B<openssl> B<cms>
[B<-help>]
+
+General options:
+
+[B<-in> I<filename>]
+[B<-out> I<filename>]
+{- $OpenSSL::safe::opt_config_synopsis -}
+
+Operation options:
+
[B<-encrypt>]
[B<-decrypt>]
-[B<-debug_decrypt>]
[B<-sign>]
[B<-verify>]
-[B<-verify_retcode>]
-[B<-no_attr_verify>]
-[B<-nosigs>]
-[B<-no_content_verify>]
-[B<-cmsout>]
[B<-resign>]
-[B<-cades>]
-[B<-data_create>]
-[B<-data_out>]
+[B<-sign_receipt>]
+[B<-verify_receipt> I<receipt>]
[B<-digest_create>]
[B<-digest_verify>]
[B<-compress>]
[B<-uncompress>]
-[B<-EncryptedData_decrypt>]
[B<-EncryptedData_encrypt>]
-[B<-sign_receipt>]
-[B<-verify_receipt> I<receipt>]
-[B<-in> I<filename>]
-[B<-out> I<filename>]
+[B<-EncryptedData_decrypt>]
+[B<-data_create>]
+[B<-data_out>]
+[B<-cmsout>]
+
+File format options:
+
[B<-inform> B<DER>|B<PEM>|B<SMIME>]
[B<-outform> B<DER>|B<PEM>|B<SMIME>]
[B<-rctform> B<DER>|B<PEM>|B<SMIME>]
-[B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>]
[B<-stream>]
[B<-indef>]
[B<-noindef>]
-[B<-content> I<filename>]
-[B<-text>]
-[B<-noout>]
-[B<-print>]
-[B<-nameopt> I<option>]
-[B<-md> I<digest>]
+[B<-binary>]
+[B<-crlfeol>]
+[B<-asciicrlf>]
+
+Keys and password options:
+
+[B<-pwri_password> I<password>]
+[B<-secretkey> I<key>]
+[B<-secretkeyid> I<id>]
+[B<-inkey> I<filename>|I<uri>]
+[B<-passin> I<arg>]
+[B<-keyopt> I<name>:I<parameter>]
+[B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>]
+{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -}
+{- $OpenSSL::safe::opt_r_synopsis -}
+
+Encryption options:
+
+[B<-originator> I<file>]
+[B<-recip> I<file>]
+[I<recipient-cert> ...]
[B<-I<cipher>>]
[B<-wrap> I<cipher>]
[B<-aes128-wrap>]
[B<-aes192-wrap>]
[B<-aes256-wrap>]
[B<-des3-wrap>]
-[B<-nointern>]
-[B<-noverify>]
+[B<-debug_decrypt>]
+
+Signing options:
+
+[B<-md> I<digest>]
+[B<-signer> I<file>]
+[B<-certfile> I<file>]
+[B<-cades>]
+[B<-nodetach>]
[B<-nocerts>]
[B<-noattr>]
[B<-nosmimecap>]
-[B<-binary>]
-[B<-crlfeol>]
-[B<-asciicrlf>]
-[B<-nodetach>]
-[B<-certfile> I<file>]
-[B<-certsout> I<file>]
-[B<-signer> I<file>]
-[B<-originator> I<file>]
-[B<-recip> I<file>]
-[B<-keyid>]
[B<-receipt_request_all>]
[B<-receipt_request_first>]
[B<-receipt_request_from> I<emailaddress>]
[B<-receipt_request_to> I<emailaddress>]
-[B<-receipt_request_print>]
-[B<-pwri_password> I<password>]
-[B<-secretkey> I<key>]
-[B<-secretkeyid> I<id>]
+
+Verification options:
+
+[B<-signer> I<file>]
+[B<-content> I<filename>]
+[B<-no_content_verify>]
+[B<-no_attr_verify>]
+[B<-nosigs>]
+[B<-noverify>]
+[B<-nointern>]
+[B<-cades>]
+[B<-verify_retcode>]
+{- $OpenSSL::safe::opt_trust_synopsis -}
+
+Output options:
+
+[B<-keyid>]
[B<-econtent_type> I<type>]
-[B<-inkey> I<filename>|I<uri>]
-[B<-keyopt> I<name>:I<parameter>]
-[B<-passin> I<arg>]
+[B<-text>]
+[B<-certsout> I<file>]
[B<-to> I<addr>]
[B<-from> I<addr>]
[B<-subject> I<subj>]
+
+Printing options:
+
+[B<-noout>]
+[B<-print>]
+[B<-nameopt> I<option>]
+[B<-receipt_request_print>]
+
+Validation options:
+
{- $OpenSSL::safe::opt_v_synopsis -}
-{- $OpenSSL::safe::opt_trust_synopsis -}
-{- $OpenSSL::safe::opt_r_synopsis -}
-{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -}
-{- $OpenSSL::safe::opt_config_synopsis -}
-[I<recipient-cert> ...]
