OpenSSL 1.1.1w for Android.

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@4477 ed5197a5-7fde-0310-b194-c3ffbd925b24
This commit is contained in:
Cory McWilliams 2023-09-27 22:23:52 +00:00
parent 7e27cefe6a
commit e24fd92f85
16082 changed files with 8346 additions and 430035 deletions

View File

@ -1,251 +0,0 @@
#!/usr/bin/env perl
# WARNING: do not edit!
# Generated by Makefile from tools/c_rehash.in
# Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
# Perl c_rehash script, scan all files in a directory
# and add symbolic links to their hash values.
my $dir = "";
my $prefix = "";
my $errorcount = 0;
my $openssl = $ENV{OPENSSL} || "openssl";
my $pwd;
my $x509hash = "-subject_hash";
my $crlhash = "-hash";
my $verbose = 0;
my $symlink_exists=eval {symlink("",""); 1};
my $removelinks = 1;
## Parse flags.
while ( $ARGV[0] =~ /^-/ ) {
my $flag = shift @ARGV;
last if ( $flag eq '--');
if ( $flag eq '-old') {
$x509hash = "-subject_hash_old";
$crlhash = "-hash_old";
} elsif ( $flag eq '-h' || $flag eq '-help' ) {
help();
} elsif ( $flag eq '-n' ) {
$removelinks = 0;
} elsif ( $flag eq '-v' ) {
$verbose++;
}
else {
print STDERR "Usage error; try -h.\n";
exit 1;
}
}
sub help {
print "Usage: c_rehash [-old] [-h] [-help] [-v] [dirs...]\n";
print " -old use old-style digest\n";
print " -h or -help print this help text\n";
print " -v print files removed and linked\n";
exit 0;
}
eval "require Cwd";
if (defined(&Cwd::getcwd)) {
$pwd=Cwd::getcwd();
} else {
$pwd=`pwd`;
chomp($pwd);
}
# DOS/Win32 or Unix delimiter? Prefix our installdir, then search.
my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':';
$ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : "");
if (! -x $openssl) {
my $found = 0;
foreach (split /$path_delim/, $ENV{PATH}) {
if (-x "$_/$openssl") {
$found = 1;
$openssl = "$_/$openssl";
last;
}
}
if ($found == 0) {
print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
exit 0;
}
}
if (@ARGV) {
@dirlist = @ARGV;
} elsif ($ENV{SSL_CERT_DIR}) {
@dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
} else {
$dirlist[0] = "$dir/certs";
}
if (-d $dirlist[0]) {
chdir $dirlist[0];
$openssl="$pwd/$openssl" if (!-x $openssl);
chdir $pwd;
}
foreach (@dirlist) {
if (-d $_ ) {
if ( -w $_) {
hash_dir($_);
} else {
print "Skipping $_, can't write\n";
$errorcount++;
}
}
}
exit($errorcount);
sub copy_file {
my ($src_fname, $dst_fname) = @_;
if (open(my $in, "<", $src_fname)) {
if (open(my $out, ">", $dst_fname)) {
print $out $_ while (<$in>);
close $out;
} else {
warn "Cannot open $dst_fname for write, $!";
}
close $in;
} else {
warn "Cannot open $src_fname for read, $!";
}
}
sub hash_dir {
my $dir = shift;
my %hashlist;
print "Doing $dir\n";
if (!chdir $dir) {
print STDERR "WARNING: Cannot chdir to '$dir', $!\n";
return;
}
opendir(DIR, ".") || print STDERR "WARNING: Cannot opendir '.', $!\n";
my @flist = sort readdir(DIR);
closedir DIR;
if ( $removelinks ) {
# Delete any existing symbolic links
foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
if (-l $_) {
print "unlink $_\n" if $verbose;
unlink $_ || warn "Can't unlink $_, $!\n";
}
}
}
FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {
# Check to see if certificates and/or CRLs present.
my ($cert, $crl) = check_file($fname);
if (!$cert && !$crl) {
print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
next;
}
link_hash_cert($fname) if ($cert);
link_hash_crl($fname) if ($crl);
}
chdir $pwd;
}
sub check_file {
my ($is_cert, $is_crl) = (0,0);
my $fname = $_[0];
open(my $in, "<", $fname);
while(<$in>) {
if (/^-----BEGIN (.*)-----/) {
my $hdr = $1;
if ($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
$is_cert = 1;
last if ($is_crl);
} elsif ($hdr eq "X509 CRL") {
$is_crl = 1;
last if ($is_cert);
}
}
}
close $in;
return ($is_cert, $is_crl);
}
sub compute_hash {
my $fh;
if ( $^O eq "VMS" ) {
# VMS uses the open through shell
# The file names are safe there and list form is unsupported
if (!open($fh, "-|", join(' ', @_))) {
print STDERR "Cannot compute hash on '$fname'\n";
return;
}
} else {
if (!open($fh, "-|", @_)) {
print STDERR "Cannot compute hash on '$fname'\n";
return;
}
}
return (<$fh>, <$fh>);
}
# Link a certificate to its subject name hash value, each hash is of
# the form <hash>.<n> where n is an integer. If the hash value already exists
# then we need to up the value of n, unless its a duplicate in which
# case we skip the link. We check for duplicates by comparing the
# certificate fingerprints
sub link_hash_cert {
link_hash($_[0], 'cert');
}
# Same as above except for a CRL. CRL links are of the form <hash>.r<n>
sub link_hash_crl {
link_hash($_[0], 'crl');
}
sub link_hash {
my ($fname, $type) = @_;
my $is_cert = $type eq 'cert';
my ($hash, $fprint) = compute_hash($openssl,
$is_cert ? "x509" : "crl",
$is_cert ? $x509hash : $crlhash,
"-fingerprint", "-noout",
"-in", $fname);
chomp $hash;
chomp $fprint;
return if !$hash;
$fprint =~ s/^.*=//;
$fprint =~ tr/://d;
my $suffix = 0;
# Search for an unused hash filename
my $crlmark = $is_cert ? "" : "r";
while(exists $hashlist{"$hash.$crlmark$suffix"}) {
# Hash matches: if fingerprint matches its a duplicate cert
if ($hashlist{"$hash.$crlmark$suffix"} eq $fprint) {
my $what = $is_cert ? 'certificate' : 'CRL';
print STDERR "WARNING: Skipping duplicate $what $fname\n";
return;
}
$suffix++;
}
$hash .= ".$crlmark$suffix";
if ($symlink_exists) {
print "link $fname -> $hash\n" if $verbose;
symlink $fname, $hash || warn "Can't symlink, $!";
} else {
print "copy $fname -> $hash\n" if $verbose;
copy_file($fname, $hash);
}
$hashlist{$hash} = $fprint;
}

View File

@ -0,0 +1,16 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This file is only used by HP C on VMS, and is included automatically
* after each header file from this directory
*/
/* restore state. Must correspond to the save in __decc_include_prologue.h */
#pragma names restore

View File

@ -0,0 +1,20 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This file is only used by HP C on VMS, and is included automatically
* after each header file from this directory
*/
/* save state */
#pragma names save
/* have the compiler shorten symbols larger than 31 chars to 23 chars
* followed by a 8 hex char CRC
*/
#pragma names as_is,shortened

View File

@ -0,0 +1,50 @@
/*
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Copyright (c) 2017 National Security Research Institute. All rights reserved. */
#ifndef OSSL_CRYPTO_ARIA_H
# define OSSL_CRYPTO_ARIA_H
# include <openssl/opensslconf.h>
# ifdef OPENSSL_NO_ARIA
# error ARIA is disabled.
# endif
# define ARIA_ENCRYPT 1
# define ARIA_DECRYPT 0
# define ARIA_BLOCK_SIZE 16 /* Size of each encryption/decryption block */
# define ARIA_MAX_KEYS 17 /* Number of keys needed in the worst case */
typedef union {
unsigned char c[ARIA_BLOCK_SIZE];
unsigned int u[ARIA_BLOCK_SIZE / sizeof(unsigned int)];
} ARIA_u128;
typedef unsigned char ARIA_c128[ARIA_BLOCK_SIZE];
struct aria_key_st {
ARIA_u128 rd_key[ARIA_MAX_KEYS];
unsigned int rounds;
};
typedef struct aria_key_st ARIA_KEY;
int aria_set_encrypt_key(const unsigned char *userKey, const int bits,
ARIA_KEY *key);
int aria_set_decrypt_key(const unsigned char *userKey, const int bits,
ARIA_KEY *key);
void aria_encrypt(const unsigned char *in, unsigned char *out,
const ARIA_KEY *key);
#endif

View File

@ -0,0 +1,113 @@
/*
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Internal ASN1 structures and functions: not for application use */
/* ASN1 public key method structure */
struct evp_pkey_asn1_method_st {
int pkey_id;
int pkey_base_id;
unsigned long pkey_flags;
char *pem_str;
char *info;
int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx);
int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx);
int (*pkey_size) (const EVP_PKEY *pk);
int (*pkey_bits) (const EVP_PKEY *pk);
int (*pkey_security_bits) (const EVP_PKEY *pk);
int (*param_decode) (EVP_PKEY *pkey,
const unsigned char **pder, int derlen);
int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
int (*param_missing) (const EVP_PKEY *pk);
int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx);
int (*sig_print) (BIO *out,
const X509_ALGOR *sigalg, const ASN1_STRING *sig,
int indent, ASN1_PCTX *pctx);
void (*pkey_free) (EVP_PKEY *pkey);
int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);
/* Legacy functions for old PEM */
int (*old_priv_decode) (EVP_PKEY *pkey,
const unsigned char **pder, int derlen);
int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);
/* Custom ASN1 signature verification */
int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
X509_ALGOR *alg1, X509_ALGOR *alg2,
ASN1_BIT_STRING *sig);
int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
const ASN1_STRING *sig);
/* Check */
int (*pkey_check) (const EVP_PKEY *pk);
int (*pkey_public_check) (const EVP_PKEY *pk);
int (*pkey_param_check) (const EVP_PKEY *pk);
/* Get/set raw private/public key data */
int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);
int (*get_priv_key) (const EVP_PKEY *pk, unsigned char *priv, size_t *len);
int (*get_pub_key) (const EVP_PKEY *pk, unsigned char *pub, size_t *len);
} /* EVP_PKEY_ASN1_METHOD */ ;
DEFINE_STACK_OF_CONST(EVP_PKEY_ASN1_METHOD)
extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[5];
extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ecx25519_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ecx448_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ed448_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD sm2_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD poly1305_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[2];
extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD siphash_asn1_meth;
/*
* These are used internally in the ASN1_OBJECT to keep track of whether the
* names and data need to be free()ed
*/
# define ASN1_OBJECT_FLAG_DYNAMIC 0x01/* internal use */
# define ASN1_OBJECT_FLAG_CRITICAL 0x02/* critical x509v3 object id */
# define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04/* internal use */
# define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08/* internal use */
struct asn1_object_st {
const char *sn, *ln;
int nid;
int length;
const unsigned char *data; /* data remains const after init */
int flags; /* Should we free this one */
};
/* ASN1 print context structure */
struct asn1_pctx_st {
unsigned long flags;
unsigned long nm_flags;
unsigned long cert_flags;
unsigned long oid_flags;
unsigned long str_flags;
} /* ASN1_PCTX */ ;
int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);

View File

@ -0,0 +1,15 @@
/*
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/async.h>
int async_init(void);
void async_deinit(void);
void async_delete_thread_state(void);

View File

@ -0,0 +1,90 @@
/*
* Copyright 2014-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_BN_H
# define OSSL_CRYPTO_BN_H
# include <openssl/bn.h>
# include <limits.h>
BIGNUM *bn_wexpand(BIGNUM *a, int words);
BIGNUM *bn_expand2(BIGNUM *a, int words);
void bn_correct_top(BIGNUM *a);
/*
* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
* This is an array r[] of values that are either zero or odd with an
* absolute value less than 2^w satisfying scalar = \sum_j r[j]*2^j where at
* most one of any w+1 consecutive digits is non-zero with the exception that
* the most significant digit may be only w-1 zeros away from that next
* non-zero digit.
*/
signed char *bn_compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len);
int bn_get_top(const BIGNUM *a);
int bn_get_dmax(const BIGNUM *a);
/* Set all words to zero */
void bn_set_all_zero(BIGNUM *a);
/*
* Copy the internal BIGNUM words into out which holds size elements (and size
* must be bigger than top)
*/
int bn_copy_words(BN_ULONG *out, const BIGNUM *in, int size);
BN_ULONG *bn_get_words(const BIGNUM *a);
/*
* Set the internal data words in a to point to words which contains size
* elements. The BN_FLG_STATIC_DATA flag is set
*/
void bn_set_static_words(BIGNUM *a, const BN_ULONG *words, int size);
/*
* Copy words into the BIGNUM |a|, reallocating space as necessary.
* The negative flag of |a| is not modified.
* Returns 1 on success and 0 on failure.
*/
/*
* |num_words| is int because bn_expand2 takes an int. This is an internal
* function so we simply trust callers not to pass negative values.
*/
int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words);
/*
* Some BIGNUM functions assume most significant limb to be non-zero, which
* is customarily arranged by bn_correct_top. Output from below functions
* is not processed with bn_correct_top, and for this reason it may not be
* returned out of public API. It may only be passed internally into other
* functions known to support non-minimal or zero-padded BIGNUMs. Even
* though the goal is to facilitate constant-time-ness, not each subroutine
* is constant-time by itself. They all have pre-conditions, consult source
* code...
*/
int bn_mul_mont_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mont, BN_CTX *ctx);
int bn_to_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
BN_CTX *ctx);
int bn_from_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
BN_CTX *ctx);
int bn_mod_add_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m);
int bn_mod_sub_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m);
int bn_mul_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
int bn_sqr_fixed_top(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
int bn_lshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n);
int bn_rshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n);
int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
const BIGNUM *d, BN_CTX *ctx);
#endif

