diff options
author | Rich Salz <rsalz@openssl.org> | 2016-02-07 23:14:12 -0500 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2016-02-07 23:14:12 -0500 |
commit | a173a7ee3f51af71c27490247f9a65ff03553e2c (patch) | |
tree | cb975182fcab9d4553bc9fe9991bd37a32602055 /doc/apps | |
parent | 99978d51d6ba1ae8e36c1f82e98e9b2052131948 (diff) | |
download | openssl-a173a7ee3f51af71c27490247f9a65ff03553e2c.tar.gz |
more doc fixes
dgst: using digest instead of specific digest commands
the digest list specified in man dgst may be inaccurate, hence using
digest and referring to the list in digest-commands
'sha' as a digest name is no longer supported
dgst,pkeyutl cmds help cleanup
- In dgst, pkeyutl cmds, some options help was missing.
- fixed a minor typo in openssl.pod, that fixes make install.
- digest-commands was showing ‘sha’, which is not a supported digest
anymore.
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'doc/apps')
-rw-r--r-- | doc/apps/dgst.pod | 33 | ||||
-rw-r--r-- | doc/apps/openssl.pod | 2 | ||||
-rw-r--r-- | doc/apps/pkeyutl.pod | 34 |
3 files changed, 48 insertions, 21 deletions
diff --git a/doc/apps/dgst.pod b/doc/apps/dgst.pod index 25794c13bb..1c595dcf74 100644 --- a/doc/apps/dgst.pod +++ b/doc/apps/dgst.pod @@ -6,9 +6,9 @@ dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md4, md5 - mes =head1 SYNOPSIS -B<openssl> B<dgst> +B<openssl> B<dgst> [B<-help>] -[B<-sha|-sha1|-mdc2|-ripemd160|-sha224|-sha256|-sha384|-sha512|-md4|-md5>] +[B<-I<digest>>] [B<-c>] [B<-d>] [B<-hex>] @@ -23,6 +23,8 @@ B<openssl> B<dgst> [B<-signature filename>] [B<-hmac key>] [B<-fips-fingerprint>] +[B<-engine id>] +[B<-engine_impl>] [B<file...>] B<openssl> @@ -38,8 +40,8 @@ signatures using message digests. The generic name, B<dgst>, may be used with an option specifying the algorithm to be used. The default digest is I<sha256>. -The digest name may also be used as the command name. -To see the list of supported algorithms, use the <Ilist --digest-commands> +A supported I<digest> name may also be used as the command name. +To see the list of supported algorithms, use the I<list --digest-commands> command. =head1 OPTIONS @@ -50,6 +52,11 @@ command. Print out a usage message. +=item B<-I<digest>> + +Specifies name of a supported digest to be used. To see the list of +supported digests, use the command I<list --digest-commands>. + =item B<-c> print out the digest in two digit groups separated by colons, only relevant if @@ -86,12 +93,6 @@ digitally sign the digest using the private key in "filename". Specifies the key format to sign digest with. The DER, PEM, P12, and ENGINE formats are supported. -=item B<-engine id> - -Use engine B<id> for operations (including private key storage). -This engine is not used as source for digest algorithms, unless it is -also specified in the configuration file. - =item B<-sigopt nm:v> Pass options to the signature algorithm during sign or verify operations. @@ -162,6 +163,18 @@ all others. compute HMAC using a specific key for certain OpenSSL-FIPS operations. +=item B<-engine id> + +Use engine B<id> for operations (including private key storage). +This engine is not used as source for digest algorithms, unless it is +also specified in the configuration file or B<-engine_impl> is also +specified. + +=item B<-engine_impl> + +When used with the B<-engine> option, it specifies to also use +engine B<id> for digest operations. + =item B<file...> file or files to digest. If no files are specified then standard input is diff --git a/doc/apps/openssl.pod b/doc/apps/openssl.pod index f7a0d441df..717550d9cf 100644 --- a/doc/apps/openssl.pod +++ b/doc/apps/openssl.pod @@ -399,7 +399,7 @@ read the password from standard input. L<asn1parse(1)>, L<ca(1)>, L<config(5)>, L<crl(1)>, L<crl2pkcs7(1)>, L<dgst(1)>, L<dhparam(1)>, L<dsa(1)>, L<dsaparam(1)>, -L<enc(1)>, L<engine(1), L<gendsa(1)>, L<genpkey(1)>, +L<enc(1)>, L<engine(1)>, L<gendsa(1)>, L<genpkey(1)>, L<genrsa(1)>, L<nseq(1)>, L<openssl(1)>, L<passwd(1)>, L<pkcs12(1)>, L<pkcs7(1)>, L<pkcs8(1)>, diff --git a/doc/apps/pkeyutl.pod b/doc/apps/pkeyutl.pod index bd2b6e35b0..a2da2558f6 100644 --- a/doc/apps/pkeyutl.pod +++ b/doc/apps/pkeyutl.pod @@ -29,6 +29,7 @@ B<openssl> B<pkeyutl> [B<-hexdump>] [B<-asn1parse>] [B<-engine id>] +[B<-engine_impl>] =head1 DESCRIPTION @@ -53,13 +54,17 @@ if this option is not specified. specifies the output filename to write to or standard output by default. +=item B<-sigfile file> + +Signature file, required for B<verify> operations only + =item B<-inkey file> the input key file, by default it should be a private key. =item B<-keyform PEM|DER|ENGINE> -the key format PEM, DER or ENGINE. +the key format PEM, DER or ENGINE. Default is PEM. =item B<-passin arg> @@ -73,15 +78,7 @@ the peer key file, used by key derivation (agreement) operations. =item B<-peerform PEM|DER|ENGINE> -the peer key format PEM, DER or ENGINE. - -=item B<-engine id> - -specifying an engine (by its unique B<id> string) will cause B<pkeyutl> -to attempt to obtain a functional reference to the specified engine, -thus initialising it if needed. The engine will then be set as the default -for all available algorithms. - +the peer key format PEM, DER or ENGINE. Default is PEM. =item B<-pubin> @@ -122,6 +119,10 @@ decrypt the input data using a private key. derive a shared secret using the peer key. +=item B<-pkeyopt opt:value> + +Public key options specified as opt:value. See NOTES below for more details. + =item B<-hexdump> hex dump the output data. @@ -131,6 +132,19 @@ hex dump the output data. asn1parse the output data, this is useful when combined with the B<-verifyrecover> option when an ASN1 structure is signed. +=item B<-engine id> + +specifying an engine (by its unique B<id> string) will cause B<pkeyutl> +to attempt to obtain a functional reference to the specified engine, +thus initialising it if needed. The engine will then be set as the default +for all available algorithms. + +=item B<-engine_impl> + +When used with the B<-engine> option, it specifies to also use +engine B<id> for crypto operations. + + =back =head1 NOTES |