diff options
| -rw-r--r-- | src/usr.bin/openssl/openssl.1 | 14 | ||||
| -rw-r--r-- | src/usr.bin/openssl/rsautl.c | 11 |
2 files changed, 18 insertions, 7 deletions
diff --git a/src/usr.bin/openssl/openssl.1 b/src/usr.bin/openssl/openssl.1 index c430e49f0f..4c9d15b9d1 100644 --- a/src/usr.bin/openssl/openssl.1 +++ b/src/usr.bin/openssl/openssl.1 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: openssl.1,v 1.143 2023/04/25 16:11:02 tb Exp $ | 1 | .\" $OpenBSD: openssl.1,v 1.144 2023/05/05 18:01:27 tb Exp $ |
| 2 | .\" ==================================================================== | 2 | .\" ==================================================================== |
| 3 | .\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. | 3 | .\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. |
| 4 | .\" | 4 | .\" |
| @@ -110,7 +110,7 @@ | |||
| 110 | .\" copied and put under another distribution licence | 110 | .\" copied and put under another distribution licence |
| 111 | .\" [including the GNU Public Licence.] | 111 | .\" [including the GNU Public Licence.] |
| 112 | .\" | 112 | .\" |
| 113 | .Dd $Mdocdate: April 25 2023 $ | 113 | .Dd $Mdocdate: May 5 2023 $ |
| 114 | .Dt OPENSSL 1 | 114 | .Dt OPENSSL 1 |
| 115 | .Os | 115 | .Os |
| 116 | .Sh NAME | 116 | .Sh NAME |
| @@ -3505,6 +3505,8 @@ for PKCS#1 padding; | |||
| 3505 | for no padding; | 3505 | for no padding; |
| 3506 | .Cm oaep | 3506 | .Cm oaep |
| 3507 | for OAEP mode; | 3507 | for OAEP mode; |
| 3508 | .Cm x931 | ||
| 3509 | for X9.31 mode; | ||
| 3508 | and | 3510 | and |
| 3509 | .Cm pss | 3511 | .Cm pss |
| 3510 | for PSS. | 3512 | for PSS. |
| @@ -3515,6 +3517,8 @@ If a digest is set then a DigestInfo | |||
| 3515 | structure is used and its length | 3517 | structure is used and its length |
| 3516 | must correspond to the digest type. | 3518 | must correspond to the digest type. |
| 3517 | For oeap mode only encryption and decryption is supported. | 3519 | For oeap mode only encryption and decryption is supported. |
| 3520 | For x931 if the digest type is set it is used to format the block data; | ||
| 3521 | otherwise the first byte is used to specify the X9.31 digest ID. | ||
| 3518 | Sign, verify, and verifyrecover can be performed in this mode. | 3522 | Sign, verify, and verifyrecover can be performed in this mode. |
| 3519 | For pss mode only sign and verify are supported and the digest type must be | 3523 | For pss mode only sign and verify are supported and the digest type must be |
| 3520 | specified. | 3524 | specified. |
| @@ -4178,7 +4182,7 @@ Print the public/private key components in plain text. | |||
| 4178 | .Op Fl in Ar file | 4182 | .Op Fl in Ar file |
| 4179 | .Op Fl inkey Ar file | 4183 | .Op Fl inkey Ar file |
| 4180 | .Op Fl keyform Cm der | pem | 4184 | .Op Fl keyform Cm der | pem |
| 4181 | .Op Fl oaep | pkcs | raw | 4185 | .Op Fl oaep | pkcs | raw | x931 |
| 4182 | .Op Fl out Ar file | 4186 | .Op Fl out Ar file |
| 4183 | .Op Fl passin Ar arg | 4187 | .Op Fl passin Ar arg |
| 4184 | .Op Fl pubin | 4188 | .Op Fl pubin |
| @@ -4216,9 +4220,9 @@ The input key file; by default an RSA private key. | |||
| 4216 | The private key format. | 4220 | The private key format. |
| 4217 | The default is | 4221 | The default is |
| 4218 | .Cm pem . | 4222 | .Cm pem . |
| 4219 | .It Fl oaep | pkcs | raw | 4223 | .It Fl oaep | pkcs | raw | x931 |
| 4220 | The padding to use: | 4224 | The padding to use: |
| 4221 | PKCS#1 OAEP, PKCS#1 v1.5 (the default), no padding, | 4225 | PKCS#1 OAEP, PKCS#1 v1.5 (the default), no padding, or ANSI X9.31, |
| 4222 | respectively. | 4226 | respectively. |
| 4223 | For signatures, only | 4227 | For signatures, only |
| 4224 | .Fl pkcs | 4228 | .Fl pkcs |
diff --git a/src/usr.bin/openssl/rsautl.c b/src/usr.bin/openssl/rsautl.c index 4f674b0efe..d67e78807c 100644 --- a/src/usr.bin/openssl/rsautl.c +++ b/src/usr.bin/openssl/rsautl.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsautl.c,v 1.22 2023/04/09 18:33:26 tb Exp $ */ | 1 | /* $OpenBSD: rsautl.c,v 1.23 2023/05/05 18:01:27 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| @@ -206,6 +206,13 @@ static const struct option rsautl_options[] = { | |||
| 206 | .value = RSA_VERIFY, | 206 | .value = RSA_VERIFY, |
| 207 | .opt.value = &cfg.rsa_mode, | 207 | .opt.value = &cfg.rsa_mode, |
| 208 | }, | 208 | }, |
| 209 | { | ||
| 210 | .name = "x931", | ||
| 211 | .desc = "Use ANSI X9.31 padding", | ||
| 212 | .type = OPTION_VALUE, | ||
| 213 | .value = RSA_X931_PADDING, | ||
| 214 | .opt.value = &cfg.pad, | ||
| 215 | }, | ||
| 209 | 216 | ||
| 210 | {NULL}, | 217 | {NULL}, |
| 211 | }; | 218 | }; |
| @@ -217,7 +224,7 @@ rsautl_usage() | |||
| 217 | "usage: rsautl [-asn1parse] [-certin] [-decrypt] [-encrypt] " | 224 | "usage: rsautl [-asn1parse] [-certin] [-decrypt] [-encrypt] " |
| 218 | "[-hexdump]\n" | 225 | "[-hexdump]\n" |
| 219 | " [-in file] [-inkey file] [-keyform der | pem]\n" | 226 | " [-in file] [-inkey file] [-keyform der | pem]\n" |
| 220 | " [-oaep | -pkcs | -raw] [-out file] [-passin arg]\n" | 227 | " [-oaep | -pkcs | -raw | -x931] [-out file] [-passin arg]\n" |
| 221 | " [-pubin] [-rev] [-sign] [-verify]\n\n"); | 228 | " [-pubin] [-rev] [-sign] [-verify]\n\n"); |
| 222 | 229 | ||
| 223 | options_usage(rsautl_options); | 230 | options_usage(rsautl_options); |