=head1 DESCRIPTION
-This command handles S/MIME v3.1 mail. It can encrypt, decrypt,
-sign and verify, compress and uncompress S/MIME messages.
+This command handles data in CMS format such as S/MIME v3.1 email messages.
+It can encrypt, decrypt, sign, verify, compress, uncompress, and print messages.
=head1 OPTIONS
-There are fourteen operation options that set the type of operation to be
-performed. The meaning of the other options varies according to the operation
-type.
+There are a number of operation options that set the type of operation to be
+performed: encrypt, decrypt, sign, verify, resign, sign_receipt, verify_receipt,
+digest_create, digest_verify, compress, uncompress,
+EncryptedData_encrypt, EncryptedData_decrypt, data_create, data_out, or cmsout.
+The relevance of the other options depends on the operation type
+and their meaning may vary according to it.
=over 4
Print out a usage message.
-=item B<-encrypt>
-
-Encrypt mail for the given recipient certificates. Input file is the message
-to be encrypted. The output file is the encrypted mail in MIME format. The
-actual CMS type is B<EnvelopedData>.
+=back
-Note that no revocation check is done for the recipient cert, so if that
-key has been compromised, others may be able to decrypt the text.
+=head2 General options
-=item B<-decrypt>
+=over 4
-Decrypt mail using the supplied certificate and private key. Expects an
-encrypted mail message in MIME format for the input file. The decrypted mail
-is written to the output file.
+=item B<-in> I<filename>
-=item B<-debug_decrypt>
+The input message to be encrypted or signed or the message to be decrypted
+or verified.
-This option sets the B<CMS_DEBUG_DECRYPT> flag. This option should be used
-with caution: see the notes section below.
+=item B<-out> I<filename>
-=item B<-sign>
+The message text that has been decrypted or verified or the output MIME
+format message that has been signed or verified.
-Sign mail using the supplied certificate and private key. Input file is
-the message to be signed. The signed message in MIME format is written
-to the output file.
+{- $OpenSSL::safe::opt_config_item -}
-=item B<-verify>
+=back
-Verify signed mail. Expects a signed mail message on input and outputs
-the signed data. Both clear text and opaque signing is supported.
+=head2 Operation options
-=item B<-verify_retcode>
+=over 4
-Exit nonzero on verification failure.
+=item B<-encrypt>
-=item B<-no_attr_verify>
+Encrypt data for the given recipient certificates. Input file is the message
+to be encrypted. The output file is the encrypted data in MIME format. The
+actual CMS type is B<EnvelopedData>.
-Do not verify signed attribute signatures.
+Note that no revocation check is done for the recipient cert, so if that
+key has been compromised, others may be able to decrypt the text.
-=item B<-no_content_verify>
+=item B<-decrypt>
-Do not verify signed content signatures.
+Decrypt data using the supplied certificate and private key. Expects
+encrypted datain MIME format for the input file. The decrypted data
+is written to the output file.
-=item B<-nosigs>
+=item B<-sign>
-Don't verify message signature.
+Sign data using the supplied certificate and private key. Input file is
+the message to be signed. The signed data in MIME format is written
+to the output file.
-=item B<-cmsout>
+=item B<-verify>
-Takes an input message and writes out a PEM encoded CMS structure.
+Verify signed data. Expects a signed data on input and outputs
+the signed data. Both clear text and opaque signing is supported.
