diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2006-07-09 01:59:30 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2006-07-09 01:59:30 +0000 |
commit | 112161bd337f456a421d215b255f45f297f0349a (patch) | |
tree | 5201287feade751f27a6a92ad2cd880112efc989 /doc | |
parent | 5ba4bf35c5c596b86b56bde5977d252900367cad (diff) | |
download | openssl-112161bd337f456a421d215b255f45f297f0349a.tar.gz |
Update docs.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/apps/openssl.pod | 10 | ||||
-rw-r--r-- | doc/apps/pkcs12.pod | 42 |
2 files changed, 33 insertions, 19 deletions
diff --git a/doc/apps/openssl.pod b/doc/apps/openssl.pod index ad4523ab57..73723ebd95 100644 --- a/doc/apps/openssl.pod +++ b/doc/apps/openssl.pod @@ -12,7 +12,7 @@ I<command> [ I<command_opts> ] [ I<command_args> ] -B<openssl> [ B<list-standard-commands> | B<list-message-digest-commands> | B<list-cipher-commands> ] +B<openssl> [ B<list-standard-commands> | B<list-message-digest-commands> | B<list-cipher-commands> | B<list-cipher-algorithms> | B<list-message-digest-algorithms> | B<list-public-key-algorithms] B<openssl> B<no->I<XXX> [ I<arbitrary options> ] @@ -45,6 +45,14 @@ and B<list-cipher-commands> output a list (one entry per line) of the names of all standard commands, message digest commands, or cipher commands, respectively, that are available in the present B<openssl> utility. +The pseudo-commands B<list-cipher-algorithms> and +B<list-message-digest-algorithms> list all cipher and message digest names, one entry per line. Aliases are listed as: + + from => to + +The pseudo-command B<list-public-key-algorithms> lists all supported public +key algorithms. + The pseudo-command B<no->I<XXX> tests whether a command of the specified name is available. If no command named I<XXX> exists, it returns 0 (success) and prints B<no->I<XXX>; otherwise it returns 1 diff --git a/doc/apps/pkcs12.pod b/doc/apps/pkcs12.pod index 7d84146293..84f85f29a2 100644 --- a/doc/apps/pkcs12.pod +++ b/doc/apps/pkcs12.pod @@ -63,25 +63,25 @@ by default. =item B<-out filename> -The filename to write certificates and private keys to, standard output by default. -They are all written in PEM format. +The filename to write certificates and private keys to, standard output by +default. They are all written in PEM format. =item B<-pass arg>, B<-passin arg> -the PKCS#12 file (i.e. input file) password source. For more information about the -format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in +the PKCS#12 file (i.e. input file) password source. For more information about +the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. =item B<-passout arg> -pass phrase source to encrypt any outputed private keys with. For more information -about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in -L<openssl(1)|openssl(1)>. +pass phrase source to encrypt any outputed private keys with. For more +information about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section +in L<openssl(1)|openssl(1)>. =item B<-noout> -this option inhibits output of the keys and certificates to the output file version -of the PKCS#12 file. +this option inhibits output of the keys and certificates to the output file +version of the PKCS#12 file. =item B<-clcerts> @@ -148,10 +148,10 @@ by default. =item B<-in filename> -The filename to read certificates and private keys from, standard input by default. -They must all be in PEM format. The order doesn't matter but one private key and -its corresponding certificate should be present. If additional certificates are -present they will also be included in the PKCS#12 file. +The filename to read certificates and private keys from, standard input by +default. They must all be in PEM format. The order doesn't matter but one +private key and its corresponding certificate should be present. If additional +certificates are present they will also be included in the PKCS#12 file. =item B<-inkey filename> @@ -160,8 +160,8 @@ in the input file. =item B<-name friendlyname> -This specifies the "friendly name" for the certificate and private key. This name -is typically displayed in list boxes by software importing the file. +This specifies the "friendly name" for the certificate and private key. This +name is typically displayed in list boxes by software importing the file. =item B<-certfile filename> @@ -201,9 +201,11 @@ key is encrypted using triple DES and the certificate using 40 bit RC2. =item B<-keypbe alg>, B<-certpbe alg> these options allow the algorithm used to encrypt the private key and -certificates to be selected. Although any PKCS#5 v1.5 or PKCS#12 algorithms -can be selected it is advisable only to use PKCS#12 algorithms. See the list -in the B<NOTES> section for more information. +certificates to be selected. Any PKCS#5 v1.5 or PKCS#12 PBE algorithm name +can be used (see B<NOTES> section for more information). If a a cipher name +(as output by the B<list-cipher-algorithms> command is specified then it +is used with PKCS#5 v2.0. For interoperability reasons it is advisable to only +use PKCS#12 algorithms. =item B<-keyex|-keysig> @@ -216,6 +218,10 @@ S/MIME signing, authenticode (ActiveX control signing) and SSL client authentication, however due to a bug only MSIE 5.0 and later support the use of signing only keys for SSL client authentication. +=item B<-macalg digest> + +specify the MAC digest algorithm. If not included them SHA1 will be used. + =item B<-nomaciter>, B<-noiter> these options affect the iteration counts on the MAC and key algorithms. |