View File

@ -0,0 +1,28 @@
/* WARNING: do not edit! */
/* Generated by Makefile from include/crypto/bn_conf.h.in */
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_BN_CONF_H
# define OSSL_CRYPTO_BN_CONF_H
/*
* The contents of this file are not used in the UEFI build, as
* both 32-bit and 64-bit builds are supported from a single run
* of the Configure script.
*/
/* Should we define BN_DIV2W here? */
/* Only one for the following should be defined */
#define SIXTY_FOUR_BIT_LONG
#undef SIXTY_FOUR_BIT
#undef THIRTY_TWO_BIT
#endif

View File

@ -0,0 +1,27 @@
{- join("\n",map { "/* $_ */" } @autowarntext) -}
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_BN_CONF_H
# define OSSL_CRYPTO_BN_CONF_H
/*
* The contents of this file are not used in the UEFI build, as
* both 32-bit and 64-bit builds are supported from a single run
* of the Configure script.
*/
/* Should we define BN_DIV2W here? */
/* Only one for the following should be defined */
{- $config{b64l} ? "#define" : "#undef" -} SIXTY_FOUR_BIT_LONG
{- $config{b64} ? "#define" : "#undef" -} SIXTY_FOUR_BIT
{- $config{b32} ? "#define" : "#undef" -} THIRTY_TWO_BIT
#endif

View File

@ -0,0 +1,24 @@
/*
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#define declare_dh_bn(x) \
extern const BIGNUM _bignum_dh##x##_p; \
extern const BIGNUM _bignum_dh##x##_g; \
extern const BIGNUM _bignum_dh##x##_q;
declare_dh_bn(1024_160)
declare_dh_bn(2048_224)
declare_dh_bn(2048_256)
extern const BIGNUM _bignum_ffdhe2048_p;
extern const BIGNUM _bignum_ffdhe3072_p;
extern const BIGNUM _bignum_ffdhe4096_p;
extern const BIGNUM _bignum_ffdhe6144_p;
extern const BIGNUM _bignum_ffdhe8192_p;
extern const BIGNUM _bignum_const_2;

View File

@ -0,0 +1,32 @@
/*
* Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_NO_SRP
extern const BIGNUM bn_group_1024;
extern const BIGNUM bn_group_1536;
extern const BIGNUM bn_group_2048;
extern const BIGNUM bn_group_3072;
extern const BIGNUM bn_group_4096;
extern const BIGNUM bn_group_6144;
extern const BIGNUM bn_group_8192;
extern const BIGNUM bn_generator_19;
extern const BIGNUM bn_generator_5;
extern const BIGNUM bn_generator_2;
#endif

View File

@ -0,0 +1,42 @@
/*
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_CHACHA_H
#define OSSL_CRYPTO_CHACHA_H
#include <stddef.h>
/*
* ChaCha20_ctr32 encrypts |len| bytes from |inp| with the given key and
* nonce and writes the result to |out|, which may be equal to |inp|.
* The |key| is not 32 bytes of verbatim key material though, but the
* said material collected into 8 32-bit elements array in host byte
* order. Same approach applies to nonce: the |counter| argument is
* pointer to concatenated nonce and counter values collected into 4
* 32-bit elements. This, passing crypto material collected into 32-bit
* elements as opposite to passing verbatim byte vectors, is chosen for
* efficiency in multi-call scenarios.
*/
void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
size_t len, const unsigned int key[8],
const unsigned int counter[4]);
/*
* You can notice that there is no key setup procedure. Because it's
* as trivial as collecting bytes into 32-bit elements, it's reckoned
* that below macro is sufficient.
*/
#define CHACHA_U8TOU32(p) ( \
((unsigned int)(p)[0]) | ((unsigned int)(p)[1]<<8) | \
((unsigned int)(p)[2]<<16) | ((unsigned int)(p)[3]<<24) )
#define CHACHA_KEY_SIZE 32
#define CHACHA_CTR_SIZE 16
#define CHACHA_BLK_SIZE 64
#endif

View File

@ -0,0 +1,35 @@
/*
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "internal/cryptlib.h"
/* This file is not scanned by mkdef.pl, whereas cryptlib.h is */
struct thread_local_inits_st {
int async;
int err_state;
int rand;
};
int ossl_init_thread_start(uint64_t opts);
/*
* OPENSSL_INIT flags. The primary list of these is in crypto.h. Flags below
* are those omitted from crypto.h because they are "reserved for internal
* use".
*/
# define OPENSSL_INIT_ZLIB 0x00010000L
# define OPENSSL_INIT_BASE_ONLY 0x00040000L
/* OPENSSL_INIT_THREAD flags */
# define OPENSSL_INIT_THREAD_ASYNC 0x01
# define OPENSSL_INIT_THREAD_ERR_STATE 0x02
# define OPENSSL_INIT_THREAD_RAND 0x04
void ossl_malloc_setup_failures(void);

View File

@ -0,0 +1,82 @@
/*
* Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This version of ctype.h provides a standardised and platform
* independent implementation that supports seven bit ASCII characters.
* The specific intent is to not pass extended ASCII characters (> 127)
* even if the host operating system would.
*
* There is EBCDIC support included for machines which use this. However,
* there are a number of concerns about how well EBCDIC is supported
* throughout the rest of the source code. Refer to issue #4154 for
* details.
*/
#ifndef OSSL_CRYPTO_CTYPE_H
# define OSSL_CRYPTO_CTYPE_H
# define CTYPE_MASK_lower 0x1
# define CTYPE_MASK_upper 0x2
# define CTYPE_MASK_digit 0x4
# define CTYPE_MASK_space 0x8
# define CTYPE_MASK_xdigit 0x10
# define CTYPE_MASK_blank 0x20
# define CTYPE_MASK_cntrl 0x40
# define CTYPE_MASK_graph 0x80
# define CTYPE_MASK_print 0x100
# define CTYPE_MASK_punct 0x200
# define CTYPE_MASK_base64 0x400
# define CTYPE_MASK_asn1print 0x800
# define CTYPE_MASK_alpha (CTYPE_MASK_lower | CTYPE_MASK_upper)
# define CTYPE_MASK_alnum (CTYPE_MASK_alpha | CTYPE_MASK_digit)
/*
* The ascii mask assumes that any other classification implies that
* the character is ASCII and that there are no ASCII characters
* that aren't in any of the classifications.
*
* This assumption holds at the moment, but it might not in the future.
*/
# define CTYPE_MASK_ascii (~0)
# ifdef CHARSET_EBCDIC
int ossl_toascii(int c);
int ossl_fromascii(int c);
# else
# define ossl_toascii(c) (c)
# define ossl_fromascii(c) (c)
# endif
int ossl_ctype_check(int c, unsigned int mask);
int ossl_tolower(int c);
int ossl_toupper(int c);
int ascii_isdigit(const char inchar);
# define ossl_isalnum(c) (ossl_ctype_check((c), CTYPE_MASK_alnum))
# define ossl_isalpha(c) (ossl_ctype_check((c), CTYPE_MASK_alpha))
# ifdef CHARSET_EBCDIC
# define ossl_isascii(c) (ossl_ctype_check((c), CTYPE_MASK_ascii))
# else
# define ossl_isascii(c) (((c) & ~127) == 0)
# endif
# define ossl_isblank(c) (ossl_ctype_check((c), CTYPE_MASK_blank))
# define ossl_iscntrl(c) (ossl_ctype_check((c), CTYPE_MASK_cntrl))
# define ossl_isdigit(c) (ossl_ctype_check((c), CTYPE_MASK_digit))
# define ossl_isgraph(c) (ossl_ctype_check((c), CTYPE_MASK_graph))
# define ossl_islower(c) (ossl_ctype_check((c), CTYPE_MASK_lower))
# define ossl_isprint(c) (ossl_ctype_check((c), CTYPE_MASK_print))
# define ossl_ispunct(c) (ossl_ctype_check((c), CTYPE_MASK_punct))
# define ossl_isspace(c) (ossl_ctype_check((c), CTYPE_MASK_space))
# define ossl_isupper(c) (ossl_ctype_check((c), CTYPE_MASK_upper))
# define ossl_isxdigit(c) (ossl_ctype_check((c), CTYPE_MASK_xdigit))
# define ossl_isbase64(c) (ossl_ctype_check((c), CTYPE_MASK_base64))
# define ossl_isasn1print(c) (ossl_ctype_check((c), CTYPE_MASK_asn1print))
#endif

View File

@ -0,0 +1,17 @@
/* WARNING: do not edit! */
/* Generated by Makefile from include/crypto/dso_conf.h.in */
/*
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_DSO_CONF_H
# define OSSL_CRYPTO_DSO_CONF_H
# define DSO_DLFCN
# define HAVE_DLFCN_H
# define DSO_EXTENSION ".so"
#endif

View File

@ -0,0 +1,31 @@
{- join("\n",map { "/* $_ */" } @autowarntext) -}
/*
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_DSO_CONF_H
# define OSSL_CRYPTO_DSO_CONF_H
{- # The DSO code currently always implements all functions so that no
# applications will have to worry about that from a compilation point
# of view. However, the "method"s may return zero unless that platform
# has support compiled in for them. Currently each method is enabled
# by a define "DSO_<name>" ... we translate the "dso_scheme" config
# string entry into using the following logic;
my $scheme = $disabled{dso} ? undef : uc $target{dso_scheme};
if (!$scheme) {
$scheme = "NONE";
}
my @macros = ( "DSO_$scheme" );
if ($scheme eq 'DLFCN') {
@macros = ( "DSO_DLFCN", "HAVE_DLFCN_H" );
} elsif ($scheme eq "DLFCN_NO_H") {
@macros = ( "DSO_DLFCN" );
}
join("\n", map { "# define $_" } @macros); -}
# define DSO_EXTENSION "{- $target{dso_extension} -}"
#endif

View File

@ -0,0 +1,53 @@
/*
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Internal EC functions for other submodules: not for application use */
#ifndef OSSL_CRYPTO_EC_H
# define OSSL_CRYPTO_EC_H
# include <openssl/opensslconf.h>
# ifndef OPENSSL_NO_EC
# include <openssl/ec.h>
/*-
* Computes the multiplicative inverse of x in the range
* [1,EC_GROUP::order), where EC_GROUP::order is the cardinality of the
* subgroup generated by the generator G:
*
* res := x^(-1) (mod EC_GROUP::order).
*
* This function expects the following two conditions to hold:
* - the EC_GROUP order is prime, and
* - x is included in the range [1, EC_GROUP::order).
*
* This function returns 1 on success, 0 on error.
*
* If the EC_GROUP order is even, this function explicitly returns 0 as
* an error.
* In case any of the two conditions stated above is not satisfied,
* the correctness of its output is not guaranteed, even if the return
* value could still be 1 (as primality testing and a conditional modular
* reduction round on the input can be omitted by the underlying
* implementations for better SCA properties on regular input values).
*/
__owur int ec_group_do_inverse_ord(const EC_GROUP *group, BIGNUM *res,
const BIGNUM *x, BN_CTX *ctx);
/*-
* ECDH Key Derivation Function as defined in ANSI X9.63
*/
int ecdh_KDF_X9_63(unsigned char *out, size_t outlen,
const unsigned char *Z, size_t Zlen,
const unsigned char *sinfo, size_t sinfolen,
const EVP_MD *md);
# endif /* OPENSSL_NO_EC */
#endif

View File

@ -0,0 +1,20 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/engine.h>
void engine_load_openssl_int(void);
void engine_load_devcrypto_int(void);
void engine_load_rdrand_int(void);
void engine_load_dynamic_int(void);
void engine_load_padlock_int(void);
void engine_load_capi_int(void);
void engine_load_dasync_int(void);
void engine_load_afalg_int(void);
void engine_cleanup_int(void);

View File

@ -0,0 +1,19 @@
/*
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_ERR_H
# define OSSL_CRYPTO_ERR_H
int err_load_crypto_strings_int(void);
void err_cleanup(void);
void err_delete_thread_state(void);
int err_shelve_state(void **);
void err_unshelve_state(void *);
#endif