=item B<-resign>
Resign a message: take an existing message and one or more new signers.
-=item B<-cades>
-
-When used with B<-sign>,
-add an ESS signingCertificate or ESS signingCertificateV2 signed-attribute
-to the SignerInfo, in order to make the signature comply with the requirements
-for a CAdES Basic Electronic Signature (CAdES-BES).
-When used with B<-verify>, require and check signer certificate digest.
-See the NOTES section for more details.
-
-=item B<-data_create>
+=item B<-sign_receipt>
-Create a CMS B<Data> type.
+Generate and output a signed receipt for the supplied message. The input
+message B<must> contain a signed receipt request. Functionality is otherwise
+similar to the B<-sign> operation.
-=item B<-data_out>
+=item B<-verify_receipt> I<receipt>
-B<Data> type and output the content.
+Verify a signed receipt in filename B<receipt>. The input message B<must>
+contain the original receipt request. Functionality is otherwise similar
+to the B<-verify> operation.
=item B<-digest_create>
compiled with B<zlib> support for this option to work, otherwise it will
output an error.
-=item B<-EncryptedData_decrypt>
+=item B<-EncryptedData_encrypt>
-Decrypt content using supplied symmetric key and algorithm using a CMS
+Encrypt content using supplied symmetric key and algorithm using a CMS
B<EncryptedData> type and output the content.
-=item B<-EncryptedData_encrypt>
+=item B<-EncryptedData_decrypt>
-Encrypt content using supplied symmetric key and algorithm using a CMS
+Decrypt content using supplied symmetric key and algorithm using a CMS
B<EncryptedData> type and output the content.
-=item B<-sign_receipt>
+=item B<-data_create>
-Generate and output a signed receipt for the supplied message. The input
-message B<must> contain a signed receipt request. Functionality is otherwise
-similar to the B<-sign> operation.
+Create a CMS B<Data> type.
-=item B<-verify_receipt> I<receipt>
+=item B<-data_out>
-Verify a signed receipt in filename B<receipt>. The input message B<must>
-contain the original receipt request. Functionality is otherwise similar
-to the B<-verify> operation.
+B<Data> type and output the content.
-=item B<-in> I<filename>
+=item B<-cmsout>
-The input message to be encrypted or signed or the message to be decrypted
-or verified.
+Takes an input message and writes out a PEM encoded CMS structure.
-=item B<-out> I<filename>
+=back
-The message text that has been decrypted or verified or the output MIME
-format message that has been signed or verified.
+=head2 File format options
+
+=over 4
=item B<-inform> B<DER>|B<PEM>|B<SMIME>
the default is B<SMIME>.
See L<openssl-format-options(1)> for details.
-=item B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>
-
-The format of the private key file; unspecified by default.
-See L<openssl-format-options(1)> for details.
-
=item B<-rctform> B<DER>|B<PEM>|B<SMIME>
The signed receipt format for use with the B<-receipt_verify>; the default
is B<SMIME>.
See L<openssl-format-options(1)> for details.
-=item B<-stream>, B<-indef>
+=item B<-stream>, B<-indef>
+
+The B<-stream> and B<-indef> options are equivalent and enable streaming I/O
+for encoding operations. This permits single pass processing of data without
+the need to hold the entire contents in memory, potentially supporting very
+large files. Streaming is automatically set for S/MIME signing with detached
+data if the output format is B<SMIME> it is currently off by default for all
+other operations.
+
+=item B<-noindef>
+
+Disable streaming I/O where it would produce and indefinite length constructed
+encoding. This option currently has no effect. In future streaming will be
+enabled by default on all relevant operations and this option will disable it.
+
+=item B<-binary>
+
+Normally the input message is converted to "canonical" format which is
+effectively using CR and LF as end of line: as required by the S/MIME
+specification. When this option is present no translation occurs. This
+is useful when handling binary data which may not be in MIME format.
+
+=item B<-crlfeol>
+
+Normally the output file uses a single B<LF> as end of line. When this
+option is present B<CRLF> is used instead.
