Lines Matching +full:sha3 +full:- +full:512
18 .\" Set up some character translations and predefined strings. \*(-- will
24 .tr \(*W-
27 . ds -- \(*W-
29 . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30 . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
37 . ds -- \|\(em\|
71 .\" Fear. Run. Save yourself. No user-serviceable parts.
81 . ds #H ((1u-(\\\\n(.fu%2u))*.13m)
97 . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
98 . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
99 . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
100 . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
101 . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
102 . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
104 . \" troff and (daisy-wheel) nroff accents
123 . ds d- d\h'-1'\(ga
124 . ds D- D\h'-1'\(hy
134 .TH OPENSSL 1ossl "2023-09-19" "3.0.11" "OpenSSL"
140 openssl \- OpenSSL command line program
148 \&\fBopenssl\fR \fBno\-\fR\fI\s-1XXX\s0\fR [ \fIoptions\fR ]
151 OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (\s-1SSL\s0
152 v2/v3) and Transport Layer Security (\s-1TLS\s0 v1) network protocols and related
172 the \*(L"\s-1SYNOPSIS\*(R"\s0 above).
177 (e.g., \fBopenssl\-x509\fR\|(1)). The subcommand \fBopenssl\-list\fR\|(1) may be used to list
180 The command \fBno\-\fR\fI\s-1XXX\s0\fR tests whether a command of the
181 specified name is available. If no command named \fI\s-1XXX\s0\fR exists, it
182 returns 0 (success) and prints \fBno\-\fR\fI\s-1XXX\s0\fR; otherwise it returns 1
183 and prints \fI\s-1XXX\s0\fR. In both cases, the output goes to \fBstdout\fR and
187 availability of ciphers in the \fBopenssl\fR program. (\fBno\-\fR\fI\s-1XXX\s0\fR is
188 not able to detect pseudo-commands such as \fBquit\fR,
189 \&\fBlist\fR, or \fBno\-\fR\fI\s-1XXX\s0\fR itself.)
193 arguments and have a \fB\-config\fR option to specify that file.
195 storage area, which can be determined from the \fBopenssl\-version\fR\|(1)
196 command using the \fB\-d\fR or \fB\-a\fR option.
197 The environment variable \fB\s-1OPENSSL_CONF\s0\fR can be used to specify a different
207 Parse an \s-1ASN.1\s0 sequence.
210 Certificate Authority (\s-1CA\s0) Management.
216 \&\s-1CMS\s0 (Cryptographic Message Syntax) command.
219 Certificate Revocation List (\s-1CRL\s0) Management.
222 \&\s-1CRL\s0 to PKCS#7 Conversion.
225 Message Digest calculation. \s-1MAC\s0 calculations are superseded by
226 \&\fBopenssl\-mac\fR\|(1).
229 Generation and Management of Diffie-Hellman Parameters. Superseded by
230 \&\fBopenssl\-genpkey\fR\|(1) and \fBopenssl\-pkeyparam\fR\|(1).
233 \&\s-1DSA\s0 Data Management.
236 \&\s-1DSA\s0 Parameter Generation and Management. Superseded by
237 \&\fBopenssl\-genpkey\fR\|(1) and \fBopenssl\-pkeyparam\fR\|(1).
240 \&\s-1EC\s0 (Elliptic curve) key processing.
243 \&\s-1EC\s0 parameter manipulation and generation.
255 \&\s-1FIPS\s0 configuration installation.
258 Generation of \s-1DSA\s0 Private Key from Parameters. Superseded by
259 \&\fBopenssl\-genpkey\fR\|(1) and \fBopenssl\-pkey\fR\|(1).
265 Generation of \s-1RSA\s0 Private Key. Superseded by \fBopenssl\-genpkey\fR\|(1).
313 Generate pseudo-random bytes.
316 Create symbolic links to certificate and \s-1CRL\s0 files named by the hash values.
319 PKCS#10 X.509 Certificate Signing Request (\s-1CSR\s0) Management.
322 \&\s-1RSA\s0 key management.
