TeaSpeak
/
openssl-prebuild
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
openssl-prebuild/linux_amd64/share/doc/openssl/html/man1/openssl.html

699 lines
26 KiB
HTML
Executable File
Raw Blame History

<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>openssl</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body style="background-color: white">
<!-- INDEX BEGIN -->
<div name="index">
<p><a name="__index__"></a></p>
<ul>
<li><a href="#name">NAME</a></li>
<li><a href="#synopsis">SYNOPSIS</a></li>
<li><a href="#description">DESCRIPTION</a></li>
<li><a href="#command_summary">COMMAND SUMMARY</a></li>
<ul>
<li><a href="#standard_commands">Standard Commands</a></li>
<li><a href="#message_digest_commands">Message Digest Commands</a></li>
<li><a href="#encoding_and_cipher_commands">Encoding and Cipher Commands</a></li>
</ul>
<li><a href="#options">OPTIONS</a></li>
<ul>
<li><a href="#common_options">Common Options</a></li>
<li><a href="#pass_phrase_options">Pass Phrase Options</a></li>
</ul>
<li><a href="#see_also">SEE ALSO</a></li>
<li><a href="#history">HISTORY</a></li>
<li><a href="#copyright">COPYRIGHT</a></li>
</ul>
<hr name="index" />
</div>
<!-- INDEX END -->
<p>
</p>
<hr />
<h1><a name="name">NAME</a></h1>
<p>openssl - OpenSSL command line tool</p>
<p>
</p>
<hr />
<h1><a name="synopsis">SYNOPSIS</a></h1>
<p><strong>openssl</strong>
<em>command</em>
[ <em>command_opts</em> ]
[ <em>command_args</em> ]</p>
<p><strong>openssl</strong> <strong>list</strong> [ <strong>standard-commands</strong> | <strong>digest-commands</strong> | <strong>cipher-commands</strong> | <strong>cipher-algorithms</strong> | <strong>digest-algorithms</strong> | <strong>public-key-algorithms</strong>]</p>
<p><strong>openssl</strong> <strong>no-</strong><em>XXX</em> [ <em>arbitrary options</em> ]</p>
<p>
</p>
<hr />
<h1><a name="description">DESCRIPTION</a></h1>
<p>OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL
v2/v3) and Transport Layer Security (TLS v1) network protocols and related
cryptography standards required by them.</p>
<p>The <strong>openssl</strong> program is a command line tool for using the various
cryptography functions of OpenSSL's <strong>crypto</strong> library from the shell.
It can be used for</p>
<pre>
o Creation and management of private keys, public keys and parameters
o Public key cryptographic operations
o Creation of X.509 certificates, CSRs and CRLs
o Calculation of Message Digests
o Encryption and Decryption with Ciphers
o SSL/TLS Client and Server Tests
o Handling of S/MIME signed or encrypted mail
o Time Stamp requests, generation and verification</pre>
<p>
</p>
<hr />
<h1><a name="command_summary">COMMAND SUMMARY</a></h1>
<p>The <strong>openssl</strong> program provides a rich variety of commands (<em>command</em> in the
SYNOPSIS above), each of which often has a wealth of options and arguments
(<em>command_opts</em> and <em>command_args</em> in the SYNOPSIS).</p>
<p>Detailed documentation and use cases for most standard subcommands are available
(e.g., <a href="#x509">x509(1)</a> or <a href="#x509">openssl-x509(1)</a>).</p>
<p>Many commands use an external configuration file for some or all of their
arguments and have a <strong>-config</strong> option to specify that file.
The environment variable <strong>OPENSSL_CONF</strong> can be used to specify
the location of the file.