View File

@ -0,0 +1,442 @@
/*
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/evp.h>
#include "internal/refcount.h"
/*
* Don't free up md_ctx->pctx in EVP_MD_CTX_reset, use the reserved flag
* values in evp.h
*/
#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
struct evp_pkey_ctx_st {
/* Method associated with this operation */
const EVP_PKEY_METHOD *pmeth;
/* Engine that implements this method or NULL if builtin */
ENGINE *engine;
/* Key: may be NULL */
EVP_PKEY *pkey;
/* Peer key for key agreement, may be NULL */
EVP_PKEY *peerkey;
/* Actual operation */
int operation;
/* Algorithm specific data */
void *data;
/* Application specific data */
void *app_data;
/* Keygen callback */
EVP_PKEY_gen_cb *pkey_gencb;
/* implementation specific keygen data */
int *keygen_info;
int keygen_info_count;
} /* EVP_PKEY_CTX */ ;
#define EVP_PKEY_FLAG_DYNAMIC 1
struct evp_pkey_method_st {
int pkey_id;
int flags;
int (*init) (EVP_PKEY_CTX *ctx);
int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
void (*cleanup) (EVP_PKEY_CTX *ctx);
int (*paramgen_init) (EVP_PKEY_CTX *ctx);
int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
int (*keygen_init) (EVP_PKEY_CTX *ctx);
int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
int (*sign_init) (EVP_PKEY_CTX *ctx);
int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen);
int (*verify_init) (EVP_PKEY_CTX *ctx);
int (*verify) (EVP_PKEY_CTX *ctx,
const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen);
int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
int (*verify_recover) (EVP_PKEY_CTX *ctx,
unsigned char *rout, size_t *routlen,
const unsigned char *sig, size_t siglen);
int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
EVP_MD_CTX *mctx);
int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
EVP_MD_CTX *mctx);
int (*encrypt_init) (EVP_PKEY_CTX *ctx);
int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
int (*decrypt_init) (EVP_PKEY_CTX *ctx);
int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
int (*derive_init) (EVP_PKEY_CTX *ctx);
int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen);
int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
size_t siglen, const unsigned char *tbs,
size_t tbslen);
int (*check) (EVP_PKEY *pkey);
int (*public_check) (EVP_PKEY *pkey);
int (*param_check) (EVP_PKEY *pkey);
int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
} /* EVP_PKEY_METHOD */ ;
DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD)
void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
extern const EVP_PKEY_METHOD cmac_pkey_meth;
extern const EVP_PKEY_METHOD dh_pkey_meth;
extern const EVP_PKEY_METHOD dhx_pkey_meth;
extern const EVP_PKEY_METHOD dsa_pkey_meth;
extern const EVP_PKEY_METHOD ec_pkey_meth;
extern const EVP_PKEY_METHOD sm2_pkey_meth;
extern const EVP_PKEY_METHOD ecx25519_pkey_meth;
extern const EVP_PKEY_METHOD ecx448_pkey_meth;
extern const EVP_PKEY_METHOD ed25519_pkey_meth;
extern const EVP_PKEY_METHOD ed448_pkey_meth;
extern const EVP_PKEY_METHOD hmac_pkey_meth;
extern const EVP_PKEY_METHOD rsa_pkey_meth;
extern const EVP_PKEY_METHOD rsa_pss_pkey_meth;
extern const EVP_PKEY_METHOD scrypt_pkey_meth;
extern const EVP_PKEY_METHOD tls1_prf_pkey_meth;
extern const EVP_PKEY_METHOD hkdf_pkey_meth;
extern const EVP_PKEY_METHOD poly1305_pkey_meth;
extern const EVP_PKEY_METHOD siphash_pkey_meth;
struct evp_md_st {
int type;
int pkey_type;
int md_size;
unsigned long flags;
int (*init) (EVP_MD_CTX *ctx);
int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
int (*cleanup) (EVP_MD_CTX *ctx);
int block_size;
int ctx_size; /* how big does the ctx->md_data need to be */
/* control function */
int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
} /* EVP_MD */ ;
struct evp_cipher_st {
int nid;
int block_size;
/* Default value for variable length ciphers */
int key_len;
int iv_len;
/* Various flags */
unsigned long flags;
/* init key */
int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
/* encrypt/decrypt data */
int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl);
/* cleanup ctx */
int (*cleanup) (EVP_CIPHER_CTX *);
/* how big ctx->cipher_data needs to be */
int ctx_size;
/* Populate a ASN1_TYPE with parameters */
int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
/* Get parameters from a ASN1_TYPE */
int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
/* Miscellaneous operations */
int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
/* Application data */
void *app_data;
} /* EVP_CIPHER */ ;
/* Macros to code block cipher wrappers */
/* Wrapper functions for each cipher mode */
#define EVP_C_DATA(kstruct, ctx) \
((kstruct *)EVP_CIPHER_CTX_get_cipher_data(ctx))
#define BLOCK_CIPHER_ecb_loop() \
size_t i, bl; \
bl = EVP_CIPHER_CTX_cipher(ctx)->block_size; \
if (inl < bl) return 1;\
inl -= bl; \
for (i=0; i <= inl; i+=bl)
#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
BLOCK_CIPHER_ecb_loop() \
cprefix##_ecb_encrypt(in + i, out + i, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_encrypting(ctx)); \
return 1;\
}
#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
while(inl>=EVP_MAXCHUNK) {\
int num = EVP_CIPHER_CTX_num(ctx);\
cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
EVP_CIPHER_CTX_set_num(ctx, num);\
inl-=EVP_MAXCHUNK;\
in +=EVP_MAXCHUNK;\
out+=EVP_MAXCHUNK;\
}\
if (inl) {\
int num = EVP_CIPHER_CTX_num(ctx);\
cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
EVP_CIPHER_CTX_set_num(ctx, num);\
}\
return 1;\
}
#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
while(inl>=EVP_MAXCHUNK) \
{\
cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
inl-=EVP_MAXCHUNK;\
in +=EVP_MAXCHUNK;\
out+=EVP_MAXCHUNK;\
}\
if (inl)\
cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
return 1;\
}
#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
size_t chunk = EVP_MAXCHUNK;\
if (cbits == 1) chunk >>= 3;\
if (inl < chunk) chunk = inl;\
while (inl && inl >= chunk)\
{\
int num = EVP_CIPHER_CTX_num(ctx);\
cprefix##_cfb##cbits##_encrypt(in, out, (long) \
((cbits == 1) \
&& !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) \
? chunk*8 : chunk), \
&EVP_C_DATA(kstruct, ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx),\
&num, EVP_CIPHER_CTX_encrypting(ctx));\
EVP_CIPHER_CTX_set_num(ctx, num);\
inl -= chunk;\
in += chunk;\
out += chunk;\
if (inl < chunk) chunk = inl;\
}\
return 1;\
}
#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
key_len, iv_len, flags, init_key, cleanup, \
set_asn1, get_asn1, ctrl) \
static const EVP_CIPHER cname##_##mode = { \
nid##_##nmode, block_size, key_len, iv_len, \
flags | EVP_CIPH_##MODE##_MODE, \
init_key, \
cname##_##mode##_cipher, \
cleanup, \
sizeof(kstruct), \
set_asn1, get_asn1,\
ctrl, \
NULL \
}; \
const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
iv_len, flags, init_key, cleanup, set_asn1, \
get_asn1, ctrl) \
BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
iv_len, cbits, flags, init_key, cleanup, \
set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
key_len, iv_len, flags, init_key, cleanup, set_asn1, \
get_asn1, ctrl)
#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
iv_len, cbits, flags, init_key, cleanup, \
set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
key_len, iv_len, flags, init_key, cleanup, set_asn1, \
get_asn1, ctrl)
#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
flags, init_key, cleanup, set_asn1, \
get_asn1, ctrl) \
BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
#define BLOCK_CIPHER_defs(cname, kstruct, \
nid, block_size, key_len, iv_len, cbits, flags, \
init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
init_key, cleanup, set_asn1, get_asn1, ctrl)
/*-
#define BLOCK_CIPHER_defs(cname, kstruct, \
nid, block_size, key_len, iv_len, flags,\
init_key, cleanup, set_asn1, get_asn1, ctrl)\
static const EVP_CIPHER cname##_cbc = {\
nid##_cbc, block_size, key_len, iv_len, \
flags | EVP_CIPH_CBC_MODE,\
init_key,\
cname##_cbc_cipher,\
cleanup,\
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
set_asn1, get_asn1,\
ctrl, \
NULL \
};\
const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
static const EVP_CIPHER cname##_cfb = {\
nid##_cfb64, 1, key_len, iv_len, \
flags | EVP_CIPH_CFB_MODE,\
init_key,\
cname##_cfb_cipher,\
cleanup,\
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
set_asn1, get_asn1,\
ctrl,\
NULL \
};\
const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
static const EVP_CIPHER cname##_ofb = {\
nid##_ofb64, 1, key_len, iv_len, \
flags | EVP_CIPH_OFB_MODE,\
init_key,\
cname##_ofb_cipher,\
cleanup,\
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
set_asn1, get_asn1,\
ctrl,\
NULL \
};\
const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
static const EVP_CIPHER cname##_ecb = {\
nid##_ecb, block_size, key_len, iv_len, \
flags | EVP_CIPH_ECB_MODE,\
init_key,\
cname##_ecb_cipher,\
cleanup,\
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
set_asn1, get_asn1,\
ctrl,\
NULL \
};\
const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
*/
#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
block_size, key_len, iv_len, cbits, \
flags, init_key, \
cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
cbits, flags, init_key, cleanup, set_asn1, \
get_asn1, ctrl)
#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \
BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
(fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \
cipher##_init_key, NULL, NULL, NULL, NULL)
# ifndef OPENSSL_NO_EC
#define X25519_KEYLEN 32
#define X448_KEYLEN 56
#define ED448_KEYLEN 57
#define MAX_KEYLEN ED448_KEYLEN
typedef struct {
unsigned char pubkey[MAX_KEYLEN];
unsigned char *privkey;
} ECX_KEY;
#endif
/*
* Type needs to be a bit field Sub-type needs to be for variations on the
* method, as in, can it do arbitrary encryption....
*/
struct evp_pkey_st {
int type;
int save_type;
CRYPTO_REF_COUNT references;
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *engine;
ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */
union {
void *ptr;
# ifndef OPENSSL_NO_RSA
struct rsa_st *rsa; /* RSA */
# endif
# ifndef OPENSSL_NO_DSA
struct dsa_st *dsa; /* DSA */
# endif
# ifndef OPENSSL_NO_DH
struct dh_st *dh; /* DH */
# endif
# ifndef OPENSSL_NO_EC
struct ec_key_st *ec; /* ECC */
ECX_KEY *ecx; /* X25519, X448, Ed25519, Ed448 */
# endif
} pkey;
int save_parameters;
STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
CRYPTO_RWLOCK *lock;
} /* EVP_PKEY */ ;
void openssl_add_all_ciphers_int(void);
void openssl_add_all_digests_int(void);
void evp_cleanup_int(void);
void evp_app_cleanup_int(void);
/* Pulling defines out of C source files */
#define EVP_RC4_KEY_SIZE 16
#ifndef TLS1_1_VERSION
# define TLS1_1_VERSION 0x0302
#endif
void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags);
/* EVP_ENCODE_CTX flags */
/* Don't generate new lines when encoding */
#define EVP_ENCODE_CTX_NO_NEWLINES 1
/* Use the SRP base64 alphabet instead of the standard one */
#define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2

View File

@ -0,0 +1,15 @@
/*
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_LHASH_H
# define OSSL_CRYPTO_LHASH_H
unsigned long openssl_lh_strcasehash(const char *);
#endif

View File

@ -0,0 +1,256 @@
/*
* Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*-
* This is a generic 32 bit "collector" for message digest algorithms.
* Whenever needed it collects input character stream into chunks of
* 32 bit values and invokes a block function that performs actual hash
* calculations.
*
* Porting guide.
*
* Obligatory macros:
*
* DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
* this macro defines byte order of input stream.
* HASH_CBLOCK
* size of a unit chunk HASH_BLOCK operates on.
* HASH_LONG
* has to be at least 32 bit wide.
* HASH_CTX
* context structure that at least contains following
* members:
* typedef struct {
* ...
* HASH_LONG Nl,Nh;
* either {
* HASH_LONG data[HASH_LBLOCK];
* unsigned char data[HASH_CBLOCK];
* };
* unsigned int num;
* ...
* } HASH_CTX;
* data[] vector is expected to be zeroed upon first call to
* HASH_UPDATE.
* HASH_UPDATE
* name of "Update" function, implemented here.
* HASH_TRANSFORM
* name of "Transform" function, implemented here.
* HASH_FINAL
* name of "Final" function, implemented here.
* HASH_BLOCK_DATA_ORDER
* name of "block" function capable of treating *unaligned* input
* message in original (data) byte order, implemented externally.
* HASH_MAKE_STRING
* macro converting context variables to an ASCII hash string.
*
* MD5 example:
*
* #define DATA_ORDER_IS_LITTLE_ENDIAN
*
* #define HASH_LONG MD5_LONG
* #define HASH_CTX MD5_CTX
* #define HASH_CBLOCK MD5_CBLOCK
* #define HASH_UPDATE MD5_Update
* #define HASH_TRANSFORM MD5_Transform
* #define HASH_FINAL MD5_Final
* #define HASH_BLOCK_DATA_ORDER md5_block_data_order
*/
#include <openssl/crypto.h>
#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
# error "DATA_ORDER must be defined!"
#endif
#ifndef HASH_CBLOCK
# error "HASH_CBLOCK must be defined!"
#endif
#ifndef HASH_LONG
# error "HASH_LONG must be defined!"
#endif
#ifndef HASH_CTX
# error "HASH_CTX must be defined!"
#endif
#ifndef HASH_UPDATE
# error "HASH_UPDATE must be defined!"
#endif
#ifndef HASH_TRANSFORM
# error "HASH_TRANSFORM must be defined!"
#endif
#ifndef HASH_FINAL
# error "HASH_FINAL must be defined!"
#endif
#ifndef HASH_BLOCK_DATA_ORDER
# error "HASH_BLOCK_DATA_ORDER must be defined!"
#endif
#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
#if defined(DATA_ORDER_IS_BIG_ENDIAN)
# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
l|=(((unsigned long)(*((c)++)))<<16), \
l|=(((unsigned long)(*((c)++)))<< 8), \
l|=(((unsigned long)(*((c)++))) ) )
# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff), \
l)
#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
l|=(((unsigned long)(*((c)++)))<< 8), \
l|=(((unsigned long)(*((c)++)))<<16), \
l|=(((unsigned long)(*((c)++)))<<24) )
# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>>24)&0xff), \
l)
#endif
/*
* Time for some action :-)
*/
int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len)
{
const unsigned char *data = data_;
unsigned char *p;
HASH_LONG l;
size_t n;
if (len == 0)
return 1;
l = (c->Nl + (((HASH_LONG) len) << 3)) & 0xffffffffUL;
if (l < c->Nl) /* overflow */
c->Nh++;
c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on
* 16-bit */
c->Nl = l;
n = c->num;
if (n != 0) {
p = (unsigned char *)c->data;
if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
memcpy(p + n, data, HASH_CBLOCK - n);
HASH_BLOCK_DATA_ORDER(c, p, 1);
n = HASH_CBLOCK - n;
data += n;
len -= n;
c->num = 0;
/*
* We use memset rather than OPENSSL_cleanse() here deliberately.
* Using OPENSSL_cleanse() here could be a performance issue. It
* will get properly cleansed on finalisation so this isn't a
* security problem.
*/
memset(p, 0, HASH_CBLOCK); /* keep it zeroed */
} else {
memcpy(p + n, data, len);
c->num += (unsigned int)len;
return 1;
}
}
n = len / HASH_CBLOCK;
if (n > 0) {
HASH_BLOCK_DATA_ORDER(c, data, n);
n *= HASH_CBLOCK;
data += n;
len -= n;
}
if (len != 0) {
p = (unsigned char *)c->data;
c->num = (unsigned int)len;
memcpy(p, data, len);
}
return 1;
}
void HASH_TRANSFORM(HASH_CTX *c, const unsigned char *data)
{
HASH_BLOCK_DATA_ORDER(c, data, 1);
}
int HASH_FINAL(unsigned char *md, HASH_CTX *c)
{
unsigned char *p = (unsigned char *)c->data;
size_t n = c->num;
p[n] = 0x80; /* there is always room for one */
n++;
if (n > (HASH_CBLOCK - 8)) {
memset(p + n, 0, HASH_CBLOCK - n);
n = 0;
HASH_BLOCK_DATA_ORDER(c, p, 1);
}
memset(p + n, 0, HASH_CBLOCK - 8 - n);
p += HASH_CBLOCK - 8;
#if defined(DATA_ORDER_IS_BIG_ENDIAN)
(void)HOST_l2c(c->Nh, p);
(void)HOST_l2c(c->Nl, p);
#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
(void)HOST_l2c(c->Nl, p);
(void)HOST_l2c(c->Nh, p);
#endif
p -= HASH_CBLOCK;
HASH_BLOCK_DATA_ORDER(c, p, 1);
c->num = 0;
OPENSSL_cleanse(p, HASH_CBLOCK);
#ifndef HASH_MAKE_STRING
# error "HASH_MAKE_STRING must be defined!"
#else
HASH_MAKE_STRING(c, md);
#endif
return 1;
}
#ifndef MD32_REG_T
# if defined(__alpha) || defined(__sparcv9) || defined(__mips)
# define MD32_REG_T long
/*
* This comment was originally written for MD5, which is why it
* discusses A-D. But it basically applies to all 32-bit digests,
* which is why it was moved to common header file.
*
* In case you wonder why A-D are declared as long and not
* as MD5_LONG. Doing so results in slight performance
* boost on LP64 architectures. The catch is we don't
* really care if 32 MSBs of a 64-bit register get polluted
* with eventual overflows as we *save* only 32 LSBs in
* *either* case. Now declaring 'em long excuses the compiler
* from keeping 32 MSBs zeroed resulting in 13% performance
* improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
* Well, to be honest it should say that this *prevents*
* performance degradation.
*/
# else
/*
* Above is not absolute and there are LP64 compilers that
* generate better code if MD32_REG_T is defined int. The above
* pre-processor condition reflects the circumstances under which
* the conclusion was made and is subject to further extension.
*/
# define MD32_REG_T int
# endif
#endif