325 \&\s-1RSA\s0 command for signing, verification, encryption, and decryption. Superseded
326 by \fBopenssl\-pkeyutl\fR\|(1).
329 This implements a generic \s-1SSL/TLS\s0 client which can establish a transparent
330 connection to a remote server speaking \s-1SSL/TLS.\s0 It's intended for testing
335 This implements a generic \s-1SSL/TLS\s0 server which accepts connections from remote
336 clients speaking \s-1SSL/TLS.\s0 It's intended for testing purposes only and provides
339 line oriented protocol for testing \s-1SSL\s0 functions and a simple \s-1HTTP\s0 response
340 facility to emulate an SSL/TLS\-aware webserver.
343 \&\s-1SSL\s0 Connection Timer.
346 \&\s-1SSL\s0 Session Data Management.
355 \&\s-1SPKAC\s0 printing and generating command.
358 Maintain \s-1SRP\s0 password file. This command is deprecated.
368 See also the \fBopenssl\-verification\-options\fR\|(1) manual page.
379 BLAKE2b\-512 Digest
382 BLAKE2s\-256 Digest
385 \&\s-1MD2\s0 Digest
388 \&\s-1MD4\s0 Digest
391 \&\s-1MD5\s0 Digest
394 \&\s-1MDC2\s0 Digest
397 \&\s-1RMD\-160\s0 Digest
400 \&\s-1SHA\-1\s0 Digest
403 \&\s-1SHA\-2 224\s0 Digest
406 \&\s-1SHA\-2 256\s0 Digest
409 \&\s-1SHA\-2 384\s0 Digest
412 \&\s-1SHA\-2 512\s0 Digest
413 .IP "\fBsha3\-224\fR" 4
414 .IX Item "sha3-224"
415 \&\s-1SHA\-3 224\s0 Digest
416 .IP "\fBsha3\-256\fR" 4
417 .IX Item "sha3-256"
418 \&\s-1SHA\-3 256\s0 Digest
419 .IP "\fBsha3\-384\fR" 4
420 .IX Item "sha3-384"
421 \&\s-1SHA\-3 384\s0 Digest
422 .IP "\fBsha3\-512\fR" 4
423 .IX Item "sha3-512"
424 \&\s-1SHA\-3 512\s0 Digest
427 \&\s-1SHA\-3 SHAKE128\s0 Digest
430 \&\s-1SHA\-3 SHAKE256\s0 Digest
433 \&\s-1SM3\s0 Digest
440 here may be present. See \fBopenssl\-enc\fR\|(1) for more information.
441 .IP "\fBaes128\fR, \fBaes\-128\-cbc\fR, \fBaes\-128\-cfb\fR, \fBaes\-128\-ctr\fR, \fBaes\-128\-ecb\…
442 .IX Item "aes128, aes-128-cbc, aes-128-cfb, aes-128-ctr, aes-128-ecb, aes-128-ofb"
443 \&\s-1AES\-128\s0 Cipher
444 .IP "\fBaes192\fR, \fBaes\-192\-cbc\fR, \fBaes\-192\-cfb\fR, \fBaes\-192\-ctr\fR, \fBaes\-192\-ecb\…
445 .IX Item "aes192, aes-192-cbc, aes-192-cfb, aes-192-ctr, aes-192-ecb, aes-192-ofb"
446 \&\s-1AES\-192\s0 Cipher
447 .IP "\fBaes256\fR, \fBaes\-256\-cbc\fR, \fBaes\-256\-cfb\fR, \fBaes\-256\-ctr\fR, \fBaes\-256\-ecb\…
448 .IX Item "aes256, aes-256-cbc, aes-256-cfb, aes-256-ctr, aes-256-ecb, aes-256-ofb"
449 \&\s-1AES\-256\s0 Cipher
450 .IP "\fBaria128\fR, \fBaria\-128\-cbc\fR, \fBaria\-128\-cfb\fR, \fBaria\-128\-ctr\fR, \fBaria\-128\…