If the environment variable is not specified, then the file is named
<strong>openssl.cnf</strong> in the default certificate storage area, whose value
depends on the configuration flags specified when the OpenSSL
was built.</p>
<p>The list parameters <strong>standard-commands</strong>, <strong>digest-commands</strong>,
and <strong>cipher-commands</strong> output a list (one entry per line) of the names
of all standard commands, message digest commands, or cipher commands,
respectively, that are available in the present <strong>openssl</strong> utility.</p>
<p>The list parameters <strong>cipher-algorithms</strong> and
<strong>digest-algorithms</strong> list all cipher and message digest names, one entry per line. Aliases are listed as:</p>
<pre>
from =&gt; to</pre>
<p>The list parameter <strong>public-key-algorithms</strong> lists all supported public
key algorithms.</p>
<p>The command <strong>no-</strong><em>XXX</em> tests whether a command of the
specified name is available. If no command named <em>XXX</em> exists, it
returns 0 (success) and prints <strong>no-</strong><em>XXX</em>; otherwise it returns 1
and prints <em>XXX</em>. In both cases, the output goes to <strong>stdout</strong> and
nothing is printed to <strong>stderr</strong>. Additional command line arguments
are always ignored. Since for each cipher there is a command of the
same name, this provides an easy way for shell scripts to test for the
availability of ciphers in the <strong>openssl</strong> program. (<strong>no-</strong><em>XXX</em> is
not able to detect pseudo-commands such as <strong>quit</strong>,
<strong>list</strong>, or <strong>no-</strong><em>XXX</em> itself.)</p>
<p>
</p>
<h2><a name="standard_commands">Standard Commands</a></h2>
<dl>
<dt><strong><a name="asn1parse" class="item"><strong>asn1parse</strong></a></strong></dt>
<dd>
<p>Parse an ASN.1 sequence.</p>
</dd>
<dt><strong><a name="ca" class="item"><strong>ca</strong></a></strong></dt>
<dd>
<p>Certificate Authority (CA) Management.</p>
</dd>
<dt><strong><a name="ciphers" class="item"><strong>ciphers</strong></a></strong></dt>
<dd>
<p>Cipher Suite Description Determination.</p>
</dd>
<dt><strong><a name="cms" class="item"><strong>cms</strong></a></strong></dt>
<dd>
<p>CMS (Cryptographic Message Syntax) utility.</p>
</dd>
<dt><strong><a name="crl" class="item"><strong>crl</strong></a></strong></dt>
<dd>
<p>Certificate Revocation List (CRL) Management.</p>
</dd>
<dt><strong><a name="crl2pkcs7" class="item"><strong>crl2pkcs7</strong></a></strong></dt>
<dd>
<p>CRL to PKCS#7 Conversion.</p>
</dd>
<dt><strong><a name="dgst" class="item"><strong>dgst</strong></a></strong></dt>
<dd>
<p>Message Digest Calculation.</p>
</dd>
<dt><strong><a name="dh" class="item"><strong>dh</strong></a></strong></dt>
<dd>
<p>Diffie-Hellman Parameter Management.
Obsoleted by <a href="#dhparam">dhparam(1)</a>.</p>
</dd>
<dt><strong><a name="dhparam" class="item"><strong>dhparam</strong></a></strong></dt>
<dd>
<p>Generation and Management of Diffie-Hellman Parameters. Superseded by
<a href="#genpkey">genpkey(1)</a> and <a href="#pkeyparam">pkeyparam(1)</a>.</p>
</dd>
<dt><strong><a name="dsa" class="item"><strong>dsa</strong></a></strong></dt>
<dd>
<p>DSA Data Management.</p>
</dd>
<dt><strong><a name="dsaparam" class="item"><strong>dsaparam</strong></a></strong></dt>
<dd>
<p>DSA Parameter Generation and Management. Superseded by
<a href="#genpkey">genpkey(1)</a> and <a href="#pkeyparam">pkeyparam(1)</a>.</p>
</dd>
<dt><strong><a name="ec" class="item"><strong>ec</strong></a></strong></dt>
<dd>
<p>EC (Elliptic curve) key processing.</p>
</dd>
<dt><strong><a name="ecparam" class="item"><strong>ecparam</strong></a></strong></dt>
<dd>
<p>EC parameter manipulation and generation.</p>
</dd>
<dt><strong><a name="enc" class="item"><strong>enc</strong></a></strong></dt>
<dd>
<p>Encoding with Ciphers.</p>
</dd>
<dt><strong><a name="engine" class="item"><strong>engine</strong></a></strong></dt>
<dd>
<p>Engine (loadable module) information and manipulation.</p>
</dd>
<dt><strong><a name="errstr" class="item"><strong>errstr</strong></a></strong></dt>
<dd>
<p>Error Number to Error String Conversion.</p>
</dd>
<dt><strong><a name="gendh" class="item"><strong>gendh</strong></a></strong></dt>
<dd>
<p>Generation of Diffie-Hellman Parameters.
