Import OpenSSL 1.1.0f
This commit is contained in:
Steve Dower
Steve Dower
@@ -7,14 +7,15 @@ pkeyutl - public key algorithm utility
|
||||
=head1 SYNOPSIS
|
||||
|
||||
B<openssl> B<pkeyutl>
|
||||
[B<-help>]
|
||||
[B<-in file>]
|
||||
[B<-out file>]
|
||||
[B<-sigfile file>]
|
||||
[B<-inkey file>]
|
||||
[B<-keyform PEM|DER>]
|
||||
[B<-keyform PEM|DER|ENGINE>]
|
||||
[B<-passin arg>]
|
||||
[B<-peerkey file>]
|
||||
[B<-peerform PEM|DER>]
|
||||
[B<-peerform PEM|DER|ENGINE>]
|
||||
[B<-pubin>]
|
||||
[B<-certin>]
|
||||
[B<-rev>]
|
||||
@@ -24,20 +25,27 @@ B<openssl> B<pkeyutl>
|
||||
[B<-encrypt>]
|
||||
[B<-decrypt>]
|
||||
[B<-derive>]
|
||||
[B<-kdf algorithm>]
|
||||
[B<-kdflen length>]
|
||||
[B<-pkeyopt opt:value>]
|
||||
[B<-hexdump>]
|
||||
[B<-asn1parse>]
|
||||
[B<-engine id>]
|
||||
[B<-engine_impl>]
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
The B<pkeyutl> command can be used to perform public key operations using
|
||||
any supported algorithm.
|
||||
|
||||
=head1 COMMAND OPTIONS
|
||||
=head1 OPTIONS
|
||||
|
||||
=over 4
|
||||
|
||||
=item B<-help>
|
||||
|
||||
Print out a usage message.
|
||||
|
||||
=item B<-in filename>
|
||||
|
||||
This specifies the input filename to read data from or standard input
|
||||
@@ -48,43 +56,39 @@ if this option is not specified.
|
||||
specifies the output filename to write to or standard output by
|
||||
default.
|
||||
|
||||
=item B<-sigfile file>
|
||||
|
||||
Signature file, required for B<verify> operations only
|
||||
|
||||
=item B<-inkey file>
|
||||
|
||||
the input key file, by default it should be a private key.
|
||||
|
||||
=item B<-keyform PEM|DER>
|
||||
=item B<-keyform PEM|DER|ENGINE>
|
||||
|
||||
the key format PEM, DER or ENGINE.
|
||||
the key format PEM, DER or ENGINE. Default is PEM.
|
||||
|
||||
=item B<-passin arg>
|
||||
|
||||
the input key password source. For more information about the format of B<arg>
|
||||
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
|
||||
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
|
||||
|
||||
|
||||
=item B<-peerkey file>
|
||||
|
||||
the peer key file, used by key derivation (agreement) operations.
|
||||
|
||||
=item B<-peerform PEM|DER>
|
||||
|
||||
the peer key format PEM, DER or ENGINE.
|
||||
|
||||
=item B<-engine id>
|
||||
|
||||
specifying an engine (by its unique B<id> string) will cause B<pkeyutl>
|
||||
to attempt to obtain a functional reference to the specified engine,
|
||||
thus initialising it if needed. The engine will then be set as the default
|
||||
for all available algorithms.
|
||||
=item B<-peerform PEM|DER|ENGINE>
|
||||
|
||||
the peer key format PEM, DER or ENGINE. Default is PEM.
|
||||
|
||||
=item B<-pubin>
|
||||
|
||||
the input file is a public key.
|
||||
the input file is a public key.
|
||||
|
||||
=item B<-certin>
|
||||
|
||||
the input is a certificate containing a public key.
|
||||
the input is a certificate containing a public key.
|
||||
|
||||
=item B<-rev>
|
||||
|
||||
@@ -117,6 +121,23 @@ decrypt the input data using a private key.
|
||||
|
||||
derive a shared secret using the peer key.
|
||||
|
||||
=item B<-kdf algorithm>
|
||||
|
||||
Use key derivation function B<algorithm>. The supported algorithms are
|
||||
at present B<TLS1-PRF> and B<HKDF>.
|
||||
Note: additional parameters and the KDF output length will normally have to be
|
||||
set for this to work.
|
||||
See L<EVP_PKEY_CTX_set_hkdf_md(3)> and L<EVP_PKEY_CTX_set_tls1_prf_md(3)>
|
||||
for the supported string parameters of each algorithm.
|
||||
|
||||
=item B<-kdflen length>
|
||||
|
||||
Set the output length for KDF.
|
||||
|
||||
=item B<-pkeyopt opt:value>
|
||||
|
||||
Public key options specified as opt:value. See NOTES below for more details.