451 .IX Item "aria128, aria-128-cbc, aria-128-cfb, aria-128-ctr, aria-128-ecb, aria-128-ofb"
452 Aria\-128 Cipher
453 .IP "\fBaria192\fR, \fBaria\-192\-cbc\fR, \fBaria\-192\-cfb\fR, \fBaria\-192\-ctr\fR, \fBaria\-192\…
454 .IX Item "aria192, aria-192-cbc, aria-192-cfb, aria-192-ctr, aria-192-ecb, aria-192-ofb"
455 Aria\-192 Cipher
456 .IP "\fBaria256\fR, \fBaria\-256\-cbc\fR, \fBaria\-256\-cfb\fR, \fBaria\-256\-ctr\fR, \fBaria\-256\…
457 .IX Item "aria256, aria-256-cbc, aria-256-cfb, aria-256-ctr, aria-256-ecb, aria-256-ofb"
458 Aria\-256 Cipher
462 .IP "\fBbf\fR, \fBbf-cbc\fR, \fBbf-cfb\fR, \fBbf-ecb\fR, \fBbf-ofb\fR" 4
463 .IX Item "bf, bf-cbc, bf-cfb, bf-ecb, bf-ofb"
465 …a128\fR, \fBcamellia\-128\-cbc\fR, \fBcamellia\-128\-cfb\fR, \fBcamellia\-128\-ctr\fR, \fBcamellia…
466 .IX Item "camellia128, camellia-128-cbc, camellia-128-cfb, camellia-128-ctr, camellia-128-ecb, came…
467 Camellia\-128 Cipher
468 …a192\fR, \fBcamellia\-192\-cbc\fR, \fBcamellia\-192\-cfb\fR, \fBcamellia\-192\-ctr\fR, \fBcamellia…
469 .IX Item "camellia192, camellia-192-cbc, camellia-192-cfb, camellia-192-ctr, camellia-192-ecb, came…
470 Camellia\-192 Cipher
471 …a256\fR, \fBcamellia\-256\-cbc\fR, \fBcamellia\-256\-cfb\fR, \fBcamellia\-256\-ctr\fR, \fBcamellia…
472 .IX Item "camellia256, camellia-256-cbc, camellia-256-cfb, camellia-256-ctr, camellia-256-ecb, came…
473 Camellia\-256 Cipher
474 .IP "\fBcast\fR, \fBcast-cbc\fR" 4
475 .IX Item "cast, cast-cbc"
476 \&\s-1CAST\s0 Cipher
477 .IP "\fBcast5\-cbc\fR, \fBcast5\-cfb\fR, \fBcast5\-ecb\fR, \fBcast5\-ofb\fR" 4
478 .IX Item "cast5-cbc, cast5-cfb, cast5-ecb, cast5-ofb"
479 \&\s-1CAST5\s0 Cipher
483 …\fBdes\fR, \fBdes-cbc\fR, \fBdes-cfb\fR, \fBdes-ecb\fR, \fBdes-ede\fR, \fBdes-ede-cbc\fR, \fBdes-e…
484 .IX Item "des, des-cbc, des-cfb, des-ecb, des-ede, des-ede-cbc, des-ede-cfb, des-ede-ofb, des-ofb"
485 \&\s-1DES\s0 Cipher
486 .IP "\fBdes3\fR, \fBdesx\fR, \fBdes\-ede3\fR, \fBdes\-ede3\-cbc\fR, \fBdes\-ede3\-cfb\fR, \fBdes\-e…
487 .IX Item "des3, desx, des-ede3, des-ede3-cbc, des-ede3-cfb, des-ede3-ofb"
488 Triple-DES Cipher
489 .IP "\fBidea\fR, \fBidea-cbc\fR, \fBidea-cfb\fR, \fBidea-ecb\fR, \fBidea-ofb\fR" 4
490 .IX Item "idea, idea-cbc, idea-cfb, idea-ecb, idea-ofb"
491 \&\s-1IDEA\s0 Cipher
492 .IP "\fBrc2\fR, \fBrc2\-cbc\fR, \fBrc2\-cfb\fR, \fBrc2\-ecb\fR, \fBrc2\-ofb\fR" 4
493 .IX Item "rc2, rc2-cbc, rc2-cfb, rc2-ecb, rc2-ofb"
494 \&\s-1RC2\s0 Cipher
497 \&\s-1RC4\s0 Cipher
498 .IP "\fBrc5\fR, \fBrc5\-cbc\fR, \fBrc5\-cfb\fR, \fBrc5\-ecb\fR, \fBrc5\-ofb\fR" 4
499 .IX Item "rc5, rc5-cbc, rc5-cfb, rc5-ecb, rc5-ofb"
