summaryrefslogtreecommitdiff
path: root/src/lib/libssl/src/doc/apps/openssl.pod
diff options
context:
space:
mode:
authorbeck <>2000-03-19 11:13:58 +0000
committerbeck <>2000-03-19 11:13:58 +0000
commit796d609550df3a33fc11468741c5d2f6d3df4c11 (patch)
tree6c6d539061caa20372dad0ac4ddb1dfae2fbe7fe /src/lib/libssl/src/doc/apps/openssl.pod
parent5be3114c1fd7e0dfea1e38d3abb4cbba75244419 (diff)
downloadopenbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.gz
openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.bz2
openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.zip
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
Diffstat (limited to 'src/lib/libssl/src/doc/apps/openssl.pod')
-rw-r--r--src/lib/libssl/src/doc/apps/openssl.pod298
1 files changed, 298 insertions, 0 deletions
diff --git a/src/lib/libssl/src/doc/apps/openssl.pod b/src/lib/libssl/src/doc/apps/openssl.pod
new file mode 100644
index 0000000000..9b1320606b
--- /dev/null
+++ b/src/lib/libssl/src/doc/apps/openssl.pod
@@ -0,0 +1,298 @@
1
2=pod
3
4=head1 NAME
5
6openssl - OpenSSL command line tool
7
8=head1 SYNOPSIS
9
10B<openssl>
11I<command>
12[ I<command_opts> ]
13[ I<command_args> ]
14
15=head1 DESCRIPTION
16
17OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL
18v2/v3) and Transport Layer Security (TLS v1) network protocols and related
19cryptography standards required by them.
20
21The B<openssl> program is a command line tool for using the various
22cryptography functions of OpenSSL's B<crypto> library from the shell.
23It can be used for
24
25 o Creation of RSA, DH and DSA key parameters
26 o Creation of X.509 certificates, CSRs and CRLs
27 o Calculation of Message Digests
28 o Encryption and Decryption with Ciphers
29 o SSL/TLS Client and Server Tests
30 o Handling of S/MIME signed or encrypted mail
31
32=head1 COMMAND SUMMARY
33
34The B<openssl> program provides a rich variety of commands (I<command> in the
35SYNOPSIS above), each of which often has a wealth of options and arguments
36(I<command_opts> and I<command_args> in the SYNOPSIS).
37
38=head2 STANDARD COMMANDS
39
40=over 10
41
42=item L<B<asn1parse>|asn1parse(1)>
43
44Parse an ASN.1 sequence.
45
46=item L<B<ca>|ca(1)>
47
48Certificate Authority (CA) Management.
49
50=item L<B<ciphers>|ciphers(1)>
51
52Cipher Suite Description Determination.
53
54=item L<B<crl>|crl(1)>
55
56Certificate Revocation List (CRL) Management.
57
58=item L<B<crl2pkcs7>|crl2pkcs7(1)>
59
60CRL to PKCS#7 Conversion.
61
62=item L<B<dgst>|dgst(1)>
63
64Message Digest Calculation.
65
66=item L<B<dh>|dh(1)>
67
68Diffie-Hellman Data Management.
69
70=item L<B<dsa>|dsa(1)>
71
72DSA Data Management.
73
74=item L<B<dsaparam>|dsaparam(1)>
75
76DSA Parameter Generation.
77
78=item L<B<enc>|enc(1)>
79
80Encoding with Ciphers.
81
82=item L<B<errstr>|errstr(1)>
83
84Error Number to Error String Conversion.
85
86=item L<B<gendh>|gendh(1)>
87
88Generation of Diffie-Hellman Parameters.
89
90=item L<B<gendsa>|gendsa(1)>
91
92Generation of DSA Parameters.
93
94=item L<B<genrsa>|genrsa(1)>
95
96Generation of RSA Parameters.
97
98=item L<B<passwd>|passwd(1)>
99
100Generation of hashed passwords.
101
102=item L<B<pkcs7>|pkcs7(1)>
103
104PKCS#7 Data Management.
105
106=item L<B<req>|req(1)>
107
108X.509 Certificate Signing Request (CSR) Management.
109
110=item L<B<rsa>|rsa(1)>
111
112RSA Data Management.
113
114=item L<B<s_client>|s_client(1)>
115
116This implements a generic SSL/TLS client which can establish a transparent
117connection to a remote server speaking SSL/TLS. It's intended for testing
118purposes only and provides only rudimentary interface functionality but
119internally uses mostly all functionality of the OpenSSL B<ssl> library.