Obsoleted by <a href="#dhparam">dhparam(1)</a>.</p>
</dd>
<dt><strong><a name="gendsa" class="item"><strong>gendsa</strong></a></strong></dt>
<dd>
<p>Generation of DSA Private Key from Parameters. Superseded by
<a href="#genpkey">genpkey(1)</a> and <a href="#pkey">pkey(1)</a>.</p>
</dd>
<dt><strong><a name="genpkey" class="item"><strong>genpkey</strong></a></strong></dt>
<dd>
<p>Generation of Private Key or Parameters.</p>
</dd>
<dt><strong><a name="genrsa" class="item"><strong>genrsa</strong></a></strong></dt>
<dd>
<p>Generation of RSA Private Key. Superseded by <a href="#genpkey">genpkey(1)</a>.</p>
</dd>
<dt><strong><a name="nseq" class="item"><strong>nseq</strong></a></strong></dt>
<dd>
<p>Create or examine a Netscape certificate sequence.</p>
</dd>
<dt><strong><a name="ocsp" class="item"><strong>ocsp</strong></a></strong></dt>
<dd>
<p>Online Certificate Status Protocol utility.</p>
</dd>
<dt><strong><a name="passwd" class="item"><strong>passwd</strong></a></strong></dt>
<dd>
<p>Generation of hashed passwords.</p>
</dd>
<dt><strong><a name="pkcs12" class="item"><strong>pkcs12</strong></a></strong></dt>
<dd>
<p>PKCS#12 Data Management.</p>
</dd>
<dt><strong><a name="pkcs7" class="item"><strong>pkcs7</strong></a></strong></dt>
<dd>
<p>PKCS#7 Data Management.</p>
</dd>
<dt><strong><a name="pkcs8" class="item"><strong>pkcs8</strong></a></strong></dt>
<dd>
<p>PKCS#8 format private key conversion tool.</p>
</dd>
<dt><strong><a name="pkey" class="item"><strong>pkey</strong></a></strong></dt>
<dd>
<p>Public and private key management.</p>
</dd>
<dt><strong><a name="pkeyparam" class="item"><strong>pkeyparam</strong></a></strong></dt>
<dd>
<p>Public key algorithm parameter management.</p>
</dd>
<dt><strong><a name="pkeyutl" class="item"><strong>pkeyutl</strong></a></strong></dt>
<dd>
<p>Public key algorithm cryptographic operation utility.</p>
</dd>
<dt><strong><a name="prime" class="item"><strong>prime</strong></a></strong></dt>
<dd>
<p>Compute prime numbers.</p>
</dd>
<dt><strong><a name="rand" class="item"><strong>rand</strong></a></strong></dt>
<dd>
<p>Generate pseudo-random bytes.</p>
</dd>
<dt><strong><a name="rehash" class="item"><strong>rehash</strong></a></strong></dt>
<dd>
<p>Create symbolic links to certificate and CRL files named by the hash values.</p>
</dd>
<dt><strong><a name="req" class="item"><strong>req</strong></a></strong></dt>
<dd>
<p>PKCS#10 X.509 Certificate Signing Request (CSR) Management.</p>
</dd>
<dt><strong><a name="rsa" class="item"><strong>rsa</strong></a></strong></dt>
<dd>
<p>RSA key management.</p>
</dd>
<dt><strong><a name="rsautl" class="item"><strong>rsautl</strong></a></strong></dt>
<dd>
<p>RSA utility for signing, verification, encryption, and decryption. Superseded
by <a href="#pkeyutl">pkeyutl(1)</a>.</p>
</dd>
<dt><strong><a name="s_client" class="item"><strong>s_client</strong></a></strong></dt>