View File

@ -0,0 +1,12 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/objects.h>
void obj_cleanup_int(void);

View File

@ -0,0 +1,21 @@
/*
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stddef.h>
#define POLY1305_BLOCK_SIZE 16
#define POLY1305_DIGEST_SIZE 16
#define POLY1305_KEY_SIZE 32
typedef struct poly1305_context POLY1305;
size_t Poly1305_ctx_size(void);
void Poly1305_Init(POLY1305 *ctx, const unsigned char key[32]);
void Poly1305_Update(POLY1305 *ctx, const unsigned char *inp, size_t len);
void Poly1305_Final(POLY1305 *ctx, unsigned char mac[16]);

View File

@ -0,0 +1,144 @@
/*
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Licensed under the OpenSSL licenses, (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* https://www.openssl.org/source/license.html
* or in the file LICENSE in the source distribution.
*/
#ifndef OSSL_CRYPTO_RAND_H
# define OSSL_CRYPTO_RAND_H
# include <openssl/rand.h>
# if defined(__APPLE__) && !defined(OPENSSL_NO_APPLE_CRYPTO_RANDOM)
# include <Availability.h>
# if (defined(__MAC_OS_X_VERSION_MIN_REQUIRED) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200) || \
(defined(__IPHONE_OS_VERSION_MIN_REQUIRED) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 80000)
# define OPENSSL_APPLE_CRYPTO_RANDOM 1
# include <CommonCrypto/CommonCryptoError.h>
# include <CommonCrypto/CommonRandom.h>
# endif
# endif
/* forward declaration */
typedef struct rand_pool_st RAND_POOL;
void rand_cleanup_int(void);
void rand_drbg_cleanup_int(void);
void drbg_delete_thread_state(void);
/* Hardware-based seeding functions. */
size_t rand_acquire_entropy_from_tsc(RAND_POOL *pool);
size_t rand_acquire_entropy_from_cpu(RAND_POOL *pool);
/* DRBG entropy callbacks. */
size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
unsigned char **pout,
int entropy, size_t min_len, size_t max_len,
int prediction_resistance);
void rand_drbg_cleanup_entropy(RAND_DRBG *drbg,
unsigned char *out, size_t outlen);
size_t rand_drbg_get_nonce(RAND_DRBG *drbg,
unsigned char **pout,
int entropy, size_t min_len, size_t max_len);
void rand_drbg_cleanup_nonce(RAND_DRBG *drbg,
unsigned char *out, size_t outlen);
size_t rand_drbg_get_additional_data(RAND_POOL *pool, unsigned char **pout);
void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out);
/*
* RAND_POOL functions
*/
RAND_POOL *rand_pool_new(int entropy_requested, int secure,
size_t min_len, size_t max_len);
RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len,
size_t entropy);
void rand_pool_free(RAND_POOL *pool);
const unsigned char *rand_pool_buffer(RAND_POOL *pool);
unsigned char *rand_pool_detach(RAND_POOL *pool);
void rand_pool_reattach(RAND_POOL *pool, unsigned char *buffer);
size_t rand_pool_entropy(RAND_POOL *pool);
size_t rand_pool_length(RAND_POOL *pool);
size_t rand_pool_entropy_available(RAND_POOL *pool);
size_t rand_pool_entropy_needed(RAND_POOL *pool);
/* |entropy_factor| expresses how many bits of data contain 1 bit of entropy */
size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor);
size_t rand_pool_bytes_remaining(RAND_POOL *pool);
int rand_pool_add(RAND_POOL *pool,
const unsigned char *buffer, size_t len, size_t entropy);
unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len);
int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy);
/*
* Add random bytes to the pool to acquire requested amount of entropy
*
* This function is platform specific and tries to acquire the requested
* amount of entropy by polling platform specific entropy sources.
*
* If the function succeeds in acquiring at least |entropy_requested| bits
* of entropy, the total entropy count is returned. If it fails, it returns
* an entropy count of 0.
*/
size_t rand_pool_acquire_entropy(RAND_POOL *pool);
/*
* Add some application specific nonce data
*
* This function is platform specific and adds some application specific
* data to the nonce used for instantiating the drbg.
*
* This data currently consists of the process and thread id, and a high
* resolution timestamp. The data does not include an atomic counter,
* because that is added by the calling function rand_drbg_get_nonce().
*
* Returns 1 on success and 0 on failure.
*/
int rand_pool_add_nonce_data(RAND_POOL *pool);
/*
* Add some platform specific additional data
*
* This function is platform specific and adds some random noise to the
* additional data used for generating random bytes and for reseeding
* the drbg.
*
* Returns 1 on success and 0 on failure.
*/
int rand_pool_add_additional_data(RAND_POOL *pool);
/*
* Initialise the random pool reseeding sources.
*
* Returns 1 on success and 0 on failure.
*/
int rand_pool_init(void);
/*
* Finalise the random pool reseeding sources.
*/
void rand_pool_cleanup(void);
/*
* Control the random pool use of open file descriptors.
*/
void rand_pool_keep_random_devices_open(int keep);
#endif

View File

@ -0,0 +1,19 @@
/*
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_SHA_H
# define OSSL_CRYPTO_SHA_H
# include <openssl/opensslconf.h>
int sha512_224_init(SHA512_CTX *);
int sha512_256_init(SHA512_CTX *);
#endif

View File

@ -0,0 +1,25 @@
/*
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stddef.h>
#define SIPHASH_BLOCK_SIZE 8
#define SIPHASH_KEY_SIZE 16
#define SIPHASH_MIN_DIGEST_SIZE 8
#define SIPHASH_MAX_DIGEST_SIZE 16
typedef struct siphash_st SIPHASH;
size_t SipHash_ctx_size(void);
size_t SipHash_hash_size(SIPHASH *ctx);
int SipHash_set_hash_size(SIPHASH *ctx, size_t hash_size);
int SipHash_Init(SIPHASH *ctx, const unsigned char *k,
int crounds, int drounds);
void SipHash_Update(SIPHASH *ctx, const unsigned char *in, size_t inlen);
int SipHash_Final(SIPHASH *ctx, unsigned char *out, size_t outlen);

View File

@ -0,0 +1,77 @@
/*
* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2017 Ribose Inc. All Rights Reserved.
* Ported from Ribose contributions from Botan.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_SM2_H
# define OSSL_CRYPTO_SM2_H
# include <openssl/opensslconf.h>
# ifndef OPENSSL_NO_SM2
# include <openssl/ec.h>
/* The default user id as specified in GM/T 0009-2012 */
# define SM2_DEFAULT_USERID "1234567812345678"
int sm2_compute_z_digest(uint8_t *out,
const EVP_MD *digest,
const uint8_t *id,
const size_t id_len,
const EC_KEY *key);
/*
* SM2 signature operation. Computes Z and then signs H(Z || msg) using SM2
*/
ECDSA_SIG *sm2_do_sign(const EC_KEY *key,
const EVP_MD *digest,
const uint8_t *id,
const size_t id_len,
const uint8_t *msg, size_t msg_len);
int sm2_do_verify(const EC_KEY *key,
const EVP_MD *digest,
const ECDSA_SIG *signature,
const uint8_t *id,
const size_t id_len,
const uint8_t *msg, size_t msg_len);
/*
* SM2 signature generation.
*/
int sm2_sign(const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
/*
* SM2 signature verification.
*/
int sm2_verify(const unsigned char *dgst, int dgstlen,
const unsigned char *sig, int siglen, EC_KEY *eckey);
/*
* SM2 encryption
*/
int sm2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len,
size_t *ct_size);
int sm2_plaintext_size(const unsigned char *ct, size_t ct_size, size_t *pt_size);
int sm2_encrypt(const EC_KEY *key,
const EVP_MD *digest,
const uint8_t *msg,
size_t msg_len,
uint8_t *ciphertext_buf, size_t *ciphertext_len);
int sm2_decrypt(const EC_KEY *key,
const EVP_MD *digest,
const uint8_t *ciphertext,
size_t ciphertext_len, uint8_t *ptext_buf, size_t *ptext_len);
# endif /* OPENSSL_NO_SM2 */
#endif

View File

@ -0,0 +1,65 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_SM2ERR_H
# define OSSL_CRYPTO_SM2ERR_H
# ifndef HEADER_SYMHACKS_H
# include <openssl/symhacks.h>
# endif
# include <openssl/opensslconf.h>
# ifndef OPENSSL_NO_SM2
# ifdef __cplusplus
extern "C"
# endif
int ERR_load_SM2_strings(void);
/*
* SM2 function codes.
*/
# define SM2_F_PKEY_SM2_COPY 115
# define SM2_F_PKEY_SM2_CTRL 109
# define SM2_F_PKEY_SM2_CTRL_STR 110
# define SM2_F_PKEY_SM2_DIGEST_CUSTOM 114
# define SM2_F_PKEY_SM2_INIT 111
# define SM2_F_PKEY_SM2_SIGN 112
# define SM2_F_SM2_COMPUTE_MSG_HASH 100
# define SM2_F_SM2_COMPUTE_USERID_DIGEST 101
# define SM2_F_SM2_COMPUTE_Z_DIGEST 113
# define SM2_F_SM2_DECRYPT 102
# define SM2_F_SM2_ENCRYPT 103
# define SM2_F_SM2_PLAINTEXT_SIZE 104
# define SM2_F_SM2_SIGN 105
# define SM2_F_SM2_SIG_GEN 106
# define SM2_F_SM2_SIG_VERIFY 107
# define SM2_F_SM2_VERIFY 108
/*
* SM2 reason codes.
*/
# define SM2_R_ASN1_ERROR 100
# define SM2_R_BAD_SIGNATURE 101
# define SM2_R_BUFFER_TOO_SMALL 107
# define SM2_R_DIST_ID_TOO_LARGE 110
# define SM2_R_ID_NOT_SET 112
# define SM2_R_ID_TOO_LARGE 111
# define SM2_R_INVALID_CURVE 108
# define SM2_R_INVALID_DIGEST 102
# define SM2_R_INVALID_DIGEST_TYPE 103
# define SM2_R_INVALID_ENCODING 104
# define SM2_R_INVALID_FIELD 105
# define SM2_R_NO_PARAMETERS_SET 109
# define SM2_R_USER_ID_TOO_LARGE 106
# endif
#endif

View File

@ -0,0 +1,39 @@
/*
* Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2017 Ribose Inc. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_SM3_H
# define OSSL_CRYPTO_SM3_H
# include <openssl/opensslconf.h>
# ifdef OPENSSL_NO_SM3
# error SM3 is disabled.
# endif
# define SM3_DIGEST_LENGTH 32
# define SM3_WORD unsigned int
# define SM3_CBLOCK 64
# define SM3_LBLOCK (SM3_CBLOCK/4)
typedef struct SM3state_st {
SM3_WORD A, B, C, D, E, F, G, H;
SM3_WORD Nl, Nh;
SM3_WORD data[SM3_LBLOCK];
unsigned int num;
} SM3_CTX;
int sm3_init(SM3_CTX *c);
int sm3_update(SM3_CTX *c, const void *data, size_t len);
int sm3_final(unsigned char *md, SM3_CTX *c);
void sm3_block_data_order(SM3_CTX *c, const void *p, size_t num);
#endif