|
||||
|
||||
=item B<-hexdump>
|
||||
|
||||
hex dump the output data.
|
||||
@@ -126,6 +147,18 @@ hex dump the output data.
|
||||
asn1parse the output data, this is useful when combined with the
|
||||
B<-verifyrecover> option when an ASN1 structure is signed.
|
||||
|
||||
=item B<-engine id>
|
||||
|
||||
specifying an engine (by its unique B<id> string) will cause B<pkeyutl>
|
||||
to attempt to obtain a functional reference to the specified engine,
|
||||
thus initialising it if needed. The engine will then be set as the default
|
||||
for all available algorithms.
|
||||
|
||||
=item B<-engine_impl>
|
||||
|
||||
When used with the B<-engine> option, it specifies to also use
|
||||
engine B<id> for crypto operations.
|
||||
|
||||
=back
|
||||
|
||||
=head1 NOTES
|
||||
@@ -153,24 +186,25 @@ long binary encoding of SHA-1 hash function output.
|
||||
|
||||
=head1 RSA ALGORITHM
|
||||
|
||||
The RSA algorithm supports encrypt, decrypt, sign, verify and verifyrecover
|
||||
operations in general. Some padding modes only support some of these
|
||||
operations however.
|
||||
The RSA algorithm generally supports the encrypt, decrypt, sign,
|
||||
verify and verifyrecover operations. However, some padding modes
|
||||
support only a subset of these operations. The following additional
|
||||
B<pkeyopt> values are supported:
|
||||
|
||||
=over 4
|
||||
|
||||
=item -B<rsa_padding_mode:mode>
|
||||
=item B<rsa_padding_mode:mode>
|
||||
|
||||
This sets the RSA padding mode. Acceptable values for B<mode> are B<pkcs1> for
|
||||
PKCS#1 padding, B<sslv23> for SSLv23 padding, B<none> for no padding, B<oaep>
|
||||
for B<OAEP> mode, B<x931> for X9.31 mode and B<pss> for PSS.
|
||||
|
||||
In PKCS#1 padding if the message digest is not set then the supplied data is
|
||||
In PKCS#1 padding if the message digest is not set then the supplied data is
|
||||
signed or verified directly instead of using a B<DigestInfo> structure. If a
|
||||
digest is set then the a B<DigestInfo> structure is used and its the length
|
||||
must correspond to the digest type.
|
||||
|
||||
For B<oeap> mode only encryption and decryption is supported.
|
||||
For B<oaep> mode only encryption and decryption is supported.
|
||||
|
||||
For B<x931> if the digest type is set it is used to format the block data
|
||||
otherwise the first byte is used to specify the X9.31 digest ID. Sign,
|
||||
@@ -207,6 +241,11 @@ verify operations use ECDSA and derive uses ECDH. Currently there are no
|
||||
additional options other than B<digest>. Only the SHA1 digest can be used and
|
||||
this digest is assumed by default.
|
||||
|
||||
=head1 X25519 ALGORITHM
|
||||
|
||||
The X25519 algorithm supports key derivation only. Currently there are no
|
||||
additional options.
|
||||
|
||||
=head1 EXAMPLES
|
||||
|
||||
Sign some data using a private key:
|
||||
@@ -229,7 +268,25 @@ Derive a shared secret value:
|
||||
|
||||
openssl pkeyutl -derive -inkey key.pem -peerkey pubkey.pem -out secret
|
||||
|
||||
Hexdump 48 bytes of TLS1 PRF using digest B<SHA256> and shared secret and
|
||||
seed consisting of the single byte 0xFF:
|
||||
|
||||
openssl pkeyutl -kdf TLS1-PRF -kdflen 48 -pkeyopt md:SHA256 \
|
||||
-pkeyopt hexsecret:ff -pkeyopt hexseed:ff -hexdump
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<genpkey(1)|genpkey(1)>, L<pkey(1)|pkey(1)>, L<rsautl(1)|rsautl(1)>
|
||||
L<dgst(1)|dgst(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>
|
||||
L<genpkey(1)>, L<pkey(1)>, L<rsautl(1)>
|
||||
L<dgst(1)>, L<rsa(1)>, L<genrsa(1)>,
|
||||
L<EVP_PKEY_CTX_set_hkdf_md(3)>, L<EVP_PKEY_CTX_set_tls1_prf_md(3)>
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
||||
Licensed under the OpenSSL license (the "License"). You may not use
|
||||
this file except in compliance with the License. You can obtain a copy
|
||||
in the file LICENSE in the source distribution or at
|
||||
L<https://www.openssl.org/source/license.html>.
|
||||
|
||||
=cut
|
||||
|
||||
Reference in New Issue
Block a user