriction. -.SH "DSA ALGORITHM" -.IX Header "DSA ALGORITHM" -The \s-1DSA\s0 algorithm supports signing and verification operations only. Currently -there are no additional \fB\-pkeyopt\fR options other than \fBdigest\fR. The \s-1SHA1\s0 -digest is assumed by default. -.SH "DH ALGORITHM" -.IX Header "DH ALGORITHM" -The \s-1DH\s0 algorithm only supports the derivation operation and no additional -\&\fB\-pkeyopt\fR options. -.SH "EC ALGORITHM" -.IX Header "EC ALGORITHM" -The \s-1EC\s0 algorithm supports sign, verify and derive operations. The sign and -verify operations use \s-1ECDSA\s0 and derive uses \s-1ECDH. SHA1\s0 is assumed by default for -the \fB\-pkeyopt\fR \fBdigest\fR option. -.SH "X25519 and X448 ALGORITHMS" -.IX Header "X25519 and X448 ALGORITHMS" -The X25519 and X448 algorithms support key derivation only. Currently there are -no additional options. -.SH "EXAMPLES" -.IX Header "EXAMPLES" -Sign some data using a private key: -.PP -.Vb 1 -\& openssl pkeyutl \-sign \-in file \-inkey key.pem \-out sig -.Ve -.PP -Recover the signed data (e.g. if an \s-1RSA\s0 key is used): -.PP -.Vb 1 -\& openssl pkeyutl \-verifyrecover \-in sig \-inkey key.pem -.Ve -.PP -Verify the signature (e.g. a \s-1DSA\s0 key): -.PP -.Vb 1 -\& openssl pkeyutl \-verify \-in file \-sigfile sig \-inkey key.pem -.Ve -.PP -Sign data using a message digest value (this is currently only valid for \s-1RSA\s0): -.PP -.Vb 1 -\& openssl pkeyutl \-sign \-in file \-inkey key.pem \-out sig \-pkeyopt digest:sha256 -.Ve -.PP -Derive a shared secret value: -.PP -.Vb 1 -\& openssl pkeyutl \-derive \-inkey key.pem \-peerkey pubkey.pem \-out secret -.Ve -.PP -Hexdump 48 bytes of \s-1TLS1 PRF\s0 using digest \fB\s-1SHA256\s0\fR and shared secret and -seed consisting of the single byte 0xFF: -.PP -.Vb 2 -\& openssl pkeyutl \-kdf TLS1\-PRF \-kdflen 48 \-pkeyopt md:SHA256 \e -\& \-pkeyopt hexsecret:ff \-pkeyopt hexseed:ff \-hexdump -.Ve -.PP -Decrypt some data using a private key with \s-1OAEP\s0 padding using \s-1SHA256:\s0 -.PP -.Vb 2 -\& openssl pkeyutl \-decrypt \-in file \-inkey key.pem \-out secret \e -\& \-pkeyopt rsa_padding_mode:oaep \-pkeyopt rsa_oaep_md:sha256 -.Ve -.SH "SEE ALSO" -.IX Header "SEE ALSO" -\&\fBgenpkey\fR\|(1), \fBpkey\fR\|(1), \fBrsautl\fR\|(1) -\&\fBdgst\fR\|(1), \fBrsa\fR\|(1), \fBgenrsa\fR\|(1), -\&\fBEVP_PKEY_CTX_set_hkdf_md\fR\|(3), \fBEVP_PKEY_CTX_set_tls1_prf_md\fR\|(3) -.SH "COPYRIGHT" -.IX Header "COPYRIGHT" -Copyright 2006\-2021 The OpenSSL Project Authors. All Rights Reserved. -.PP -Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use -this file except in compliance with the License. You can obtain a copy -in the file \s-1LICENSE\s0 in the source distribution or at -<https://www.openssl.org/source/license.html>. |