+
+=item B<-asciicrlf>
+
+When signing use ASCII CRLF format canonicalisation. This strips trailing
+whitespace from all lines, deletes trailing blank lines at EOF and sets
+the encapsulated content type. This option is normally used with detached
+content and an output signature format of DER. This option is not normally
+needed when verifying as it is enabled automatically if the encapsulated
+content format is detected.
+
+=back
+
+=head2 Keys and password options
+
+=over 4
+
+=item B<-pwri_password> I<password>
+
+Specify password for recipient.
+
+=item B<-secretkey> I<key>
+
+Specify symmetric key to use. The key must be supplied in hex format and be
+consistent with the algorithm used. Supported by the B<-EncryptedData_encrypt>
+B<-EncryptedData_decrypt>, B<-encrypt> and B<-decrypt> options. When used
+with B<-encrypt> or B<-decrypt> the supplied key is used to wrap or unwrap the
+content encryption key using an AES key in the B<KEKRecipientInfo> type.
+
+=item B<-secretkeyid> I<id>
+
+The key identifier for the supplied symmetric key for B<KEKRecipientInfo> type.
+This option B<must> be present if the B<-secretkey> option is used with
+B<-encrypt>. With B<-decrypt> operations the I<id> is used to locate the
+relevant key if it is not supplied then an attempt is used to decrypt any
+B<KEKRecipientInfo> structures.
+
+=item B<-inkey> I<filename>|I<uri>
+
+The private key to use when signing or decrypting. This must match the
+corresponding certificate. If this option is not specified then the
+private key must be included in the certificate file specified with
+the B<-recip> or B<-signer> file. When signing this option can be used
+multiple times to specify successive keys.
+
+=item B<-passin> I<arg>
+
+The private key password source. For more information about the format of B<arg>
+see L<openssl-passphrase-options(1)>.
+
+=item B<-keyopt> I<name>:I<parameter>
+
+For signing and encryption this option can be used multiple times to
+set customised parameters for the preceding key or certificate. It can
+currently be used to set RSA-PSS for signing, RSA-OAEP for encryption
+or to modify default parameters for ECDH.
+
+=item B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>
-The B<-stream> and B<-indef> options are equivalent and enable streaming I/O
-for encoding operations. This permits single pass processing of data without
-the need to hold the entire contents in memory, potentially supporting very
-large files. Streaming is automatically set for S/MIME signing with detached
-data if the output format is B<SMIME> it is currently off by default for all
-other operations.
+The format of the private key file; unspecified by default.
+See L<openssl-format-options(1)> for details.
-=item B<-noindef>
+{- $OpenSSL::safe::opt_engine_item -}
-Disable streaming I/O where it would produce and indefinite length constructed
-encoding. This option currently has no effect. In future streaming will be
-enabled by default on all relevant operations and this option will disable it.
+{- $OpenSSL::safe::opt_provider_item -}
-=item B<-content> I<filename>
+{- $OpenSSL::safe::opt_r_item -}
-This specifies a file containing the detached content, this is only
-useful with the B<-verify> command. This is only usable if the CMS
-structure is using the detached signature form where the content is
-not included. This option will override any content if the input format
-is S/MIME and it uses the multipart/signed MIME content type.
+=back
-=item B<-text>
+=head2 Encryption and decryption options
-This option adds plain text (text/plain) MIME headers to the supplied
-message if encrypting or signing. If decrypting or verifying it strips
-off text headers: if the decrypted or verified message is not of MIME
-type text/plain then an error occurs.
+=over 4
-=item B<-noout>
+=item B<-originator> I<file>
-For the B<-cmsout> operation do not output the parsed CMS structure. This
-is useful when combined with the B<-print> option or if the syntax of the CMS
-structure is being checked.
+A certificate of the originator of the encrypted message. Necessary for
+decryption when Key Agreement is in use for a shared key.
-=item B<-print>
+=item B<-recip> I<file>
-For the B<-cmsout> operation print out all fields of the CMS structure. This
-is mainly useful for testing purposes.
+When decrypting a message this specifies the certificate of the recipient.
+The certificate must match one of the recipients of the message.
-=item B<-nameopt> I<option>
+When encrypting a message this option may be used multiple times to specify
+each recipient. This form B<must> be used if customised parameters are
+required (for example to specify RSA-OAEP).