View File

@ -0,0 +1,37 @@
/*
* Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2017 Ribose Inc. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_SM4_H
# define OSSL_CRYPTO_SM4_H
# include <openssl/opensslconf.h>
# include <openssl/e_os2.h>
# ifdef OPENSSL_NO_SM4
# error SM4 is disabled.
# endif
# define SM4_ENCRYPT 1
# define SM4_DECRYPT 0
# define SM4_BLOCK_SIZE 16
# define SM4_KEY_SCHEDULE 32
typedef struct SM4_KEY_st {
uint32_t rk[SM4_KEY_SCHEDULE];
} SM4_KEY;
int SM4_set_key(const uint8_t *key, SM4_KEY *ks);
void SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks);
void SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks);
#endif

View File

@ -0,0 +1,28 @@
/*
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_STORE_H
# define OSSL_CRYPTO_STORE_H
# include <openssl/bio.h>
# include <openssl/store.h>
# include <openssl/ui.h>
/*
* Two functions to read PEM data off an already opened BIO. To be used
* instead of OSSLSTORE_open() and OSSLSTORE_close(). Everything is done
* as usual with OSSLSTORE_load() and OSSLSTORE_eof().
*/
OSSL_STORE_CTX *ossl_store_attach_pem_bio(BIO *bp, const UI_METHOD *ui_method,
void *ui_data);
int ossl_store_detach_pem_bio(OSSL_STORE_CTX *ctx);
void ossl_store_cleanup_int(void);
#endif

View File

@ -0,0 +1,291 @@
/*
* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "internal/refcount.h"
#include <openssl/x509.h>
#include <openssl/conf.h>
/* Internal X509 structures and functions: not for application use */
/* Note: unless otherwise stated a field pointer is mandatory and should
* never be set to NULL: the ASN.1 code and accessors rely on mandatory
* fields never being NULL.
*/
/*
* name entry structure, equivalent to AttributeTypeAndValue defined
* in RFC5280 et al.
*/
struct X509_name_entry_st {
ASN1_OBJECT *object; /* AttributeType */
ASN1_STRING *value; /* AttributeValue */
int set; /* index of RDNSequence for this entry */
int size; /* temp variable */
};
/* Name from RFC 5280. */
struct X509_name_st {
STACK_OF(X509_NAME_ENTRY) *entries; /* DN components */
int modified; /* true if 'bytes' needs to be built */
BUF_MEM *bytes; /* cached encoding: cannot be NULL */
/* canonical encoding used for rapid Name comparison */
unsigned char *canon_enc;
int canon_enclen;
} /* X509_NAME */ ;
/* Signature info structure */
struct x509_sig_info_st {
/* NID of message digest */
int mdnid;
/* NID of public key algorithm */
int pknid;
/* Security bits */
int secbits;
/* Various flags */
uint32_t flags;
};
/* PKCS#10 certificate request */
struct X509_req_info_st {
ASN1_ENCODING enc; /* cached encoding of signed part */
ASN1_INTEGER *version; /* version, defaults to v1(0) so can be NULL */
X509_NAME *subject; /* certificate request DN */
X509_PUBKEY *pubkey; /* public key of request */
/*
* Zero or more attributes.
* NB: although attributes is a mandatory field some broken
* encodings omit it so this may be NULL in that case.
*/
STACK_OF(X509_ATTRIBUTE) *attributes;
};
struct X509_req_st {
X509_REQ_INFO req_info; /* signed certificate request data */
X509_ALGOR sig_alg; /* signature algorithm */
ASN1_BIT_STRING *signature; /* signature */
CRYPTO_REF_COUNT references;
CRYPTO_RWLOCK *lock;
};
struct X509_crl_info_st {
ASN1_INTEGER *version; /* version: defaults to v1(0) so may be NULL */
X509_ALGOR sig_alg; /* signature algorithm */
X509_NAME *issuer; /* CRL issuer name */
ASN1_TIME *lastUpdate; /* lastUpdate field */
ASN1_TIME *nextUpdate; /* nextUpdate field: optional */
STACK_OF(X509_REVOKED) *revoked; /* revoked entries: optional */
STACK_OF(X509_EXTENSION) *extensions; /* extensions: optional */
ASN1_ENCODING enc; /* encoding of signed portion of CRL */
};
struct X509_crl_st {
X509_CRL_INFO crl; /* signed CRL data */
X509_ALGOR sig_alg; /* CRL signature algorithm */
ASN1_BIT_STRING signature; /* CRL signature */
CRYPTO_REF_COUNT references;
int flags;
/*
* Cached copies of decoded extension values, since extensions
* are optional any of these can be NULL.
*/
AUTHORITY_KEYID *akid;
ISSUING_DIST_POINT *idp;
/* Convenient breakdown of IDP */
int idp_flags;
int idp_reasons;
/* CRL and base CRL numbers for delta processing */
ASN1_INTEGER *crl_number;
ASN1_INTEGER *base_crl_number;
STACK_OF(GENERAL_NAMES) *issuers;
/* hash of CRL */
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
/* alternative method to handle this CRL */
const X509_CRL_METHOD *meth;
void *meth_data;
CRYPTO_RWLOCK *lock;
};
struct x509_revoked_st {
ASN1_INTEGER serialNumber; /* revoked entry serial number */
ASN1_TIME *revocationDate; /* revocation date */
STACK_OF(X509_EXTENSION) *extensions; /* CRL entry extensions: optional */
/* decoded value of CRLissuer extension: set if indirect CRL */
STACK_OF(GENERAL_NAME) *issuer;
/* revocation reason: set to CRL_REASON_NONE if reason extension absent */
int reason;
/*
* CRL entries are reordered for faster lookup of serial numbers. This
* field contains the original load sequence for this entry.
*/
int sequence;
};
/*
* This stuff is certificate "auxiliary info": it contains details which are
* useful in certificate stores and databases. When used this is tagged onto
* the end of the certificate itself. OpenSSL specific structure not defined
* in any RFC.
*/
struct x509_cert_aux_st {
STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
ASN1_UTF8STRING *alias; /* "friendly name" */
ASN1_OCTET_STRING *keyid; /* key id of private key */
STACK_OF(X509_ALGOR) *other; /* other unspecified info */
};
struct x509_cinf_st {
ASN1_INTEGER *version; /* [ 0 ] default of v1 */
ASN1_INTEGER serialNumber;
X509_ALGOR signature;
X509_NAME *issuer;
X509_VAL validity;
X509_NAME *subject;
X509_PUBKEY *key;
ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
ASN1_ENCODING enc;
};
struct x509_st {
X509_CINF cert_info;
X509_ALGOR sig_alg;
ASN1_BIT_STRING signature;
X509_SIG_INFO siginf;
CRYPTO_REF_COUNT references;
CRYPTO_EX_DATA ex_data;
/* These contain copies of various extension values */
long ex_pathlen;
long ex_pcpathlen;
uint32_t ex_flags;
uint32_t ex_kusage;
uint32_t ex_xkusage;
uint32_t ex_nscert;
ASN1_OCTET_STRING *skid;
AUTHORITY_KEYID *akid;
X509_POLICY_CACHE *policy_cache;
STACK_OF(DIST_POINT) *crldp;
STACK_OF(GENERAL_NAME) *altname;
NAME_CONSTRAINTS *nc;
#ifndef OPENSSL_NO_RFC3779
STACK_OF(IPAddressFamily) *rfc3779_addr;
struct ASIdentifiers_st *rfc3779_asid;
# endif
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
X509_CERT_AUX *aux;
CRYPTO_RWLOCK *lock;
volatile int ex_cached;
} /* X509 */ ;
/*
* This is a used when verifying cert chains. Since the gathering of the
* cert chain can take some time (and have to be 'retried', this needs to be
* kept and passed around.
*/
struct x509_store_ctx_st { /* X509_STORE_CTX */
X509_STORE *ctx;
/* The following are set by the caller */
/* The cert to check */
X509 *cert;
/* chain of X509s - untrusted - passed in */
STACK_OF(X509) *untrusted;
/* set of CRLs passed in */
STACK_OF(X509_CRL) *crls;
X509_VERIFY_PARAM *param;
/* Other info for use with get_issuer() */
void *other_ctx;
/* Callbacks for various operations */
/* called to verify a certificate */
int (*verify) (X509_STORE_CTX *ctx);
/* error callback */
int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
/* get issuers cert from ctx */
int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
/* check issued */
int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
/* Check revocation status of chain */
int (*check_revocation) (X509_STORE_CTX *ctx);
/* retrieve CRL */
int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
/* Check CRL validity */
int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
/* Check certificate against CRL */
int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
/* Check policy status of the chain */
int (*check_policy) (X509_STORE_CTX *ctx);
STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
int (*cleanup) (X509_STORE_CTX *ctx);
/* The following is built up */
/* if 0, rebuild chain */
int valid;
/* number of untrusted certs */
int num_untrusted;
/* chain of X509s - built up and trusted */
STACK_OF(X509) *chain;
/* Valid policy tree */
X509_POLICY_TREE *tree;
/* Require explicit policy value */
int explicit_policy;
/* When something goes wrong, this is why */
int error_depth;
int error;
X509 *current_cert;
/* cert currently being tested as valid issuer */
X509 *current_issuer;
/* current CRL */
X509_CRL *current_crl;
/* score of current CRL */
int current_crl_score;
/* Reason mask */
unsigned int current_reasons;
/* For CRL path validation: parent context */
X509_STORE_CTX *parent;
CRYPTO_EX_DATA ex_data;
SSL_DANE *dane;
/* signed via bare TA public key, rather than CA certificate */
int bare_ta_signed;
};
/* PKCS#8 private key info structure */
struct pkcs8_priv_key_info_st {
ASN1_INTEGER *version;
X509_ALGOR *pkeyalg;
ASN1_OCTET_STRING *pkey;
STACK_OF(X509_ATTRIBUTE) *attributes;
};
struct X509_sig_st {
X509_ALGOR *algor;
ASN1_OCTET_STRING *digest;
};
struct x509_object_st {
/* one of the above types */
X509_LOOKUP_TYPE type;
union {
char *ptr;
X509 *x509;
X509_CRL *crl;
EVP_PKEY *pkey;
} data;
};
int a2i_ipadd(unsigned char *ipout, const char *ipasc);
int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm);
void x509_init_sig_info(X509 *x);
int x509v3_add_len_value_uchar(const char *name, const unsigned char *value,
size_t vallen, STACK_OF(CONF_VALUE) **extlist);

View File

@ -0,0 +1,16 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This file is only used by HP C on VMS, and is included automatically
* after each header file from this directory
*/
/* restore state. Must correspond to the save in __decc_include_prologue.h */
#pragma names restore

View File

@ -0,0 +1,20 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This file is only used by HP C on VMS, and is included automatically
* after each header file from this directory
*/
/* save state */
#pragma names save
/* have the compiler shorten symbols larger than 31 chars to 23 chars
* followed by a 8 hex char CRC
*/
#pragma names as_is,shortened

View File

@ -0,0 +1,33 @@
/*
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/bio.h>
struct bio_method_st {
int type;
char *name;
int (*bwrite) (BIO *, const char *, size_t, size_t *);
int (*bwrite_old) (BIO *, const char *, int);
int (*bread) (BIO *, char *, size_t, size_t *);
int (*bread_old) (BIO *, char *, int);
int (*bputs) (BIO *, const char *);
int (*bgets) (BIO *, char *, int);
long (*ctrl) (BIO *, int, long, void *);
int (*create) (BIO *);
int (*destroy) (BIO *);
long (*callback_ctrl) (BIO *, int, BIO_info_cb *);
};
void bio_free_ex_data(BIO *bio);
void bio_cleanup(void);
/* Old style to new style BIO_METHOD conversion functions */
int bwrite_conv(BIO *bio, const char *data, size_t datal, size_t *written);
int bread_conv(BIO *bio, char *data, size_t datal, size_t *read);

View File

@ -0,0 +1,12 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/comp.h>
void comp_zlib_cleanup_int(void);

View File

@ -0,0 +1,30 @@
/*
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_CONF_H
# define OSSL_INTERNAL_CONF_H
#include <openssl/conf.h>
#define DEFAULT_CONF_MFLAGS \
(CONF_MFLAGS_DEFAULT_SECTION | \
CONF_MFLAGS_IGNORE_MISSING_FILE | \
CONF_MFLAGS_IGNORE_RETURN_CODES)
struct ossl_init_settings_st {
char *filename;
char *appname;
unsigned long flags;
};
int openssl_config_int(const OPENSSL_INIT_SETTINGS *);
void openssl_no_config_int(void);
void conf_modules_free_int(void);
#endif

