=head1 NAME
-openssl-cms - CMS utility
+openssl-cms - CMS command
=head1 SYNOPSIS
[B<-print>]
[B<-md> I<digest>]
[B<-I<cipher>>]
+[B<-wrap> I<cipher>]
[B<-nointern>]
[B<-noverify>]
[B<-nocerts>]
[B<-crlfeol>]
[B<-asciicrlf>]
[B<-nodetach>]
+[B<-certfile> I<file>]
[B<-certsout> I<file>]
[B<-signer> I<file>]
+[B<-originator> I<file>]
[B<-recip> I<file>]
[B<-keyid>]
[B<-receipt_request_all>]
{- $OpenSSL::safe::opt_trust_synopsis -}
{- $OpenSSL::safe::opt_r_synopsis -}
{- $OpenSSL::safe::opt_engine_synopsis -}
+{- $OpenSSL::safe::opt_provider_synopsis -}
[I<cert.pem> ...]
=for openssl ifdef des-wrap engine
Encrypt mail for the given recipient certificates. Input file is the message
to be encrypted. The output file is the encrypted mail in MIME format. The
-actual CMS type is <B>EnvelopedData<B>.
+actual CMS type is B<EnvelopedData>.
Note that no revocation check is done for the recipient cert, so if that
key has been compromised, others may be able to decrypt the text.
If not specified triple DES is used. Only used with B<-encrypt> and
B<-EncryptedData_create> commands.
+=item B<-wrap> I<cipher>
+
+Cipher algorithm to use for key wrap when encrypting the message using Key
+Agreement for key transport. The algorithm specified should be suitable for key
+wrap.
+
=item B<-nointern>
When verifying a message normally certificates (if any) included in
verified then the signers certificates will be written to this file if the
verification was successful.
+=item B<-originator> I<file>
+
+A certificate of the originator of the encrypted message. Necessary for
+decryption when Key Agreement is in use for a shared key.
+
=item B<-recip> I<file>
When decrypting a message this specifies the recipients certificate. The
{- $OpenSSL::safe::opt_engine_item -}
+{- $OpenSSL::safe::opt_provider_item -}
+
=item I<cert.pem> ...
One or more certificates of message recipients: used when encrypting
=head1 COPYRIGHT
-Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy