[B<-rc2-40>]
[B<-rc2-64>]
[B<-rc2-128>]
+[B<-aes128>]
+[B<-aes192>]
+[B<-aes256>]
[B<-in file>]
[B<-certfile file>]
[B<-signer file>]
[B<-recip file>]
-[B<-in file>]
[B<-inform SMIME|PEM|DER>]
+[B<-passin arg>]
[B<-inkey file>]
[B<-out file>]
[B<-outform SMIME|PEM|DER>]
is a hash of each subject name (using B<x509 -hash>) should be linked
to each certificate.
-=item B<-des -des3 -rc2-40 -rc2-64 -rc2-128>
+=item B<-des -des3 -rc2-40 -rc2-64 -rc2-128 -aes128 -aes192 -aes256>
-the encryption algorithm to use. DES (56 bits), triple DES (168 bits)
-or 40, 64 or 128 bit RC2 respectively if not specified 40 bit RC2 is
-used. Only used with B<-encrypt>.
+the encryption algorithm to use. DES (56 bits), triple DES (168 bits),
+40, 64 or 128 bit RC2 or 128, 192 or 256 bit AES respectively. If not
+specified 40 bit RC2 is used. Only used with B<-encrypt>.
=item B<-nointern>
private key must be included in the certificate file specified with
the B<-recip> or B<-signer> file.
+=item B<-passin arg>
+
+the private key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
=item B<-rand file(s)>
a file or files containing random data used to seed the random number
Sign and encrypt mail:
openssl smime -sign -in ml.txt -signer my.pem -text \
- | openssl -encrypt -out mail.msg \
+ | openssl smime -encrypt -out mail.msg \
-from steve@openssl.org -to someone@somewhere \
-subject "Signed and Encrypted message" -des3 user.pem
signature by line wrapping the base64 encoded structure and surrounding
it with:
- -----BEGIN PKCS7----
- -----END PKCS7----
+ -----BEGIN PKCS7-----
+ -----END PKCS7-----
and using the command,