<dd>
<p>This implements a generic SSL/TLS client which can establish a transparent
connection to a remote server speaking SSL/TLS. It's intended for testing
purposes only and provides only rudimentary interface functionality but
internally uses mostly all functionality of the OpenSSL <strong>ssl</strong> library.</p>
</dd>
<dt><strong><a name="s_server" class="item"><strong>s_server</strong></a></strong></dt>
<dd>
<p>This implements a generic SSL/TLS server which accepts connections from remote
clients speaking SSL/TLS. It's intended for testing purposes only and provides
only rudimentary interface functionality but internally uses mostly all
functionality of the OpenSSL <strong>ssl</strong> library. It provides both an own command
line oriented protocol for testing SSL functions and a simple HTTP response
facility to emulate an SSL/TLS-aware webserver.</p>
</dd>
<dt><strong><a name="s_time" class="item"><strong>s_time</strong></a></strong></dt>
<dd>
<p>SSL Connection Timer.</p>
</dd>
<dt><strong><a name="sess_id" class="item"><strong>sess_id</strong></a></strong></dt>
<dd>
<p>SSL Session Data Management.</p>
</dd>
<dt><strong><a name="smime" class="item"><strong>smime</strong></a></strong></dt>
<dd>
<p>S/MIME mail processing.</p>
</dd>
<dt><strong><a name="speed" class="item"><strong>speed</strong></a></strong></dt>
<dd>
<p>Algorithm Speed Measurement.</p>
</dd>
<dt><strong><a name="spkac" class="item"><strong>spkac</strong></a></strong></dt>
<dd>
<p>SPKAC printing and generating utility.</p>
</dd>
<dt><strong><a name="srp" class="item"><strong>srp</strong></a></strong></dt>
<dd>
<p>Maintain SRP password file.</p>
</dd>
<dt><strong><a name="storeutl" class="item"><strong>storeutl</strong></a></strong></dt>
<dd>
<p>Utility to list and display certificates, keys, CRLs, etc.</p>
</dd>
<dt><strong><a name="ts" class="item"><strong>ts</strong></a></strong></dt>
<dd>
<p>Time Stamping Authority tool (client/server).</p>
</dd>
<dt><strong><a name="verify" class="item"><strong>verify</strong></a></strong></dt>
<dd>
<p>X.509 Certificate Verification.</p>
</dd>
<dt><strong><a name="version" class="item"><strong>version</strong></a></strong></dt>
<dd>
<p>OpenSSL Version Information.</p>
</dd>
<dt><strong><a name="x509" class="item"><strong>x509</strong></a></strong></dt>
<dd>
<p>X.509 Certificate Data Management.</p>
</dd>
</dl>
<p>
</p>
<h2><a name="message_digest_commands">Message Digest Commands</a></h2>
<dl>
<dt><strong><a name="blake2b512" class="item"><strong>blake2b512</strong></a></strong></dt>
<dd>
<p>BLAKE2b-512 Digest</p>
</dd>
<dt><strong><a name="blake2s256" class="item"><strong>blake2s256</strong></a></strong></dt>
<dd>
<p>BLAKE2s-256 Digest</p>
</dd>
<dt><strong><a name="md2" class="item"><strong>md2</strong></a></strong></dt>
<dd>
<p>MD2 Digest</p>