500 \&\s-1RC5\s0 Cipher
501 .IP "\fBseed\fR, \fBseed-cbc\fR, \fBseed-cfb\fR, \fBseed-ecb\fR, \fBseed-ofb\fR" 4
502 .IX Item "seed, seed-cbc, seed-cfb, seed-ecb, seed-ofb"
503 \&\s-1SEED\s0 Cipher
504 .IP "\fBsm4\fR, \fBsm4\-cbc\fR, \fBsm4\-cfb\fR, \fBsm4\-ctr\fR, \fBsm4\-ecb\fR, \fBsm4\-ofb\fR" 4
505 .IX Item "sm4, sm4-cbc, sm4-cfb, sm4-ctr, sm4-ecb, sm4-ofb"
506 \&\s-1SM4\s0 Cipher
513 .IP "\fB\-help\fR" 4
514 .IX Item "-help"
517 .IP "\fB\-\-\fR" 4
518 .IX Item "--"
523 \& openssl verify [flags...] \-\- \-cert1.pem...
527 See \fBopenssl\-format\-options\fR\|(1) for manual page.
530 See the \fBopenssl\-passphrase\-options\fR\|(1) manual page.
534 about the state of the random-number generator in a file that was loaded
541 every use of \fB\-rand\fR should be paired with \fB\-writerand\fR.
542 .IP "\fB\-rand\fR \fIfiles\fR" 4
543 .IX Item "-rand files"
546 Multiple files can be specified separated by an OS-dependent character.
547 The separator is \f(CW\*(C`;\*(C'\fR for MS-Windows, \f(CW\*(C`,\*(C'\fR for OpenVMS, and \f(CW\*(C…
550 .IP "\fB\-writerand\fR \fIfile\fR" 4
551 .IX Item "-writerand file"
556 See the \fBopenssl\-verification\-options\fR\|(1) manual page.
559 See the \fBopenssl\-namedisplay\-options\fR\|(1) manual page.
560 .SS "\s-1TLS\s0 Version Options"
562 Several commands use \s-1SSL, TLS,\s0 or \s-1DTLS.\s0 By default, the commands use \s-1TLS\s0 and
568 and whether \s-1TCP\s0 (\s-1SSL\s0 and \s-1TLS\s0) or \s-1UDP\s0 (\s-1DTLS\s0) is used.
571 …B\-ssl3\fR, \fB\-tls1\fR, \fB\-tls1_1\fR, \fB\-tls1_2\fR, \fB\-tls1_3\fR, \fB\-no_ssl3\fR, \fB\-no…
572 .IX Item "-ssl3, -tls1, -tls1_1, -tls1_2, -tls1_3, -no_ssl3, -no_tls1, -no_tls1_1, -no_tls1_2, -no_…
573 These options require or disable the use of the specified \s-1SSL\s0 or \s-1TLS\s0 protocols.
574 When a specific \s-1TLS\s0 version is required, only that version will be offered or
580 .IP "\fB\-dtls\fR, \fB\-dtls1\fR, \fB\-dtls1_2\fR" 4
581 .IX Item "-dtls, -dtls1, -dtls1_2"
582 These options specify to use \s-1DTLS\s0 instead of \s-1TLS.\s0
583 With \fB\-dtls\fR, clients will negotiate any supported \s-1DTLS\s0 protocol version.
584 Use the \fB\-dtls1\fR or \fB\-dtls1_2\fR options to support only \s-1DTLS1.0\s0 or \s-1DTLS1.2,\s0
588 .IP "\fB\-engine\fR \fIid\fR" 4
589 .IX Item "-engine id"
592 command-specific documentation or it is configured to do so, as described in
595 The engine will be used for key ids specified with \fB\-key\fR and similar
596 options when an option like \fB\-keyform engine\fR is given.