View File

@ -0,0 +1,387 @@
/*
* Copyright 2014-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_CONSTANT_TIME_H
# define OSSL_INTERNAL_CONSTANT_TIME_H
# include <stdlib.h>
# include <string.h>
# include <openssl/e_os2.h> /* For 'ossl_inline' */
/*-
* The boolean methods return a bitmask of all ones (0xff...f) for true
* and 0 for false. This is useful for choosing a value based on the result
* of a conditional in constant time. For example,
* if (a < b) {
* c = a;
* } else {
* c = b;
* }
* can be written as
* unsigned int lt = constant_time_lt(a, b);
* c = constant_time_select(lt, a, b);
*/
/* Returns the given value with the MSB copied to all the other bits. */
static ossl_inline unsigned int constant_time_msb(unsigned int a);
/* Convenience method for uint32_t. */
static ossl_inline uint32_t constant_time_msb_32(uint32_t a);
/* Convenience method for uint64_t. */
static ossl_inline uint64_t constant_time_msb_64(uint64_t a);
/* Returns 0xff..f if a < b and 0 otherwise. */
static ossl_inline unsigned int constant_time_lt(unsigned int a,
unsigned int b);
/* Convenience method for getting an 8-bit mask. */
static ossl_inline unsigned char constant_time_lt_8(unsigned int a,
unsigned int b);
/* Convenience method for uint64_t. */
static ossl_inline uint64_t constant_time_lt_64(uint64_t a, uint64_t b);
/* Returns 0xff..f if a >= b and 0 otherwise. */
static ossl_inline unsigned int constant_time_ge(unsigned int a,
unsigned int b);
/* Convenience method for getting an 8-bit mask. */
static ossl_inline unsigned char constant_time_ge_8(unsigned int a,
unsigned int b);
/* Returns 0xff..f if a == 0 and 0 otherwise. */
static ossl_inline unsigned int constant_time_is_zero(unsigned int a);
/* Convenience method for getting an 8-bit mask. */
static ossl_inline unsigned char constant_time_is_zero_8(unsigned int a);
/* Convenience method for getting a 32-bit mask. */
static ossl_inline uint32_t constant_time_is_zero_32(uint32_t a);
/* Returns 0xff..f if a == b and 0 otherwise. */
static ossl_inline unsigned int constant_time_eq(unsigned int a,
unsigned int b);
/* Convenience method for getting an 8-bit mask. */
static ossl_inline unsigned char constant_time_eq_8(unsigned int a,
unsigned int b);
/* Signed integers. */
static ossl_inline unsigned int constant_time_eq_int(int a, int b);
/* Convenience method for getting an 8-bit mask. */
static ossl_inline unsigned char constant_time_eq_int_8(int a, int b);
/*-
* Returns (mask & a) | (~mask & b).
*
* When |mask| is all 1s or all 0s (as returned by the methods above),
* the select methods return either |a| (if |mask| is nonzero) or |b|
* (if |mask| is zero).
*/
static ossl_inline unsigned int constant_time_select(unsigned int mask,
unsigned int a,
unsigned int b);
/* Convenience method for unsigned chars. */
static ossl_inline unsigned char constant_time_select_8(unsigned char mask,
unsigned char a,
unsigned char b);
/* Convenience method for uint32_t. */
static ossl_inline uint32_t constant_time_select_32(uint32_t mask, uint32_t a,
uint32_t b);
/* Convenience method for uint64_t. */
static ossl_inline uint64_t constant_time_select_64(uint64_t mask, uint64_t a,
uint64_t b);
/* Convenience method for signed integers. */
static ossl_inline int constant_time_select_int(unsigned int mask, int a,
int b);
static ossl_inline unsigned int constant_time_msb(unsigned int a)
{
return 0 - (a >> (sizeof(a) * 8 - 1));
}
static ossl_inline uint32_t constant_time_msb_32(uint32_t a)
{
return 0 - (a >> 31);
}
static ossl_inline uint64_t constant_time_msb_64(uint64_t a)
{
return 0 - (a >> 63);
}
static ossl_inline size_t constant_time_msb_s(size_t a)
{
return 0 - (a >> (sizeof(a) * 8 - 1));
}
static ossl_inline unsigned int constant_time_lt(unsigned int a,
unsigned int b)
{
return constant_time_msb(a ^ ((a ^ b) | ((a - b) ^ b)));
}
static ossl_inline size_t constant_time_lt_s(size_t a, size_t b)
{
return constant_time_msb_s(a ^ ((a ^ b) | ((a - b) ^ b)));
}
static ossl_inline unsigned char constant_time_lt_8(unsigned int a,
unsigned int b)
{
return (unsigned char)constant_time_lt(a, b);
}
static ossl_inline uint64_t constant_time_lt_64(uint64_t a, uint64_t b)
{
return constant_time_msb_64(a ^ ((a ^ b) | ((a - b) ^ b)));
}
static ossl_inline unsigned int constant_time_ge(unsigned int a,
unsigned int b)
{
return ~constant_time_lt(a, b);
}
static ossl_inline size_t constant_time_ge_s(size_t a, size_t b)
{
return ~constant_time_lt_s(a, b);
}
static ossl_inline unsigned char constant_time_ge_8(unsigned int a,
unsigned int b)
{
return (unsigned char)constant_time_ge(a, b);
}
static ossl_inline unsigned char constant_time_ge_8_s(size_t a, size_t b)
{
return (unsigned char)constant_time_ge_s(a, b);
}
static ossl_inline unsigned int constant_time_is_zero(unsigned int a)
{
return constant_time_msb(~a & (a - 1));
}
static ossl_inline size_t constant_time_is_zero_s(size_t a)
{
return constant_time_msb_s(~a & (a - 1));
}
static ossl_inline unsigned char constant_time_is_zero_8(unsigned int a)
{
return (unsigned char)constant_time_is_zero(a);
}
static ossl_inline uint32_t constant_time_is_zero_32(uint32_t a)
{
return constant_time_msb_32(~a & (a - 1));
}
static ossl_inline unsigned int constant_time_eq(unsigned int a,
unsigned int b)
{
return constant_time_is_zero(a ^ b);
}
static ossl_inline size_t constant_time_eq_s(size_t a, size_t b)
{
return constant_time_is_zero_s(a ^ b);
}
static ossl_inline unsigned char constant_time_eq_8(unsigned int a,
unsigned int b)
{
return (unsigned char)constant_time_eq(a, b);
}
static ossl_inline unsigned char constant_time_eq_8_s(size_t a, size_t b)
{
return (unsigned char)constant_time_eq_s(a, b);
}
static ossl_inline unsigned int constant_time_eq_int(int a, int b)
{
return constant_time_eq((unsigned)(a), (unsigned)(b));
}
static ossl_inline unsigned char constant_time_eq_int_8(int a, int b)
{
return constant_time_eq_8((unsigned)(a), (unsigned)(b));
}
/*
* Returns the value unmodified, but avoids optimizations.
* The barriers prevent the compiler from narrowing down the
* possible value range of the mask and ~mask in the select
* statements, which avoids the recognition of the select
* and turning it into a conditional load or branch.
*/
static ossl_inline unsigned int value_barrier(unsigned int a)
{
#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
unsigned int r;
__asm__("" : "=r"(r) : "0"(a));
#else
volatile unsigned int r = a;
#endif
return r;
}
/* Convenience method for uint32_t. */
static ossl_inline uint32_t value_barrier_32(uint32_t a)
{
#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
uint32_t r;
__asm__("" : "=r"(r) : "0"(a));
#else
volatile uint32_t r = a;
#endif
return r;
}
/* Convenience method for uint64_t. */
static ossl_inline uint64_t value_barrier_64(uint64_t a)
{
#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
uint64_t r;
__asm__("" : "=r"(r) : "0"(a));
#else
volatile uint64_t r = a;
#endif
return r;
}
/* Convenience method for size_t. */
static ossl_inline size_t value_barrier_s(size_t a)
{
#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
size_t r;
__asm__("" : "=r"(r) : "0"(a));
#else
volatile size_t r = a;
#endif
return r;
}
static ossl_inline unsigned int constant_time_select(unsigned int mask,
unsigned int a,
unsigned int b)
{
return (value_barrier(mask) & a) | (value_barrier(~mask) & b);
}
static ossl_inline size_t constant_time_select_s(size_t mask,
size_t a,
size_t b)
{
return (value_barrier_s(mask) & a) | (value_barrier_s(~mask) & b);
}
static ossl_inline unsigned char constant_time_select_8(unsigned char mask,
unsigned char a,
unsigned char b)
{
return (unsigned char)constant_time_select(mask, a, b);
}
static ossl_inline int constant_time_select_int(unsigned int mask, int a,
int b)
{
return (int)constant_time_select(mask, (unsigned)(a), (unsigned)(b));
}
static ossl_inline int constant_time_select_int_s(size_t mask, int a, int b)
{
return (int)constant_time_select((unsigned)mask, (unsigned)(a),
(unsigned)(b));
}
static ossl_inline uint32_t constant_time_select_32(uint32_t mask, uint32_t a,
uint32_t b)
{
return (value_barrier_32(mask) & a) | (value_barrier_32(~mask) & b);
}
static ossl_inline uint64_t constant_time_select_64(uint64_t mask, uint64_t a,
uint64_t b)
{
return (value_barrier_64(mask) & a) | (value_barrier_64(~mask) & b);
}
/*
* mask must be 0xFFFFFFFF or 0x00000000.
*
* if (mask) {
* uint32_t tmp = *a;
*
* *a = *b;
* *b = tmp;
* }
*/
static ossl_inline void constant_time_cond_swap_32(uint32_t mask, uint32_t *a,
uint32_t *b)
{
uint32_t xor = *a ^ *b;
xor &= mask;
*a ^= xor;
*b ^= xor;
}
/*
* mask must be 0xFFFFFFFF or 0x00000000.
*
* if (mask) {
* uint64_t tmp = *a;
*
* *a = *b;
* *b = tmp;
* }
*/
static ossl_inline void constant_time_cond_swap_64(uint64_t mask, uint64_t *a,
uint64_t *b)
{
uint64_t xor = *a ^ *b;
xor &= mask;
*a ^= xor;
*b ^= xor;
}
/*
* table is a two dimensional array of bytes. Each row has rowsize elements.
* Copies row number idx into out. rowsize and numrows are not considered
* private.
*/
static ossl_inline void constant_time_lookup(void *out,
const void *table,
size_t rowsize,
size_t numrows,
size_t idx)
{
size_t i, j;
const unsigned char *tablec = (const unsigned char *)table;
unsigned char *outc = (unsigned char *)out;
unsigned char mask;
memset(out, 0, rowsize);
/* Note idx may underflow - but that is well defined */
for (i = 0; i < numrows; i++, idx--) {
mask = (unsigned char)constant_time_is_zero_s(idx);
for (j = 0; j < rowsize; j++)
*(outc + j) |= constant_time_select_8(mask, *(tablec++), 0);
}
}
/*
* Expected usage pattern is to unconditionally set error and then
* wipe it if there was no actual error. |clear| is 1 or 0.
*/
void err_clear_last_constant_time(int clear);
#endif /* OSSL_INTERNAL_CONSTANT_TIME_H */

View File

@ -0,0 +1,99 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_CRYPTLIB_H
# define OSSL_INTERNAL_CRYPTLIB_H
# include <stdlib.h>
# include <string.h>
# ifdef OPENSSL_USE_APPLINK
# undef BIO_FLAGS_UPLINK
# define BIO_FLAGS_UPLINK 0x8000
# include "ms/uplink.h"
# endif
# include <openssl/crypto.h>
# include <openssl/buffer.h>
# include <openssl/bio.h>
# include <openssl/err.h>
# include "internal/nelem.h"
#ifdef NDEBUG
# define ossl_assert(x) ((x) != 0)
#else
__owur static ossl_inline int ossl_assert_int(int expr, const char *exprstr,
const char *file, int line)
{
if (!expr)
OPENSSL_die(exprstr, file, line);
return expr;
}
# define ossl_assert(x) ossl_assert_int((x) != 0, "Assertion failed: "#x, \
__FILE__, __LINE__)
#endif
typedef struct ex_callback_st EX_CALLBACK;
DEFINE_STACK_OF(EX_CALLBACK)
typedef struct app_mem_info_st APP_INFO;
typedef struct mem_st MEM;
DEFINE_LHASH_OF(MEM);
# define OPENSSL_CONF "openssl.cnf"
# ifndef OPENSSL_SYS_VMS
# define X509_CERT_AREA OPENSSLDIR
# define X509_CERT_DIR OPENSSLDIR "/certs"
# define X509_CERT_FILE OPENSSLDIR "/cert.pem"
# define X509_PRIVATE_DIR OPENSSLDIR "/private"
# define CTLOG_FILE OPENSSLDIR "/ct_log_list.cnf"
# else
# define X509_CERT_AREA "OSSL$DATAROOT:[000000]"
# define X509_CERT_DIR "OSSL$DATAROOT:[CERTS]"
# define X509_CERT_FILE "OSSL$DATAROOT:[000000]cert.pem"
# define X509_PRIVATE_DIR "OSSL$DATAROOT:[PRIVATE]"
# define CTLOG_FILE "OSSL$DATAROOT:[000000]ct_log_list.cnf"
# endif
# define X509_CERT_DIR_EVP "SSL_CERT_DIR"
# define X509_CERT_FILE_EVP "SSL_CERT_FILE"
# define CTLOG_FILE_EVP "CTLOG_FILE"
/* size of string representations */
# define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1)
# define HEX_SIZE(type) (sizeof(type)*2)
void OPENSSL_cpuid_setup(void);
extern unsigned int OPENSSL_ia32cap_P[];
void OPENSSL_showfatal(const char *fmta, ...);
void crypto_cleanup_all_ex_data_int(void);
int openssl_init_fork_handlers(void);
int openssl_get_fork_id(void);
char *ossl_safe_getenv(const char *name);
extern CRYPTO_RWLOCK *memdbg_lock;
int openssl_strerror_r(int errnum, char *buf, size_t buflen);
# if !defined(OPENSSL_NO_STDIO)
FILE *openssl_fopen(const char *filename, const char *mode);
# else
void *openssl_fopen(const char *filename, const char *mode);
# endif
uint32_t OPENSSL_rdtsc(void);
size_t OPENSSL_instrument_bus(unsigned int *, size_t);
size_t OPENSSL_instrument_bus2(unsigned int *, size_t, size_t);
#endif