</dd>
<dt><strong><a name="md4" class="item"><strong>md4</strong></a></strong></dt>
<dd>
<p>MD4 Digest</p>
</dd>
<dt><strong><a name="md5" class="item"><strong>md5</strong></a></strong></dt>
<dd>
<p>MD5 Digest</p>
</dd>
<dt><strong><a name="mdc2" class="item"><strong>mdc2</strong></a></strong></dt>
<dd>
<p>MDC2 Digest</p>
</dd>
<dt><strong><a name="rmd160" class="item"><strong>rmd160</strong></a></strong></dt>
<dd>
<p>RMD-160 Digest</p>
</dd>
<dt><strong><a name="sha1" class="item"><strong>sha1</strong></a></strong></dt>
<dd>
<p>SHA-1 Digest</p>
</dd>
<dt><strong><a name="sha224" class="item"><strong>sha224</strong></a></strong></dt>
<dd>
<p>SHA-2 224 Digest</p>
</dd>
<dt><strong><a name="sha256" class="item"><strong>sha256</strong></a></strong></dt>
<dd>
<p>SHA-2 256 Digest</p>
</dd>
<dt><strong><a name="sha384" class="item"><strong>sha384</strong></a></strong></dt>
<dd>
<p>SHA-2 384 Digest</p>
</dd>
<dt><strong><a name="sha512" class="item"><strong>sha512</strong></a></strong></dt>
<dd>
<p>SHA-2 512 Digest</p>
</dd>
<dt><strong><a name="sha3_224" class="item"><strong>sha3-224</strong></a></strong></dt>
<dd>
<p>SHA-3 224 Digest</p>
</dd>
<dt><strong><a name="sha3_256" class="item"><strong>sha3-256</strong></a></strong></dt>
<dd>
<p>SHA-3 256 Digest</p>
</dd>
<dt><strong><a name="sha3_384" class="item"><strong>sha3-384</strong></a></strong></dt>
<dd>
<p>SHA-3 384 Digest</p>
</dd>
<dt><strong><a name="sha3_512" class="item"><strong>sha3-512</strong></a></strong></dt>
<dd>
<p>SHA-3 512 Digest</p>
</dd>
<dt><strong><a name="shake128" class="item"><strong>shake128</strong></a></strong></dt>
<dd>
<p>SHA-3 SHAKE128 Digest</p>
</dd>
<dt><strong><a name="shake256" class="item"><strong>shake256</strong></a></strong></dt>
<dd>
<p>SHA-3 SHAKE256 Digest</p>
</dd>
<dt><strong><a name="sm3" class="item"><strong>sm3</strong></a></strong></dt>
<dd>
<p>SM3 Digest</p>
</dd>
</dl>
<p>
</p>
<h2><a name="encoding_and_cipher_commands">Encoding and Cipher Commands</a></h2>
<p>The following aliases provide convenient access to the most used encodings
and ciphers.</p>
<p>Depending on how OpenSSL was configured and built, not all ciphers listed
here may be present. See <a href="#enc">enc(1)</a> for more information and command usage.</p>
<dl>
<dt><strong><a name="aes128_aes_128_cbc_aes_128_cfb_aes_128_ctr_aes_128_ecb_aes_128_ofb" class="item"><strong>aes128</strong>, <strong>aes-128-cbc</strong>, <strong>aes-128-cfb</strong>, <strong>aes-128-ctr</strong>, <strong>aes-128-ecb</strong>, <strong>aes-128-ofb</strong></a></strong></dt>
<dd>
<p>AES-128 Cipher</p>
</dd>
<dt><strong><a name="aes192_aes_192_cbc_aes_192_cfb_aes_192_ctr_aes_192_ecb_aes_192_ofb" class="item"><strong>aes192</strong>, <strong>aes-192-cbc</strong>, <strong>aes-192-cfb</strong>, <strong>aes-192-ctr</strong>, <strong>aes-192-ecb</strong>, <strong>aes-192-ofb</strong></a></strong></dt>