120
121=item L<B<s_server>|s_server(1)>
122
123This implements a generic SSL/TLS server which accepts connections from remote
124clients speaking SSL/TLS. It's intended for testing purposes only and provides
125only rudimentary interface functionality but internally uses mostly all
126functionality of the OpenSSL B<ssl> library. It provides both an own command
127line oriented protocol for testing SSL functions and a simple HTTP response
128facility to emulate an SSL/TLS-aware webserver.
129
130=item L<B<s_time>|s_time(1)>
131
132SSL Connection Timer.
133
134=item L<B<sess_id>|sess_id(1)>
135
136SSL Session Data Management.
137
138=item L<B<smime>|smime(1)>
139
140S/MIME mail processing.
141
142=item L<B<speed>|speed(1)>
143
144Algorithm Speed Measurement.
145
146=item L<B<verify>|verify(1)>
147
148X.509 Certificate Verification.
149
150=item L<B<version>|version(1)>
151
152OpenSSL Version Information.
153
154=item L<B<x509>|x509(1)>
155
156X.509 Certificate Data Management.
157
158=back
159
160=head2 MESSAGE DIGEST COMMANDS
161
162=over 10
163
164=item B<md2>
165
166MD2 Digest
167
168=item B<md5>
169
170MD5 Digest
171
172=item B<mdc2>
173
174MDC2 Digest
175
176=item B<rmd160>
177
178RMD-160 Digest
179
180=item B<sha>
181
182SHA Digest
183
184=item B<sha1>
185
186SHA-1 Digest
187
188=back
189
190=head2 ENCODING AND CIPHER COMMANDS
191
192=over 10
193
194=item B<base64>
195
196Base64 Encoding
197
198=item B<bf bf-cbc bf-cfb bf-ecb bf-ofb>
199
200Blowfish Cipher
201
202=item B<cast cast-cbc>
203
204CAST Cipher
205
206=item B<cast5-cbc cast5-cfb cast5-ecb cast5-ofb>
207
208CAST5 Cipher
209
210=item B<des des-cbc des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb des-ede-ofb des-ofb>
211
212DES Cipher
213
214=item B<des3 desx des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb>
215
216Triple-DES Cipher
217
218=item B<idea idea-cbc idea-cfb idea-ecb idea-ofb>
219
220IDEA Cipher
221
222=item B<rc2 rc2-cbc rc2-cfb rc2-ecb rc2-ofb>
223
224RC2 Cipher
225
226=item B<rc4>
227
228RC4 Cipher
229
230=item B<rc5 rc5-cbc rc5-cfb rc5-ecb rc5-ofb>
231
232RC5 Cipher
233
234=back
235
236=head1 PASS PHRASE ARGUMENTS
237
238Several commands accept password arguments, typically using B<-passin>
239and B<-passout> for input and output passwords respectively. These allow
240the password to be obtained from a variety of sources. Both of these
241options take a single argument whose format is described below. If no
242password argument is given and a password is required then the user is
243prompted to enter one: this will typically be read from the current
244terminal with echoing turned off.
245
246=over 10
247
248=item B<pass:password>
249
250the actual password is B<password>. Since the password is visible
251to utilities (like 'ps' under Unix) this form should only be used
252where security is not important.
253
254=item B<env:var>
255
256obtain the password from the environment variable B<var>. Since
257the environment of other processes is visible on certain platforms
258(e.g. ps under certain Unix OSes) this option should be used with caution.
259
260=item B<file:pathname>
261
262the first line of B<pathname> is the password. If the same B<pathname>
263argument is supplied to B<-passin> and B<-passout> arguments then the first
264line will be used for the input password and the next line for the output
265password. B<pathname> need not refer to a regular file: it could for example
266refer to a device or named pipe.
267
268=item B<fd:number>
269
270read the password from the file descriptor B<number>. This can be used to
271send the data via a pipe for example.
272
273=item B<stdin>
274
275read the password from standard input.
276
277=back
278
279=head1 SEE ALSO
280
281L<asn1parse(1)|asn1parse(1)>, L<ca(1)|ca(1)>, L<config(5)|config(5)>,
282L<crl(1)|crl(1)>, L<crl2pkcs7(1)|crl2pkcs7(1)>, L<dgst(1)|dgst(1)>,
283L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
284L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>,
285L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
286L<passwd(1)|passwd(1)>,
287L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
288L<req(1)|req(1)>, L<rsa(1)|rsa(1)>, L<s_client(1)|s_client(1)>,
289L<s_server(1)|s_server(1)>, L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
290L<verify(1)|verify(1)>, L<version(1)|version(1)>, L<x509(1)|x509(1)>,
291L<crypto(3)|crypto(3)>, L<ssl(3)|ssl(3)>
292
293=head1 HISTORY
294
295The openssl(1) document appeared in OpenSSL 0.9.2
296
297=cut
298