-For the B<-cmsout> operation when B<-print> option is in use, specifies
-printing options for string fields. For most cases B<utf8> is reasonable value.
-See L<openssl-namedisplay-options(1)> for details.
+Only certificates carrying RSA, Diffie-Hellman or EC keys are supported by this
+option.
-=item B<-md> I<digest>
+=item I<recipient-cert> ...
-Digest algorithm to use when signing or resigning. If not present then the
-default digest algorithm for the signing key will be used (usually SHA1).
+This is an alternative to using the B<-recip> option when encrypting a message.
+One or more certificate filennames may be given.
=item B<-I<cipher>>
=item B<-aes128-wrap>, B<-aes192-wrap>, B<-aes256-wrap>, B<-des3-wrap>
Use AES128, AES192, AES256, or 3DES-EDE, respectively, to wrap key.
+Depending on the OpenSSL build options used, B<-des3-wrap> may not be supported.
-=item B<-nointern>
+=item B<-debug_decrypt>
-When verifying a message normally certificates (if any) included in
-the message are searched for the signing certificate. With this option
-only the certificates specified in the B<-certfile> option are used.
-The supplied certificates can still be used as untrusted CAs however.
+This option sets the B<CMS_DEBUG_DECRYPT> flag. This option should be used
+with caution: see the notes section below.
-=item B<-noverify>
+=back
-Do not verify the signers certificate of a signed message.
+=head2 Signing options
+
+=over 4
+
+=item B<-md> I<digest>
+
+Digest algorithm to use when signing or resigning. If not present then the
+default digest algorithm for the signing key will be used (usually SHA1).
+
+=item B<-signer> I<file>
+
+A signing certificate. When signing or resigning a message, this option can be
+used multiple times if more than one signer is required.
+
+=item B<-certfile> I<file>
+
+Allows additional certificates to be specified. When signing these will
+be included with the message. When verifying these will be searched for
+the signers certificates.
+The input can be in PEM, DER, or PKCS#12 format.
+
+=item B<-cades>
+
+When used with B<-sign>,
+add an ESS signingCertificate or ESS signingCertificateV2 signed-attribute
+to the SignerInfo, in order to make the signature comply with the requirements
+for a CAdES Basic Electronic Signature (CAdES-BES).
+
+=item B<-nodetach>
+
+When signing a message use opaque signing: this form is more resistant
+to translation by mail relays but it cannot be read by mail agents that
+do not support S/MIME. Without this option cleartext signing with
+the MIME type multipart/signed is used.
=item B<-nocerts>
Exclude the list of supported algorithms from signed attributes, other options
such as signing time and content type are still included.
-=item B<-binary>
-
-Normally the input message is converted to "canonical" format which is
-effectively using CR and LF as end of line: as required by the S/MIME
-specification. When this option is present no translation occurs. This
-is useful when handling binary data which may not be in MIME format.
-
-=item B<-crlfeol>
-
-Normally the output file uses a single B<LF> as end of line. When this
-option is present B<CRLF> is used instead.
+=item B<-receipt_request_all>, B<-receipt_request_first>
-=item B<-asciicrlf>
+For B<-sign> option include a signed receipt request. Indicate requests should
+be provided by all recipient or first tier recipients (those mailed directly
+and not from a mailing list). Ignored it B<-receipt_request_from> is included.
-When signing use ASCII CRLF format canonicalisation. This strips trailing
-whitespace from all lines, deletes trailing blank lines at EOF and sets
-the encapsulated content type. This option is normally used with detached
-content and an output signature format of DER. This option is not normally
-needed when verifying as it is enabled automatically if the encapsulated
-content format is detected.
+=item B<-receipt_request_from> I<emailaddress>
-=item B<-nodetach>
+For B<-sign> option include a signed receipt request. Add an explicit email
+address where receipts should be supplied.
-When signing a message use opaque signing: this form is more resistant
-to translation by mail relays but it cannot be read by mail agents that
-do not support S/MIME. Without this option cleartext signing with
-the MIME type multipart/signed is used.
+=item B<-receipt_request_to> I<emailaddress>
-=item B<-certfile> I<file>
+Add an explicit email address where signed receipts should be sent to. This
+option B<must> but supplied if a signed receipt is requested.