604 Options specifying keys, like \fB\-key\fR and similar, can use the generic
605 OpenSSL engine key loading \s-1URI\s0 scheme \f(CW\*(C`org.openssl.engine:\*(C'\fR to retrieve
606 private keys and public keys. The \s-1URI\s0 syntax is as follows, in simplified
615 engine that interfaces against a PKCS#11 implementation, the generic key \s-1URI\s0
620 \& \-key org.openssl.engine:pkcs11:label_some\-private\-key
624 their own \s-1\fBOSSL_STORE_LOADER\s0\fR\|(3), \f(CW\*(C`org.openssl.engine:\*(C'\fR should not be
626 the PKCS#11 \s-1URI\s0 as defined in \s-1RFC 7512\s0 should be possible to use directly:
629 \& \-key pkcs11:object=some\-private\-key;pin\-value=1234
633 .IP "\fB\-provider\fR \fIname\fR" 4
634 .IX Item "-provider name"
639 \&\*(L"\s-1MODULESDIR\*(R"\s0 path, \fB\s-1OPENSSL_MODULES\s0\fR environment variable, or the path
640 specified by \fB\-provider\-path\fR is prepended to relative paths.
642 .IP "\fB\-provider\-path\fR \fIpath\fR" 4
643 .IX Item "-provider-path path"
645 Equivalently, the \fB\s-1OPENSSL_MODULES\s0\fR environment variable may be set.
646 .IP "\fB\-propquery\fR \fIpropq\fR" 4
647 .IX Item "-propquery propq"
655 about specific commands, see \fBopenssl\-engine\fR\|(1),
656 \&\fBopenssl\-rehash\fR\|(1), and \fBtsget\fR\|(1).
659 see \*(L"\s-1ENVIRONMENT\*(R"\s0 in \fBconfig\fR\|(5).
661 For information about querying or specifying \s-1CPU\s0 architecture flags, see
665 see \fBopenssl\-env\fR\|(7).
