" cert.pem... recipient certs for encryption\n"},
{OPT_HELP_STR, 1, '-', "Valid options are:\n"},
{"help", OPT_HELP, '-', "Display this summary"},
- {"inform", OPT_INFORM, 'F', "Input format SMIME (default), PEM or DER"},
- {"outform", OPT_OUTFORM, 'F',
+ {"inform", OPT_INFORM, 'c', "Input format SMIME (default), PEM or DER"},
+ {"outform", OPT_OUTFORM, 'c',
"Output format SMIME (default), PEM or DER"},
{"in", OPT_IN, '<', "Input file"},
{"out", OPT_OUT, '>', "Output file"},
{"encrypt", OPT_ENCRYPT, '-', "Encrypt message"},
{"decrypt", OPT_DECRYPT, '-', "Decrypt encrypted message"},
{"sign", OPT_SIGN, '-', "Sign message"},
- {"sign_receipt", OPT_SIGN_RECEIPT, '-'},
+ {"sign_receipt", OPT_SIGN_RECEIPT, '-', "Generate a signed receipt for the message"},
{"resign", OPT_RESIGN, '-'},
{"verify", OPT_VERIFY, '-', "Verify signed message"},
{"verify_retcode", OPT_VERIFY_RETCODE, '-'},
{"noindef", OPT_NOINDEF, '-'},
{"nooldmime", OPT_NOOLDMIME, '-'},
{"crlfeol", OPT_CRLFEOL, '-'},
- {"noout", OPT_NOOUT, '-'},
+ {"noout", OPT_NOOUT, '-', "For the -cmsout operation do not output the parsed CMS structure"},
{"receipt_request_print", OPT_RR_PRINT, '-'},
{"receipt_request_all", OPT_RR_ALL, '-'},
{"receipt_request_first", OPT_RR_FIRST, '-'},
"Do not load certificates from the default certificates directory"},
{"content", OPT_CONTENT, '<',
"Supply or override content for detached signature"},
- {"print", OPT_PRINT, '-'},
+ {"print", OPT_PRINT, '-', "For the -cmsout operation print out all fields of the CMS structure"},
{"secretkey", OPT_SECRETKEY, 's'},
{"secretkeyid", OPT_SECRETKEYID, 's'},
{"pwri_password", OPT_PWRI_PASSWORD, 's'},
{"signer", OPT_SIGNER, 's', "Signer certificate file"},
{"recip", OPT_RECIP, '<', "Recipient cert file for decryption"},
{"certsout", OPT_CERTSOUT, '>', "Certificate output file"},
- {"md", OPT_MD, 's'},
+ {"md", OPT_MD, 's', "Digest algorithm to use when signing or resigning"},
{"inkey", OPT_INKEY, 's',
"Input private key (if not signer or recipient)"},
{"keyform", OPT_KEYFORM, 'f', "Input private key format (PEM or ENGINE)"},
{"receipt_request_to", OPT_RR_TO, 's'},
{"", OPT_CIPHER, '-', "Any supported cipher"},
OPT_V_OPTIONS,
-# ifndef OPENSSL_NO_AES
{"aes128-wrap", OPT_AES128_WRAP, '-', "Use AES128 to wrap key"},
{"aes192-wrap", OPT_AES192_WRAP, '-', "Use AES192 to wrap key"},
{"aes256-wrap", OPT_AES256_WRAP, '-', "Use AES256 to wrap key"},
-# endif
# ifndef OPENSSL_NO_DES
{"des3-wrap", OPT_3DES_WRAP, '-', "Use 3DES-EDE to wrap key"},
# endif
ret = 0;
goto end;
case OPT_INFORM:
- if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat))
+ if (!opt_format(opt_arg(), OPT_FMT_PDS, &informat))
goto opthelp;
break;
case OPT_OUTFORM:
- if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat))
+ if (!opt_format(opt_arg(), OPT_FMT_PDS, &outformat))
goto opthelp;
break;
case OPT_OUT:
noout = print = 1;
break;
case OPT_SECRETKEY:
- secret_key = string_to_hex(opt_arg(), <mp);
+ secret_key = OPENSSL_hexstr2buf(opt_arg(), <mp);
if (secret_key == NULL) {
BIO_printf(bio_err, "Invalid key %s\n", opt_arg());
goto end;
secret_keylen = (size_t)ltmp;
break;
case OPT_SECRETKEYID:
- secret_keyid = string_to_hex(opt_arg(), <mp);
+ secret_keyid = OPENSSL_hexstr2buf(opt_arg(), <mp);
if (secret_keyid == NULL) {
BIO_printf(bio_err, "Invalid id %s\n", opt_arg());
goto opthelp;
wrap_cipher = EVP_des_ede3_wrap();
# endif
break;
-# ifndef OPENSSL_NO_AES
case OPT_AES128_WRAP:
wrap_cipher = EVP_aes_128_wrap();
break;
case OPT_AES256_WRAP:
wrap_cipher = EVP_aes_256_wrap();
break;
-# else
- case OPT_AES128_WRAP:
- case OPT_AES192_WRAP:
- case OPT_AES256_WRAP:
- break;
-# endif
}
}
argc = opt_num_rest();