<dd>
<p>AES-192 Cipher</p>
</dd>
<dt><strong><a name="aes256_aes_256_cbc_aes_256_cfb_aes_256_ctr_aes_256_ecb_aes_256_ofb" class="item"><strong>aes256</strong>, <strong>aes-256-cbc</strong>, <strong>aes-256-cfb</strong>, <strong>aes-256-ctr</strong>, <strong>aes-256-ecb</strong>, <strong>aes-256-ofb</strong></a></strong></dt>
<dd>
<p>AES-256 Cipher</p>
</dd>
<dt><strong><a name="aria128_aria_128_cbc_aria_128_cfb_aria_128_ctr_aria_128_ecb_aria_128_ofb" class="item"><strong>aria128</strong>, <strong>aria-128-cbc</strong>, <strong>aria-128-cfb</strong>, <strong>aria-128-ctr</strong>, <strong>aria-128-ecb</strong>, <strong>aria-128-ofb</strong></a></strong></dt>
<dd>
<p>Aria-128 Cipher</p>
</dd>
<dt><strong><a name="aria192_aria_192_cbc_aria_192_cfb_aria_192_ctr_aria_192_ecb_aria_192_ofb" class="item"><strong>aria192</strong>, <strong>aria-192-cbc</strong>, <strong>aria-192-cfb</strong>, <strong>aria-192-ctr</strong>, <strong>aria-192-ecb</strong>, <strong>aria-192-ofb</strong></a></strong></dt>
<dd>
<p>Aria-192 Cipher</p>
</dd>
<dt><strong><a name="aria256_aria_256_cbc_aria_256_cfb_aria_256_ctr_aria_256_ecb_aria_256_ofb" class="item"><strong>aria256</strong>, <strong>aria-256-cbc</strong>, <strong>aria-256-cfb</strong>, <strong>aria-256-ctr</strong>, <strong>aria-256-ecb</strong>, <strong>aria-256-ofb</strong></a></strong></dt>
<dd>
<p>Aria-256 Cipher</p>
</dd>
<dt><strong><a name="base64" class="item"><strong>base64</strong></a></strong></dt>
<dd>
<p>Base64 Encoding</p>
</dd>
<dt><strong><a name="bf_bf_cbc_bf_cfb_bf_ecb_bf_ofb" class="item"><strong>bf</strong>, <strong>bf-cbc</strong>, <strong>bf-cfb</strong>, <strong>bf-ecb</strong>, <strong>bf-ofb</strong></a></strong></dt>
<dd>
<p>Blowfish Cipher</p>
</dd>
<dt><strong><a name="camellia128_camellia_128_cbc_camellia_128_cfb_camellia_128_ctr_camellia_128_ecb_camellia_128_ofb" class="item"><strong>camellia128</strong>, <strong>camellia-128-cbc</strong>, <strong>camellia-128-cfb</strong>, <strong>camellia-128-ctr</strong>, <strong>camellia-128-ecb</strong>, <strong>camellia-128-ofb</strong></a></strong></dt>
<dd>
<p>Camellia-128 Cipher</p>
</dd>
<dt><strong><a name="camellia192_camellia_192_cbc_camellia_192_cfb_camellia_192_ctr_camellia_192_ecb_camellia_192_ofb" class="item"><strong>camellia192</strong>, <strong>camellia-192-cbc</strong>, <strong>camellia-192-cfb</strong>, <strong>camellia-192-ctr</strong>, <strong>camellia-192-ecb</strong>, <strong>camellia-192-ofb</strong></a></strong></dt>
<dd>
<p>Camellia-192 Cipher</p>
</dd>
<dt><strong><a name="camellia256_camellia_256_cbc_camellia_256_cfb_camellia_256_ctr_camellia_256_ecb_camellia_256_ofb" class="item"><strong>camellia256</strong>, <strong>camellia-256-cbc</strong>, <strong>camellia-256-cfb</strong>, <strong>camellia-256-ctr</strong>, <strong>camellia-256-ecb</strong>, <strong>camellia-256-ofb</strong></a></strong></dt>