-Allows additional certificates to be specified. When signing these will
-be included with the message. When verifying these will be searched for
-the signers certificates.
-The input can be in PEM, DER, or PKCS#12 format.
+=back
-=item B<-certsout> I<file>
+=head2 Verification options
-Any certificates contained in the message are written to I<file>.
+=over 4
=item B<-signer> I<file>
-A signing certificate when signing or resigning a message, this option can be
-used multiple times if more than one signer is required. If a message is being
-verified then the signers certificates will be written to this file if the
-verification was successful.
+If a message has been verified successfully then the signers certificate(s)
+will be written to this file if the verification was successful.
-=item B<-originator> I<file>
+=item B<-content> I<filename>
-A certificate of the originator of the encrypted message. Necessary for
-decryption when Key Agreement is in use for a shared key.
+This specifies a file containing the detached content, this is only
+useful with the B<-verify> command. This is only usable if the CMS
+structure is using the detached signature form where the content is
+not included. This option will override any content if the input format
+is S/MIME and it uses the multipart/signed MIME content type.
-=item B<-recip> I<file>
+=item B<-no_content_verify>
-When decrypting a message this specifies the recipients certificate. The
-certificate must match one of the recipients of the message or an error
-occurs.
+Do not verify signed content signatures.
-When encrypting a message this option may be used multiple times to specify
-each recipient. This form B<must> be used if customised parameters are
-required (for example to specify RSA-OAEP).
+=item B<-no_attr_verify>
-Only certificates carrying RSA, Diffie-Hellman or EC keys are supported by this
-option.
+Do not verify signed attribute signatures.
-=item B<-keyid>
+=item B<-nosigs>
-Use subject key identifier to identify certificates instead of issuer name and
-serial number. The supplied certificate B<must> include a subject key
-identifier extension. Supported by B<-sign> and B<-encrypt> options.
+Don't verify message signature.
-=item B<-receipt_request_all>, B<-receipt_request_first>
+=item B<-noverify>
-For B<-sign> option include a signed receipt request. Indicate requests should
-be provided by all recipient or first tier recipients (those mailed directly
-and not from a mailing list). Ignored it B<-receipt_request_from> is included.
+Do not verify the signers certificate of a signed message.
-=item B<-receipt_request_from> I<emailaddress>
+=item B<-nointern>
-For B<-sign> option include a signed receipt request. Add an explicit email
-address where receipts should be supplied.
+When verifying a message normally certificates (if any) included in
+the message are searched for the signing certificate. With this option
+only the certificates specified in the B<-certfile> option are used.
+The supplied certificates can still be used as untrusted CAs however.
-=item B<-receipt_request_to> I<emailaddress>
+=item B<-cades>
-Add an explicit email address where signed receipts should be sent to. This
-option B<must> but supplied if a signed receipt it requested.
+When used with B<-verify>, require and check signer certificate digest.
+See the NOTES section for more details.
-=item B<-receipt_request_print>
+=item B<-verify_retcode>
-For the B<-verify> operation print out the contents of any signed receipt
-requests.
+Exit nonzero on verification failure.
-=item B<-pwri_password> I<password>
+{- $OpenSSL::safe::opt_trust_item -}
-Specify password for recipient.
+=back
-=item B<-secretkey> I<key>
+=head2 Output options
-Specify symmetric key to use. The key must be supplied in hex format and be
-consistent with the algorithm used. Supported by the B<-EncryptedData_encrypt>
-B<-EncryptedData_decrypt>, B<-encrypt> and B<-decrypt> options. When used
-with B<-encrypt> or B<-decrypt> the supplied key is used to wrap or unwrap the
-content encryption key using an AES key in the B<KEKRecipientInfo> type.
+=over 4
-=item B<-secretkeyid> I<id>
+=item B<-keyid>
-The key identifier for the supplied symmetric key for B<KEKRecipientInfo> type.
-This option B<must> be present if the B<-secretkey> option is used with
-B<-encrypt>. With B<-decrypt> operations the I<id> is used to locate the
-relevant key if it is not supplied then an attempt is used to decrypt any
-B<KEKRecipientInfo> structures.