676 .IP "\fB\s-1TRACE\s0\fR" 4
678 Traces the OpenSSL trace \s-1API\s0 itself.
679 .IP "\fB\s-1INIT\s0\fR" 4
682 .IP "\fB\s-1TLS\s0\fR" 4
684 Traces the \s-1TLS/SSL\s0 protocol.
685 .IP "\fB\s-1TLS_CIPHER\s0\fR" 4
687 Traces the ciphers used by the \s-1TLS/SSL\s0 protocol.
688 .IP "\fB\s-1CONF\s0\fR" 4
691 .IP "\fB\s-1ENGINE_TABLE\s0\fR" 4
693 The function that is used by \s-1RSA, DSA\s0 (etc) code to select registered
696 .IP "\fB\s-1ENGINE_REF_COUNT\s0\fR" 4
698 Reference counts in the \s-1ENGINE\s0 structure will be monitored with a line
700 .IP "\fB\s-1PKCS5V2\s0\fR" 4
703 .IP "\fB\s-1PKCS12_KEYGEN\s0\fR" 4
706 .IP "\fB\s-1PKCS12_DECRYPT\s0\fR" 4
713 .IP "\fB\s-1BN_CTX\s0\fR" 4
715 Traces \s-1BIGNUM\s0 context operations.
716 .IP "\fB\s-1CMP\s0\fR" 4
718 Traces \s-1CMP\s0 client and server activity.
719 .IP "\fB\s-1STORE\s0\fR" 4
721 Traces \s-1STORE\s0 operations.
722 .IP "\fB\s-1DECODER\s0\fR" 4
725 .IP "\fB\s-1ENCODER\s0\fR" 4
728 .IP "\fB\s-1REF_COUNT\s0\fR" 4
730 Traces decrementing certain \s-1ASN.1\s0 structure references.
736 \&\fBopenssl\-asn1parse\fR\|(1),
737 \&\fBopenssl\-ca\fR\|(1),
738 \&\fBopenssl\-ciphers\fR\|(1),
739 \&\fBopenssl\-cms\fR\|(1),
740 \&\fBopenssl\-crl\fR\|(1),
741 \&\fBopenssl\-crl2pkcs7\fR\|(1),
742 \&\fBopenssl\-dgst\fR\|(1),
743 \&\fBopenssl\-dhparam\fR\|(1),
744 \&\fBopenssl\-dsa\fR\|(1),
745 \&\fBopenssl\-dsaparam\fR\|(1),
746 \&\fBopenssl\-ec\fR\|(1),
747 \&\fBopenssl\-ecparam\fR\|(1),
748 \&\fBopenssl\-enc\fR\|(1),
749 \&\fBopenssl\-engine\fR\|(1),
750 \&\fBopenssl\-errstr\fR\|(1),
751 \&\fBopenssl\-gendsa\fR\|(1),
752 \&\fBopenssl\-genpkey\fR\|(1),
753 \&\fBopenssl\-genrsa\fR\|(1),
754 \&\fBopenssl\-kdf\fR\|(1),
755 \&\fBopenssl\-list\fR\|(1),
756 \&\fBopenssl\-mac\fR\|(1),
757 \&\fBopenssl\-nseq\fR\|(1),
758 \&\fBopenssl\-ocsp\fR\|(1),
759 \&\fBopenssl\-passwd\fR\|(1),
760 \&\fBopenssl\-pkcs12\fR\|(1),
761 \&\fBopenssl\-pkcs7\fR\|(1),
762 \&\fBopenssl\-pkcs8\fR\|(1),
763 \&\fBopenssl\-pkey\fR\|(1),
764 \&\fBopenssl\-pkeyparam\fR\|(1),
765 \&\fBopenssl\-pkeyutl\fR\|(1),
766 \&\fBopenssl\-prime\fR\|(1),
767 \&\fBopenssl\-rand\fR\|(1),
768 \&\fBopenssl\-rehash\fR\|(1),
769 \&\fBopenssl\-req\fR\|(1),
770 \&\fBopenssl\-rsa\fR\|(1),
771 \&\fBopenssl\-rsautl\fR\|(1),
772 \&\fBopenssl\-s_client\fR\|(1),
773 \&\fBopenssl\-s_server\fR\|(1),
774 \&\fBopenssl\-s_time\fR\|(1),
775 \&\fBopenssl\-sess_id\fR\|(1),
776 \&\fBopenssl\-smime\fR\|(1),
777 \&\fBopenssl\-speed\fR\|(1),
778 \&\fBopenssl\-spkac\fR\|(1),
779 \&\fBopenssl\-srp\fR\|(1),
780 \&\fBopenssl\-storeutl\fR\|(1),
781 \&\fBopenssl\-ts\fR\|(1),
782 \&\fBopenssl\-verify\fR\|(1),
783 \&\fBopenssl\-version\fR\|(1),
784 \&\fBopenssl\-x509\fR\|(1),
787 \&\fBopenssl\-env\fR\|(7).
792 The \fBlist\fR \-\fI\s-1XXX\s0\fR\fB\-algorithms\fR options were added in OpenSSL 1.0.0;
796 The \fB\-issuer_checks\fR option is deprecated as of OpenSSL 1.1.0 and
799 The \fB\-xcertform\fR and \fB\-xkeyform\fR options
807 Copyright 2000\-2023 The OpenSSL Project Authors. All Rights Reserved.
811 in the file \s-1LICENSE\s0 in the source distribution or at