<dd>
<p>Camellia-256 Cipher</p>
</dd>
<dt><strong><a name="cast_cast_cbc" class="item"><strong>cast</strong>, <strong>cast-cbc</strong></a></strong></dt>
<dd>
<p>CAST Cipher</p>
</dd>
<dt><strong><a name="cast5_cbc_cast5_cfb_cast5_ecb_cast5_ofb" class="item"><strong>cast5-cbc</strong>, <strong>cast5-cfb</strong>, <strong>cast5-ecb</strong>, <strong>cast5-ofb</strong></a></strong></dt>
<dd>
<p>CAST5 Cipher</p>
</dd>
<dt><strong><a name="chacha20" class="item"><strong>chacha20</strong></a></strong></dt>
<dd>
<p>Chacha20 Cipher</p>
</dd>
<dt><strong><a name="des_des_cbc_des_cfb_des_ecb_des_ede_des_ede_cbc_des_ede_cfb_des_ede_ofb_des_ofb" class="item"><strong>des</strong>, <strong>des-cbc</strong>, <strong>des-cfb</strong>, <strong>des-ecb</strong>, <strong>des-ede</strong>, <strong>des-ede-cbc</strong>, <strong>des-ede-cfb</strong>, <strong>des-ede-ofb</strong>, <strong>des-ofb</strong></a></strong></dt>
<dd>
<p>DES Cipher</p>
</dd>
<dt><strong><a name="des3_desx_des_ede3_des_ede3_cbc_des_ede3_cfb_des_ede3_ofb" class="item"><strong>des3</strong>, <strong>desx</strong>, <strong>des-ede3</strong>, <strong>des-ede3-cbc</strong>, <strong>des-ede3-cfb</strong>, <strong>des-ede3-ofb</strong></a></strong></dt>
<dd>
<p>Triple-DES Cipher</p>
</dd>
<dt><strong><a name="idea_idea_cbc_idea_cfb_idea_ecb_idea_ofb" class="item"><strong>idea</strong>, <strong>idea-cbc</strong>, <strong>idea-cfb</strong>, <strong>idea-ecb</strong>, <strong>idea-ofb</strong></a></strong></dt>
<dd>
<p>IDEA Cipher</p>
</dd>
<dt><strong><a name="rc2_rc2_cbc_rc2_cfb_rc2_ecb_rc2_ofb" class="item"><strong>rc2</strong>, <strong>rc2-cbc</strong>, <strong>rc2-cfb</strong>, <strong>rc2-ecb</strong>, <strong>rc2-ofb</strong></a></strong></dt>
<dd>
<p>RC2 Cipher</p>
</dd>
<dt><strong><a name="rc4" class="item"><strong>rc4</strong></a></strong></dt>
<dd>
<p>RC4 Cipher</p>
</dd>
<dt><strong><a name="rc5_rc5_cbc_rc5_cfb_rc5_ecb_rc5_ofb" class="item"><strong>rc5</strong>, <strong>rc5-cbc</strong>, <strong>rc5-cfb</strong>, <strong>rc5-ecb</strong>, <strong>rc5-ofb</strong></a></strong></dt>
<dd>
<p>RC5 Cipher</p>
</dd>
<dt><strong><a name="seed_seed_cbc_seed_cfb_seed_ecb_seed_ofb" class="item"><strong>seed</strong>, <strong>seed-cbc</strong>, <strong>seed-cfb</strong>, <strong>seed-ecb</strong>, <strong>seed-ofb</strong></a></strong></dt>
<dd>
<p>SEED Cipher</p>
</dd>
<dt><strong><a name="sm4_sm4_cbc_sm4_cfb_sm4_ctr_sm4_ecb_sm4_ofb" class="item"><strong>sm4</strong>, <strong>sm4-cbc</strong>, <strong>sm4-cfb</strong>, <strong>sm4-ctr</strong>, <strong>sm4-ecb</strong>, <strong>sm4-ofb</strong></a></strong></dt>
<dd>
<p>SM4 Cipher</p>
</dd>
</dl>
<p>
</p>
<hr />
<h1><a name="options">OPTIONS</a></h1>
<p>Details of which options are available depend on the specific command.