+Use subject key identifier to identify certificates instead of issuer name and
+serial number. The supplied certificate B<must> include a subject key
+identifier extension. Supported by B<-sign> and B<-encrypt> options.
=item B<-econtent_type> I<type>
is used. The I<type> argument can be any valid OID name in either text or
numerical format.
-=item B<-inkey> I<filename>|I<uri>
-
-The private key to use when signing or decrypting. This must match the
-corresponding certificate. If this option is not specified then the
-private key must be included in the certificate file specified with
-the B<-recip> or B<-signer> file. When signing this option can be used
-multiple times to specify successive keys.
-
-=item B<-keyopt> I<name>:I<parameter>
+=item B<-text>
-For signing and encryption this option can be used multiple times to
-set customised parameters for the preceding key or certificate. It can
-currently be used to set RSA-PSS for signing, RSA-OAEP for encryption
-or to modify default parameters for ECDH.
+This option adds plain text (text/plain) MIME headers to the supplied
+message if encrypting or signing. If decrypting or verifying it strips
+off text headers: if the decrypted or verified message is not of MIME
+type text/plain then an error occurs.
-=item B<-passin> I<arg>
+=item B<-certsout> I<file>
-The private key password source. For more information about the format of B<arg>
-see L<openssl-passphrase-options(1)>.
+Any certificates contained in the input message are written to I<file>.
=item B<-to>, B<-from>, B<-subject>
-The relevant mail headers. These are included outside the signed
+The relevant email headers. These are included outside the signed
portion of a message so they may be included manually. If signing
then many S/MIME mail clients check the signers certificate's email
address matches that specified in the From: address.
-{- $OpenSSL::safe::opt_v_item -}
+=back
-Any verification errors cause the command to exit.
+=head2 Printing options
-{- $OpenSSL::safe::opt_trust_item -}
+=over 4
-{- $OpenSSL::safe::opt_r_item -}
+=item B<-noout>
-{- $OpenSSL::safe::opt_engine_item -}
+For the B<-cmsout> operation do not output the parsed CMS structure.
+This is useful if the syntax of the CMS structure is being checked.
-{- $OpenSSL::safe::opt_provider_item -}
+=item B<-print>
-{- $OpenSSL::safe::opt_config_item -}
+For the B<-cmsout> operation print out all fields of the CMS structure.
+This implies B<-noout>.
+This is mainly useful for testing purposes.
-=item I<recipient-cert> ...
+=item B<-nameopt> I<option>
+
+For the B<-cmsout> operation when B<-print> option is in use, specifies
+printing options for string fields. For most cases B<utf8> is reasonable value.
+See L<openssl-namedisplay-options(1)> for details.
+
+=item B<-receipt_request_print>
+
+For the B<-verify> operation print out the contents of any signed receipt
+requests.
+
+=back
+
+=head2 Validation options
+
+=over 4
-One or more certificates of message recipients: used when encrypting
-a message.
+{- $OpenSSL::safe::opt_v_item -}
+
+Any validation errors cause the command to exit.
=back
Note: the encryption command does not include the B<-text> option because the
message being encrypted already has MIME headers.
-Decrypt mail:
+Decrypt a message:
openssl cms -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
openssl cms -resign -in mail.msg -signer newsign.pem -out mail2.msg
-Sign mail using RSA-PSS:
+Sign a message using RSA-PSS:
openssl cms -sign -in message.txt -text -out mail.msg \
-signer mycert.pem -keyopt rsa_padding_mode:pss
-Create encrypted mail using RSA-OAEP:
+Create an encrypted message using RSA-OAEP:
openssl cms -encrypt -in plain.txt -out mail.msg \
-recip cert.pem -keyopt rsa_padding_mode:oaep
openssl cms -encrypt -in plain.txt -out mail.msg \
-recip ecdhcert.pem -keyopt ecdh_kdf_md:sha256
+Print CMS signed binary data in human-readable form:
+
+openssl cms -in signed.cms -binary -inform DER -cmsout -print
+
=head1 BUGS
The MIME parser isn't very clever: it seems to handle most messages that I've