X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=doc%2Fapps%2Fpkeyutl.pod;h=a7b75e6c756d7a03e372ef2ff18d1c31ca6420ab;hp=74055df2e6800b5d332af6e281c10d6e8c3c378e;hb=d231a4010bfa4032dc24a74c6cd3073e252864c4;hpb=0ee2166cc50cffba02514b686c6bf75c76ff2e62 diff --git a/doc/apps/pkeyutl.pod b/doc/apps/pkeyutl.pod index 74055df2e6..a7b75e6c75 100644 --- a/doc/apps/pkeyutl.pod +++ b/doc/apps/pkeyutl.pod @@ -12,6 +12,7 @@ B B [B<-sigfile file>] [B<-inkey file>] [B<-keyform PEM|DER>] +[B<-passin arg>] [B<-peerkey file>] [B<-peerform PEM|DER>] [B<-pubin>] @@ -26,6 +27,7 @@ B B [B<-pkeyopt opt:value>] [B<-hexdump>] [B<-asn1parse>] +[B<-engine id>] =head1 DESCRIPTION @@ -52,7 +54,13 @@ the input key file, by default it should be a private key. =item B<-keyform PEM|DER> -the key format PEM or DER. +the key format PEM, DER or ENGINE. + +=item B<-passin arg> + +the input key password source. For more information about the format of B +see the B section in L. + =item B<-peerkey file> @@ -60,7 +68,15 @@ the peer key file, used by key derivation (agreement) operations. =item B<-peerform PEM|DER> -the peer key format PEM or DER. +the peer key format PEM, DER or ENGINE. + +=item B<-engine id> + +specifying an engine (by its unique B string) will cause B +to attempt to obtain a functional reference to the specified engine, +thus initialising it if needed. The engine will then be set as the default +for all available algorithms. + =item B<-pubin> @@ -124,13 +140,14 @@ EVP_get_digestbyname() function for example B. =head1 RSA ALGORITHM -The RSA algorithm supports encrypt, decrypt, sign, verify and verifyrecover -operations in general. Some padding modes only support some of these -operations however. +The RSA algorithm generally supports the encrypt, decrypt, sign, +verify and verifyrecover operations. However, some padding modes +support only a subset of these operations. The following additional +B values are supported: =over 4 -=item -B +=item B This sets the RSA padding mode. Acceptable values for B are B for PKCS#1 padding, B for SSLv23 padding, B for no padding, B @@ -141,7 +158,7 @@ signed or verified directly instead of using a B structure. If a digest is set then the a B structure is used and its the length must correspond to the digest type. -For B mode only encryption and decryption is supported. +For B mode only encryption and decryption is supported. For B if the digest type is set it is used to format the block data otherwise the first byte is used to specify the X9.31 digest ID. Sign, @@ -202,5 +219,5 @@ Derive a shared secret value: =head1 SEE ALSO -L, L, L -L, L, L +L, L, L +L, L, L