This section describes some common options with common behavior.</p>
<p>
</p>
<h2><a name="common_options">Common Options</a></h2>
<dl>
<dt><strong><a name="help" class="item"><strong>-help</strong></a></strong></dt>
<dd>
<p>Provides a terse summary of all options.</p>
</dd>
</dl>
<p>
</p>
<h2><a name="pass_phrase_options">Pass Phrase Options</a></h2>
<p>Several commands accept password arguments, typically using <strong>-passin</strong>
and <strong>-passout</strong> for input and output passwords respectively. These allow
the password to be obtained from a variety of sources. Both of these
options take a single argument whose format is described below. If no
password argument is given and a password is required then the user is
prompted to enter one: this will typically be read from the current
terminal with echoing turned off.</p>
<p>Note that character encoding may be relevant, please see
<em>passphrase-encoding(7)</em>.</p>
<dl>
<dt><strong><a name="pass_password" class="item"><strong>pass:password</strong></a></strong></dt>
<dd>
<p>The actual password is <strong>password</strong>. Since the password is visible
to utilities (like 'ps' under Unix) this form should only be used
where security is not important.</p>
</dd>
<dt><strong><a name="env_var" class="item"><strong>env:var</strong></a></strong></dt>
<dd>
<p>Obtain the password from the environment variable <strong>var</strong>. Since
the environment of other processes is visible on certain platforms
(e.g. ps under certain Unix OSes) this option should be used with caution.</p>
</dd>
<dt><strong><a name="file_pathname" class="item"><strong>file:pathname</strong></a></strong></dt>
<dd>
<p>The first line of <strong>pathname</strong> is the password. If the same <strong>pathname</strong>
argument is supplied to <strong>-passin</strong> and <strong>-passout</strong> arguments then the first
line will be used for the input password and the next line for the output
password. <strong>pathname</strong> need not refer to a regular file: it could for example
refer to a device or named pipe.</p>
</dd>
<dt><strong><a name="fd_number" class="item"><strong>fd:number</strong></a></strong></dt>
<dd>
<p>Read the password from the file descriptor <strong>number</strong>. This can be used to
send the data via a pipe for example.</p>
</dd>
<dt><strong><a name="stdin" class="item"><strong>stdin</strong></a></strong></dt>
<dd>
<p>Read the password from standard input.</p>
</dd>
</dl>
<p>
</p>
<hr />
<h1><a name="see_also">SEE ALSO</a></h1>
<p><a href="#asn1parse">asn1parse(1)</a>, <a href="#ca">ca(1)</a>, <a href="#ciphers">ciphers(1)</a>, <a href="#cms">cms(1)</a>, <em>config(5)</em>,
<a href="#crl">crl(1)</a>, <a href="#crl2pkcs7">crl2pkcs7(1)</a>, <a href="#dgst">dgst(1)</a>,
<a href="#dhparam">dhparam(1)</a>, <a href="#dsa">dsa(1)</a>, <a href="#dsaparam">dsaparam(1)</a>,
<a href="#ec">ec(1)</a>, <a href="#ecparam">ecparam(1)</a>,
<a href="#enc">enc(1)</a>, <a href="#engine">engine(1)</a>, <a href="#errstr">errstr(1)</a>, <a href="#gendsa">gendsa(1)</a>, <a href="#genpkey">genpkey(1)</a>,
<a href="#genrsa">genrsa(1)</a>, <a href="#nseq">nseq(1)</a>, <a href="#ocsp">ocsp(1)</a>,
<a href="#passwd">passwd(1)</a>,
<a href="#pkcs12">pkcs12(1)</a>, <a href="#pkcs7">pkcs7(1)</a>, <a href="#pkcs8">pkcs8(1)</a>,
<a href="#pkey">pkey(1)</a>, <a href="#pkeyparam">pkeyparam(1)</a>, <a href="#pkeyutl">pkeyutl(1)</a>, <a href="#prime">prime(1)</a>,
<a href="#rand">rand(1)</a>, <a href="#rehash">rehash(1)</a>, <a href="#req">req(1)</a>, <a href="#rsa">rsa(1)</a>,
<a href="#rsautl">rsautl(1)</a>, <a href="#s_client">s_client(1)</a>,
<a href="#s_server">s_server(1)</a>, <a href="#s_time">s_time(1)</a>, <a href="#sess_id">sess_id(1)</a>,
<a href="#smime">smime(1)</a>, <a href="#speed">speed(1)</a>, <a href="#spkac">spkac(1)</a>, <a href="#srp">srp(1)</a>, <a href="#storeutl">storeutl(1)</a>,
<a href="#ts">ts(1)</a>,
<a href="#verify">verify(1)</a>, <a href="#version">version(1)</a>, <a href="#x509">x509(1)</a>,
<em>crypto(7)</em>, <em>ssl(7)</em>, <em>x509v3_config(5)</em></p>
<p>
</p>
<hr />
<h1><a name="history">HISTORY</a></h1>
<p>The <strong>list-</strong><em>XXX</em><strong>-algorithms</strong> pseudo-commands were added in OpenSSL 1.0.0;
For notes on the availability of other commands, see their individual
manual pages.</p>
<p>
</p>
<hr />
<h1><a name="copyright">COPYRIGHT</a></h1>
<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
<a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink