openssl-pkeyutl.pod.in - OpenGrok cross reference for /freebsd/crypto/openssl/doc/man1/openssl-pkeyutl.pod.in

Lines Matching +full:input +full:- +full:only
2 {- OpenSSL::safe::output_do_not_edit_headers(); -}
6 openssl-pkeyutl - public key algorithm command
11 [B<-help>]
12 [B<-in> I<file>]
13 [B<-rawin>]
14 [B<-digest> I<algorithm>]
15 [B<-out> I<file>]
16 [B<-sigfile> I<file>]
17 [B<-inkey> I<filename>|I<uri>]
18 [B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>]
19 [B<-passin> I<arg>]
20 [B<-peerkey> I<file>]
21 [B<-peerform> B<DER>|B<PEM>|B<P12>|B<ENGINE>]
22 [B<-pubin>]
23 [B<-certin>]
24 [B<-rev>]
25 [B<-sign>]
26 [B<-verify>]
27 [B<-verifyrecover>]
28 [B<-encrypt>]
29 [B<-decrypt>]
30 [B<-derive>]
31 [B<-kdf> I<algorithm>]
32 [B<-kdflen> I<length>]
33 [B<-pkeyopt> I<opt>:I<value>]
34 [B<-pkeyopt_passin> I<opt>[:I<passarg>]]
35 [B<-hexdump>]
36 [B<-asn1parse>]
37 {- $OpenSSL::safe::opt_engine_synopsis -}[B<-engine_impl>]
38 {- $OpenSSL::safe::opt_r_synopsis -}
39 {- $OpenSSL::safe::opt_provider_synopsis -}
40 {- $OpenSSL::safe::opt_config_synopsis -}
44 This command can be used to perform low-level public key
47 By default the signing operation (see B<-sign> option) is assumed.
53 =item B<-help>
57 =item B<-in> I<filename>
59 This specifies the input filename to read data from or standard input
62 =item B<-rawin>
64 This indicates that the signature or verification input data is raw data,
67 the user can specify a digest algorithm by using the B<-digest> option.
69 the default digest algorithm is SHA-256. For SM2, it is SM3.
71 This option can only be used with B<-sign> and B<-verify>.
74 =item B<-digest> I<algorithm>
76 This option can only be used with B<-sign> and B<-verify>.
77 It specifies the digest algorithm that is used to hash the input data
78 before signing or verifying it with the input key. This option could be omitted
79 if the signature algorithm does not require preprocessing the input through
81 is omitted but the signature algorithm requires one and the B<-rawin> option
82 is given, a default value will be used (see B<-rawin> for details).
83 If this option is present, then the B<-rawin> option is required.
86 so the B<-digest> option cannot be used with EdDSA.
88 =item B<-out> I<filename>
93 =item B<-sigfile> I<file>
95 Signature file, required and allowed for B<-verify> operations only
97 =item B<-inkey> I<filename>|I<uri>
99 The input key, by default it should be a private key.
101 =item B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>
104 See L<openssl-format-options(1)> for details.
106 =item B<-passin> I<arg>
108 The input key password source. For more information about the format of I<arg>
109 see L<openssl-passphrase-options(1)>.
111 =item B<-peerkey> I<file>
115 =item B<-peerform> B<DER>|B<PEM>|B<P12>|B<ENGINE>
118 See L<openssl-format-options(1)> for details.
120 =item B<-pubin>
122 The input file is a public key.
124 =item B<-certin>
126 The input is a certificate containing a public key.
128 =item B<-rev>
130 Reverse the order of the input buffer. This is useful for some libraries
131 (such as CryptoAPI) which represent the buffer in little-endian format.
132 This cannot be used in conjunction with B<-rawin>.
134 =item B<-sign>
136 Sign the input data and output the signed result. This requires a private key.
138 when applicable, see the B<-rawin> and B<-digest> options for details.
139 Otherwise, the input data given with the B<-in> option is assumed to already
140 be a digest, but this may then require an additional B<-pkeyopt> C<digest:>I<md>
142 Even for other algorithms like ECDSA, where the additional B<-pkeyopt> option
144 checking that the input length is consistent with the intended digest.
146 =item B<-verify>
148 Verify the input data against the signature given with the B<-sigfile> option
150 The input data given with the B<-in> option is assumed to be a hash value
151 unless the B<-rawin> option is specified or implied.
155 =item B<-verifyrecover>
158 For example, in case of RSA PKCS#1 the recovered data is the B<EMSA-PKCS-v1_5>
160 L<RFC8017 Section 9.2|https://datatracker.ietf.org/doc/html/rfc8017#section-9.2>.
162 Note that here the input given with the B<-in> option is not a signature input
163 (as with the B<-sign> and B<-verify> options) but a signature output value,
164 typically produced using the B<-sign> option.
166 This option is available only for use with RSA keys.
168 =item B<-encrypt>
170 Encrypt the input data using a public key.
172 =item B<-decrypt>
174 Decrypt the input data using a private key.
176 =item B<-derive>
180 =item B<-kdf> I<algorithm>
183 at present B<TLS1-PRF> and B<HKDF>.
189 =item B<-kdflen> I<length>
193 =item B<-pkeyopt> I<opt>:I<value>
197 =item B<-pkeyopt_passin> I<opt>[:I<passarg>]
200 If only I<opt> is specified, the user will be prompted to enter a password on
202 supported by L<openssl-passphrase-options(1)>.
204 =item B<-hexdump>
208 =item B<-asn1parse>
211 When combined with the B<-verifyrecover> option, this may be useful only in case
212 an ASN.1 DER-encoded structure had been signed directly (without hashing it).
214 {- $OpenSSL::safe::opt_engine_item -}
216 {- output_off() if $disabled{"deprecated-3.0"}; "" -}
217 =item B<-engine_impl>
219 When used with the B<-engine> option, it specifies to also use
221 {- output_on() if $disabled{"deprecated-3.0"}; "" -}
223 {- $OpenSSL::safe::opt_r_item -}
225 {- $OpenSSL::safe::opt_provider_item -}
227 {- $OpenSSL::safe::opt_config_item -}
240 hash the input data. It is used (by some algorithms) for sanity-checking the
244 This command does not hash the input data (except where -rawin is used) but
245 rather it will use the data directly as input to the signature algorithm.
247 acceptable lengths of input data differ. The signed data can't be longer than
250 In any event the input size must not be larger than the largest supported digest
253 In other words, if the value of digest is B<sha1> the input should be the 20
254 bytes long binary encoding of the SHA-1 hash function output.
260 support only a subset of these operations. The following additional
276 For B<oaep> mode only encryption and decryption is supported.
282 For B<pss> mode only sign and verify are supported and the digest type must be
287 For B<pss> mode only this option specifies the salt length. Three special
305 =head1 RSA-PSS ALGORITHM
307 The RSA-PSS algorithm is a restricted version of the RSA algorithm which only
309 additional B<-pkeyopt> values are supported:
317 restrictions. The padding mode can only be set to B<pss> which is the
329 The DSA algorithm supports signing and verification operations only. Currently
330 there are no additional B<-pkeyopt> options other than B<digest>. The SHA1
335 The DH algorithm only supports the derivation operation and no additional
336 B<-pkeyopt> options.
342 the B<-pkeyopt> B<digest> option.
346 The X25519 and X448 algorithms support key derivation only. Currently there are
351 These algorithms only support signing and verifying. OpenSSL only implements the
353 without hashing them first. The option B<-rawin> must be used with these
354 algorithms with no B<-digest> specified. Additionally OpenSSL only supports
359 (for example if the input is stdin) then the sign or verify operation will fail.
365 be passed in. The following B<-pkeyopt> value is supported:
388  openssl pkeyutl -sign -in file -inkey key.pem -out sig
392  openssl pkeyutl -verifyrecover -in sig -inkey key.pem
396  openssl pkeyutl -verify -in file -sigfile sig -inkey key.pem
398 Sign data using a message digest value (this is currently only valid for RSA):
400  openssl pkeyutl -sign -in file -inkey key.pem -out sig -pkeyopt digest:sha256
404  openssl pkeyutl -derive -inkey key.pem -peerkey pubkey.pem -out secret
409  openssl pkeyutl -kdf TLS1-PRF -kdflen 48 -pkeyopt md:SHA256 \
410     -pkeyopt hexsecret:ff -pkeyopt hexseed:ff -hexdump
414  openssl pkeyutl -kdf scrypt -kdflen 16 -pkeyopt_passin pass \
415     -pkeyopt hexsalt:aabbcc -pkeyopt N:16384 -pkeyopt r:8 -pkeyopt p:1
419  openssl pkeyutl -kdf scrypt -kdflen 16 -pkeyopt_passin pass:env:MYPASS \
420     -pkeyopt hexsalt:aabbcc -pkeyopt N:16384 -pkeyopt r:8 -pkeyopt p:1
424  openssl pkeyutl -sign -in file -inkey sm2.key -out sig -rawin -digest sm3 \
425     -pkeyopt distid:someid
429  openssl pkeyutl -verify -certin -in file -inkey sm2.cert -sigfile sig \
430     -rawin -digest sm3 -pkeyopt distid:someid
434  openssl pkeyutl -decrypt -in file -inkey key.pem -out secret \
435     -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256
440 L<openssl-genpkey(1)>,
441 L<openssl-pkey(1)>,
442 L<openssl-rsautl(1)>
443 L<openssl-dgst(1)>,
444 L<openssl-rsa(1)>,
445 L<openssl-genrsa(1)>,
446 L<openssl-kdf(1)>
452 The B<-engine> option was deprecated in OpenSSL 3.0.
456 Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.