View File

@ -0,0 +1,103 @@
/*
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_DANE_H
#define OSSL_INTERNAL_DANE_H
#include <openssl/safestack.h>
/*-
* Certificate usages:
* https://tools.ietf.org/html/rfc6698#section-2.1.1
*/
#define DANETLS_USAGE_PKIX_TA 0
#define DANETLS_USAGE_PKIX_EE 1
#define DANETLS_USAGE_DANE_TA 2
#define DANETLS_USAGE_DANE_EE 3
#define DANETLS_USAGE_LAST DANETLS_USAGE_DANE_EE
/*-
* Selectors:
* https://tools.ietf.org/html/rfc6698#section-2.1.2
*/
#define DANETLS_SELECTOR_CERT 0
#define DANETLS_SELECTOR_SPKI 1
#define DANETLS_SELECTOR_LAST DANETLS_SELECTOR_SPKI
/*-
* Matching types:
* https://tools.ietf.org/html/rfc6698#section-2.1.3
*/
#define DANETLS_MATCHING_FULL 0
#define DANETLS_MATCHING_2256 1
#define DANETLS_MATCHING_2512 2
#define DANETLS_MATCHING_LAST DANETLS_MATCHING_2512
typedef struct danetls_record_st {
uint8_t usage;
uint8_t selector;
uint8_t mtype;
unsigned char *data;
size_t dlen;
EVP_PKEY *spki;
} danetls_record;
DEFINE_STACK_OF(danetls_record)
/*
* Shared DANE context
*/
struct dane_ctx_st {
const EVP_MD **mdevp; /* mtype -> digest */
uint8_t *mdord; /* mtype -> preference */
uint8_t mdmax; /* highest supported mtype */
unsigned long flags; /* feature bitmask */
};
/*
* Per connection DANE state
*/
struct ssl_dane_st {
struct dane_ctx_st *dctx;
STACK_OF(danetls_record) *trecs;
STACK_OF(X509) *certs; /* DANE-TA(2) Cert(0) Full(0) certs */
danetls_record *mtlsa; /* Matching TLSA record */
X509 *mcert; /* DANE matched cert */
uint32_t umask; /* Usages present */
int mdpth; /* Depth of matched cert */
int pdpth; /* Depth of PKIX trust */
unsigned long flags; /* feature bitmask */
};
#define DANETLS_ENABLED(dane) \
((dane) != NULL && sk_danetls_record_num((dane)->trecs) > 0)
#define DANETLS_USAGE_BIT(u) (((uint32_t)1) << u)
#define DANETLS_PKIX_TA_MASK (DANETLS_USAGE_BIT(DANETLS_USAGE_PKIX_TA))
#define DANETLS_PKIX_EE_MASK (DANETLS_USAGE_BIT(DANETLS_USAGE_PKIX_EE))
#define DANETLS_DANE_TA_MASK (DANETLS_USAGE_BIT(DANETLS_USAGE_DANE_TA))
#define DANETLS_DANE_EE_MASK (DANETLS_USAGE_BIT(DANETLS_USAGE_DANE_EE))
#define DANETLS_PKIX_MASK (DANETLS_PKIX_TA_MASK | DANETLS_PKIX_EE_MASK)
#define DANETLS_DANE_MASK (DANETLS_DANE_TA_MASK | DANETLS_DANE_EE_MASK)
#define DANETLS_TA_MASK (DANETLS_PKIX_TA_MASK | DANETLS_DANE_TA_MASK)
#define DANETLS_EE_MASK (DANETLS_PKIX_EE_MASK | DANETLS_DANE_EE_MASK)
#define DANETLS_HAS_PKIX(dane) ((dane) && ((dane)->umask & DANETLS_PKIX_MASK))
#define DANETLS_HAS_DANE(dane) ((dane) && ((dane)->umask & DANETLS_DANE_MASK))
#define DANETLS_HAS_TA(dane) ((dane) && ((dane)->umask & DANETLS_TA_MASK))
#define DANETLS_HAS_EE(dane) ((dane) && ((dane)->umask & DANETLS_EE_MASK))
#define DANETLS_HAS_PKIX_TA(dane) ((dane)&&((dane)->umask & DANETLS_PKIX_TA_MASK))
#define DANETLS_HAS_PKIX_EE(dane) ((dane)&&((dane)->umask & DANETLS_PKIX_EE_MASK))
#define DANETLS_HAS_DANE_TA(dane) ((dane)&&((dane)->umask & DANETLS_DANE_TA_MASK))
#define DANETLS_HAS_DANE_EE(dane) ((dane)&&((dane)->umask & DANETLS_DANE_EE_MASK))
#endif /* OSSL_INTERNAL_DANE_H */

View File

@ -0,0 +1,165 @@
/*
* Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_DSO_H
# define OSSL_INTERNAL_DSO_H
# include <openssl/crypto.h>
# include "internal/dsoerr.h"
/* These values are used as commands to DSO_ctrl() */
# define DSO_CTRL_GET_FLAGS 1
# define DSO_CTRL_SET_FLAGS 2
# define DSO_CTRL_OR_FLAGS 3
/*
* By default, DSO_load() will translate the provided filename into a form
* typical for the platform using the dso_name_converter function of the
* method. Eg. win32 will transform "blah" into "blah.dll", and dlfcn will
* transform it into "libblah.so". This callback could even utilise the
* DSO_METHOD's converter too if it only wants to override behaviour for
* one or two possible DSO methods. However, the following flag can be
* set in a DSO to prevent *any* native name-translation at all - eg. if
* the caller has prompted the user for a path to a driver library so the
* filename should be interpreted as-is.
*/
# define DSO_FLAG_NO_NAME_TRANSLATION 0x01
/*
* An extra flag to give if only the extension should be added as
* translation. This is obviously only of importance on Unix and other
* operating systems where the translation also may prefix the name with
* something, like 'lib', and ignored everywhere else. This flag is also
* ignored if DSO_FLAG_NO_NAME_TRANSLATION is used at the same time.
*/
# define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02
/*
* Don't unload the DSO when we call DSO_free()
*/
# define DSO_FLAG_NO_UNLOAD_ON_FREE 0x04
/*
* This flag loads the library with public symbols. Meaning: The exported
* symbols of this library are public to all libraries loaded after this
* library. At the moment only implemented in unix.
*/
# define DSO_FLAG_GLOBAL_SYMBOLS 0x20
typedef void (*DSO_FUNC_TYPE) (void);
typedef struct dso_st DSO;
typedef struct dso_meth_st DSO_METHOD;
/*
* The function prototype used for method functions (or caller-provided
* callbacks) that transform filenames. They are passed a DSO structure
* pointer (or NULL if they are to be used independently of a DSO object) and
* a filename to transform. They should either return NULL (if there is an
* error condition) or a newly allocated string containing the transformed
* form that the caller will need to free with OPENSSL_free() when done.
*/
typedef char *(*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
/*
* The function prototype used for method functions (or caller-provided
* callbacks) that merge two file specifications. They are passed a DSO
* structure pointer (or NULL if they are to be used independently of a DSO
* object) and two file specifications to merge. They should either return
* NULL (if there is an error condition) or a newly allocated string
* containing the result of merging that the caller will need to free with
* OPENSSL_free() when done. Here, merging means that bits and pieces are
* taken from each of the file specifications and added together in whatever
* fashion that is sensible for the DSO method in question. The only rule
* that really applies is that if the two specification contain pieces of the
* same type, the copy from the first string takes priority. One could see
* it as the first specification is the one given by the user and the second
* being a bunch of defaults to add on if they're missing in the first.
*/
typedef char *(*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
DSO *DSO_new(void);
int DSO_free(DSO *dso);
int DSO_flags(DSO *dso);
int DSO_up_ref(DSO *dso);
long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
/*
* These functions can be used to get/set the platform-independent filename
* used for a DSO. NB: set will fail if the DSO is already loaded.
*/
const char *DSO_get_filename(DSO *dso);
int DSO_set_filename(DSO *dso, const char *filename);
/*
* This function will invoke the DSO's name_converter callback to translate a
* filename, or if the callback isn't set it will instead use the DSO_METHOD's
* converter. If "filename" is NULL, the "filename" in the DSO itself will be
* used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
* simply duplicated. NB: This function is usually called from within a
* DSO_METHOD during the processing of a DSO_load() call, and is exposed so
* that caller-created DSO_METHODs can do the same thing. A non-NULL return
* value will need to be OPENSSL_free()'d.
*/
char *DSO_convert_filename(DSO *dso, const char *filename);
/*
* This function will invoke the DSO's merger callback to merge two file
* specifications, or if the callback isn't set it will instead use the
* DSO_METHOD's merger. A non-NULL return value will need to be
* OPENSSL_free()'d.
*/
char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
/*
* The all-singing all-dancing load function, you normally pass NULL for the
* first and third parameters. Use DSO_up_ref and DSO_free for subsequent
* reference count handling. Any flags passed in will be set in the
* constructed DSO after its init() function but before the load operation.
* If 'dso' is non-NULL, 'flags' is ignored.
*/
DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
/* This function binds to a function inside a shared library. */
DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
/*
* This method is the default, but will beg, borrow, or steal whatever method
* should be the default on any particular platform (including
* DSO_METH_null() if necessary).
*/
DSO_METHOD *DSO_METHOD_openssl(void);
/*
* This function writes null-terminated pathname of DSO module containing
* 'addr' into 'sz' large caller-provided 'path' and returns the number of
* characters [including trailing zero] written to it. If 'sz' is 0 or
* negative, 'path' is ignored and required amount of characters [including
* trailing zero] to accommodate pathname is returned. If 'addr' is NULL, then
* pathname of cryptolib itself is returned. Negative or zero return value
* denotes error.
*/
int DSO_pathbyaddr(void *addr, char *path, int sz);
/*
* Like DSO_pathbyaddr() but instead returns a handle to the DSO for the symbol
* or NULL on error.
*/
DSO *DSO_dsobyaddr(void *addr, int flags);
/*
* This function should be used with caution! It looks up symbols in *all*
* loaded modules and if module gets unloaded by somebody else attempt to
* dereference the pointer is doomed to have fatal consequences. Primary
* usage for this function is to probe *core* system functionality, e.g.
* check if getnameinfo(3) is available at run-time without bothering about
* OS-specific details such as libc.so.versioning or where does it actually
* reside: in libc itself or libsocket.
*/
void *DSO_global_lookup(const char *name);
int ERR_load_DSO_strings(void);
#endif

View File

@ -0,0 +1,82 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_DSOERR_H
# define OSSL_INTERNAL_DSOERR_H
# ifndef HEADER_SYMHACKS_H
# include <openssl/symhacks.h>
# endif
# ifdef __cplusplus
extern "C"
# endif
int ERR_load_DSO_strings(void);
/*
* DSO function codes.
*/
# define DSO_F_DLFCN_BIND_FUNC 100
# define DSO_F_DLFCN_LOAD 102
# define DSO_F_DLFCN_MERGER 130
# define DSO_F_DLFCN_NAME_CONVERTER 123
# define DSO_F_DLFCN_UNLOAD 103
# define DSO_F_DL_BIND_FUNC 104
# define DSO_F_DL_LOAD 106
# define DSO_F_DL_MERGER 131
# define DSO_F_DL_NAME_CONVERTER 124
# define DSO_F_DL_UNLOAD 107
# define DSO_F_DSO_BIND_FUNC 108
# define DSO_F_DSO_CONVERT_FILENAME 126
# define DSO_F_DSO_CTRL 110
# define DSO_F_DSO_FREE 111
# define DSO_F_DSO_GET_FILENAME 127
# define DSO_F_DSO_GLOBAL_LOOKUP 139
# define DSO_F_DSO_LOAD 112
# define DSO_F_DSO_MERGE 132
# define DSO_F_DSO_NEW_METHOD 113
# define DSO_F_DSO_PATHBYADDR 105
# define DSO_F_DSO_SET_FILENAME 129
# define DSO_F_DSO_UP_REF 114
# define DSO_F_VMS_BIND_SYM 115
# define DSO_F_VMS_LOAD 116
# define DSO_F_VMS_MERGER 133
# define DSO_F_VMS_UNLOAD 117
# define DSO_F_WIN32_BIND_FUNC 101
# define DSO_F_WIN32_GLOBALLOOKUP 142
# define DSO_F_WIN32_JOINER 135
# define DSO_F_WIN32_LOAD 120
# define DSO_F_WIN32_MERGER 134
# define DSO_F_WIN32_NAME_CONVERTER 125
# define DSO_F_WIN32_PATHBYADDR 109
# define DSO_F_WIN32_SPLITTER 136
# define DSO_F_WIN32_UNLOAD 121
/*
* DSO reason codes.
*/
# define DSO_R_CTRL_FAILED 100
# define DSO_R_DSO_ALREADY_LOADED 110
# define DSO_R_EMPTY_FILE_STRUCTURE 113
# define DSO_R_FAILURE 114
# define DSO_R_FILENAME_TOO_BIG 101
# define DSO_R_FINISH_FAILED 102
# define DSO_R_INCORRECT_FILE_SYNTAX 115
# define DSO_R_LOAD_FAILED 103
# define DSO_R_NAME_TRANSLATION_FAILED 109
# define DSO_R_NO_FILENAME 111
# define DSO_R_NULL_HANDLE 104
# define DSO_R_SET_FILENAME_FAILED 112
# define DSO_R_STACK_ERROR 105
# define DSO_R_SYM_FAILURE 106
# define DSO_R_UNLOAD_FAILED 107
# define DSO_R_UNSUPPORTED 108
#endif

View File

@ -0,0 +1,15 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_ERR_H
# define OSSL_INTERNAL_ERR_H
void err_free_strings_int(void);
#endif

View File

@ -0,0 +1,14 @@
/*
* Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_NELEM_H
# define OSSL_INTERNAL_NELEM_H
# define OSSL_NELEM(x) (sizeof(x)/sizeof((x)[0]))
#endif

View File

@ -0,0 +1,68 @@
/*
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_NUMBERS_H
# define OSSL_INTERNAL_NUMBERS_H
# include <limits.h>
# if (-1 & 3) == 0x03 /* Two's complement */
# define __MAXUINT__(T) ((T) -1)
# define __MAXINT__(T) ((T) ((((T) 1) << ((sizeof(T) * CHAR_BIT) - 1)) ^ __MAXUINT__(T)))
# define __MININT__(T) (-__MAXINT__(T) - 1)
# elif (-1 & 3) == 0x02 /* One's complement */
# define __MAXUINT__(T) (((T) -1) + 1)
# define __MAXINT__(T) ((T) ((((T) 1) << ((sizeof(T) * CHAR_BIT) - 1)) ^ __MAXUINT__(T)))
# define __MININT__(T) (-__MAXINT__(T))
# elif (-1 & 3) == 0x01 /* Sign/magnitude */
# define __MAXINT__(T) ((T) (((((T) 1) << ((sizeof(T) * CHAR_BIT) - 2)) - 1) | (((T) 1) << ((sizeof(T) * CHAR_BIT) - 2))))
# define __MAXUINT__(T) ((T) (__MAXINT__(T) | (((T) 1) << ((sizeof(T) * CHAR_BIT) - 1))))
# define __MININT__(T) (-__MAXINT__(T))
# else
# error "do not know the integer encoding on this architecture"
# endif
# ifndef INT8_MAX
# define INT8_MIN __MININT__(int8_t)
# define INT8_MAX __MAXINT__(int8_t)
# define UINT8_MAX __MAXUINT__(uint8_t)
# endif
# ifndef INT16_MAX
# define INT16_MIN __MININT__(int16_t)
# define INT16_MAX __MAXINT__(int16_t)
# define UINT16_MAX __MAXUINT__(uint16_t)
# endif
# ifndef INT32_MAX
# define INT32_MIN __MININT__(int32_t)
# define INT32_MAX __MAXINT__(int32_t)
# define UINT32_MAX __MAXUINT__(uint32_t)
# endif
# ifndef INT64_MAX
# define INT64_MIN __MININT__(int64_t)
# define INT64_MAX __MAXINT__(int64_t)
# define UINT64_MAX __MAXUINT__(uint64_t)
# endif
# ifndef SIZE_MAX
# define SIZE_MAX __MAXUINT__(size_t)
# endif
#endif

View File

@ -0,0 +1,52 @@
/*
* Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This file is dual-licensed and is also available under the following
* terms:
*
* Copyright (c) 2004, Richard Levitte <richard@levitte.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef OSSL_INTERNAL_O_DIR_H
# define OSSL_INTERNAL_O_DIR_H
typedef struct OPENSSL_dir_context_st OPENSSL_DIR_CTX;
/*
* returns NULL on error or end-of-directory. If it is end-of-directory,
* errno will be zero
*/
const char *OPENSSL_DIR_read(OPENSSL_DIR_CTX **ctx, const char *directory);
/* returns 1 on success, 0 on error */
int OPENSSL_DIR_end(OPENSSL_DIR_CTX **ctx);
#endif /* LPDIR_H */

View File

@ -0,0 +1,17 @@
/*
* Copyright 2003-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_O_STR_H
# define OSSL_INTERNAL_O_STR_H
# include <stddef.h> /* to get size_t */
int OPENSSL_memcmp(const void *p1, const void *p2, size_t n);
#endif

View File

@ -0,0 +1,150 @@
/*
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_REFCOUNT_H
# define OSSL_INTERNAL_REFCOUNT_H
/* Used to checking reference counts, most while doing perl5 stuff :-) */
# if defined(OPENSSL_NO_STDIO)
# if defined(REF_PRINT)
# error "REF_PRINT requires stdio"
# endif
# endif
# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L \
&& !defined(__STDC_NO_ATOMICS__)
# include <stdatomic.h>
# define HAVE_C11_ATOMICS
# endif
# if defined(HAVE_C11_ATOMICS) && defined(ATOMIC_INT_LOCK_FREE) \
&& ATOMIC_INT_LOCK_FREE > 0
# define HAVE_ATOMICS 1
typedef _Atomic int CRYPTO_REF_COUNT;
static inline int CRYPTO_UP_REF(_Atomic int *val, int *ret, void *lock)
{
*ret = atomic_fetch_add_explicit(val, 1, memory_order_relaxed) + 1;
return 1;
}
/*
* Changes to shared structure other than reference counter have to be
* serialized. And any kind of serialization implies a release fence. This
* means that by the time reference counter is decremented all other
* changes are visible on all processors. Hence decrement itself can be
* relaxed. In case it hits zero, object will be destructed. Since it's
* last use of the object, destructor programmer might reason that access
* to mutable members doesn't have to be serialized anymore, which would
* otherwise imply an acquire fence. Hence conditional acquire fence...
*/
static inline int CRYPTO_DOWN_REF(_Atomic int *val, int *ret, void *lock)
{
*ret = atomic_fetch_sub_explicit(val, 1, memory_order_relaxed) - 1;
if (*ret == 0)
atomic_thread_fence(memory_order_acquire);
return 1;
}
# elif defined(__GNUC__) && defined(__ATOMIC_RELAXED) && __GCC_ATOMIC_INT_LOCK_FREE > 0
# define HAVE_ATOMICS 1
typedef int CRYPTO_REF_COUNT;
static __inline__ int CRYPTO_UP_REF(int *val, int *ret, void *lock)
{
*ret = __atomic_fetch_add(val, 1, __ATOMIC_RELAXED) + 1;
return 1;
}
static __inline__ int CRYPTO_DOWN_REF(int *val, int *ret, void *lock)
{
*ret = __atomic_fetch_sub(val, 1, __ATOMIC_RELAXED) - 1;
if (*ret == 0)
__atomic_thread_fence(__ATOMIC_ACQUIRE);
return 1;
}
# elif defined(_MSC_VER) && _MSC_VER>=1200
# define HAVE_ATOMICS 1
typedef volatile int CRYPTO_REF_COUNT;
# if (defined(_M_ARM) && _M_ARM>=7 && !defined(_WIN32_WCE)) || defined(_M_ARM64)
# include <intrin.h>
# if defined(_M_ARM64) && !defined(_ARM_BARRIER_ISH)
# define _ARM_BARRIER_ISH _ARM64_BARRIER_ISH
# endif
static __inline int CRYPTO_UP_REF(volatile int *val, int *ret, void *lock)
{
*ret = _InterlockedExchangeAdd_nf(val, 1) + 1;
return 1;
}
static __inline int CRYPTO_DOWN_REF(volatile int *val, int *ret, void *lock)
{
*ret = _InterlockedExchangeAdd_nf(val, -1) - 1;
if (*ret == 0)
__dmb(_ARM_BARRIER_ISH);
return 1;
}
# else
# if !defined(_WIN32_WCE)
# pragma intrinsic(_InterlockedExchangeAdd)
# else
# if _WIN32_WCE >= 0x600
extern long __cdecl _InterlockedExchangeAdd(long volatile*, long);
# else
/* under Windows CE we still have old-style Interlocked* functions */
extern long __cdecl InterlockedExchangeAdd(long volatile*, long);
# define _InterlockedExchangeAdd InterlockedExchangeAdd
# endif
# endif
static __inline int CRYPTO_UP_REF(volatile int *val, int *ret, void *lock)
{
*ret = _InterlockedExchangeAdd(val, 1) + 1;
return 1;
}
static __inline int CRYPTO_DOWN_REF(volatile int *val, int *ret, void *lock)
{
*ret = _InterlockedExchangeAdd(val, -1) - 1;
return 1;
}
# endif
# else
typedef int CRYPTO_REF_COUNT;
# define CRYPTO_UP_REF(val, ret, lock) CRYPTO_atomic_add(val, 1, ret, lock)
# define CRYPTO_DOWN_REF(val, ret, lock) CRYPTO_atomic_add(val, -1, ret, lock)
# endif
# if !defined(NDEBUG) && !defined(OPENSSL_NO_STDIO)
# define REF_ASSERT_ISNT(test) \
(void)((test) ? (OPENSSL_die("refcount error", __FILE__, __LINE__), 1) : 0)
# else
# define REF_ASSERT_ISNT(i)
# endif
# ifdef REF_PRINT
# define REF_PRINT_COUNT(a, b) \
fprintf(stderr, "%p:%4d:%s\n", b, b->references, a)
# else
# define REF_PRINT_COUNT(a, b)
# endif
#endif

View File

@ -0,0 +1,157 @@
/*
* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_SOCKETS_H
# define OSSL_INTERNAL_SOCKETS_H
# if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)
# define NO_SYS_PARAM_H
# endif
# ifdef WIN32
# define NO_SYS_UN_H
# endif
# ifdef OPENSSL_SYS_VMS
# define NO_SYS_PARAM_H
# define NO_SYS_UN_H
# endif
# ifdef OPENSSL_NO_SOCK
# elif defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
# if defined(__DJGPP__)
# include <sys/socket.h>
# include <sys/un.h>
# include <tcp.h>
# include <netdb.h>
# include <arpa/inet.h>
# include <netinet/tcp.h>
# elif defined(_WIN32_WCE) && _WIN32_WCE<410
# define getservbyname _masked_declaration_getservbyname
# endif
# if !defined(IPPROTO_IP)
/* winsock[2].h was included already? */
# include <winsock.h>
# endif
# ifdef getservbyname
/* this is used to be wcecompat/include/winsock_extras.h */
# undef getservbyname
struct servent *PASCAL getservbyname(const char *, const char *);
# endif
# ifdef _WIN64
/*
* Even though sizeof(SOCKET) is 8, it's safe to cast it to int, because
* the value constitutes an index in per-process table of limited size
* and not a real pointer. And we also depend on fact that all processors
* Windows run on happen to be two's-complement, which allows to
* interchange INVALID_SOCKET and -1.
*/
# define socket(d,t,p) ((int)socket(d,t,p))
# define accept(s,f,l) ((int)accept(s,f,l))
# endif
# else
# ifndef NO_SYS_PARAM_H
# include <sys/param.h>
# endif
# ifdef OPENSSL_SYS_VXWORKS
# include <time.h>
# endif
# include <netdb.h>
# if defined(OPENSSL_SYS_VMS_NODECC)
# include <socket.h>
# include <in.h>
# include <inet.h>
# else
# include <sys/socket.h>
# ifndef NO_SYS_UN_H
# include <sys/un.h>
# ifndef UNIX_PATH_MAX
# define UNIX_PATH_MAX sizeof(((struct sockaddr_un *)NULL)->sun_path)
# endif
# endif
# ifdef FILIO_H
# include <sys/filio.h> /* FIONBIO in some SVR4, e.g. unixware, solaris */
# endif
# include <netinet/in.h>
# include <arpa/inet.h>
# include <netinet/tcp.h>
# endif
# ifdef OPENSSL_SYS_AIX
# include <sys/select.h>
# endif
# ifndef VMS
# include <sys/ioctl.h>
# else
# if !defined(TCPIP_TYPE_SOCKETSHR) && defined(__VMS_VER) && (__VMS_VER > 70000000)
/* ioctl is only in VMS > 7.0 and when socketshr is not used */
# include <sys/ioctl.h>
# endif
# include <unixio.h>
# if defined(TCPIP_TYPE_SOCKETSHR)
# include <socketshr.h>
# endif
# endif
# ifndef INVALID_SOCKET
# define INVALID_SOCKET (-1)
# endif
# endif
/*
* Some IPv6 implementations are broken, you can disable them in known
* bad versions.
*/
# if !defined(OPENSSL_USE_IPV6)
# if defined(AF_INET6)
# define OPENSSL_USE_IPV6 1
# else
# define OPENSSL_USE_IPV6 0
# endif
# endif
# define get_last_socket_error() errno
# define clear_socket_error() errno=0
# if defined(OPENSSL_SYS_WINDOWS)
# undef get_last_socket_error
# undef clear_socket_error
# define get_last_socket_error() WSAGetLastError()
# define clear_socket_error() WSASetLastError(0)
# define readsocket(s,b,n) recv((s),(b),(n),0)
# define writesocket(s,b,n) send((s),(b),(n),0)
# elif defined(__DJGPP__)
# define WATT32
# define WATT32_NO_OLDIES
# define closesocket(s) close_s(s)
# define readsocket(s,b,n) read_s(s,b,n)
# define writesocket(s,b,n) send(s,b,n,0)
# elif defined(OPENSSL_SYS_VMS)
# define ioctlsocket(a,b,c) ioctl(a,b,c)
# define closesocket(s) close(s)
# define readsocket(s,b,n) recv((s),(b),(n),0)
# define writesocket(s,b,n) send((s),(b),(n),0)
# elif defined(OPENSSL_SYS_VXWORKS)
# define ioctlsocket(a,b,c) ioctl((a),(b),(int)(c))
# define closesocket(s) close(s)
# define readsocket(s,b,n) read((s),(b),(n))
# define writesocket(s,b,n) write((s),(char *)(b),(n))
# else
# define ioctlsocket(a,b,c) ioctl(a,b,c)
# define closesocket(s) close(s)
# define readsocket(s,b,n) read((s),(b),(n))
# define writesocket(s,b,n) write((s),(b),(n))
# endif
#endif

View File

@ -0,0 +1,20 @@
/*
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_SSLCONF_H
# define OSSL_INTERNAL_SSLCONF_H
typedef struct ssl_conf_cmd_st SSL_CONF_CMD;
const SSL_CONF_CMD *conf_ssl_get(size_t idx, const char **name, size_t *cnt);
int conf_ssl_name_find(const char *name, size_t *idx);
void conf_ssl_get_cmd(const SSL_CONF_CMD *cmd, size_t idx, char **cmdstr,
char **arg);
#endif

View File

@ -0,0 +1,137 @@
/*
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/crypto.h>
/*
* DEFINE_RUN_ONCE: Define an initialiser function that should be run exactly
* once. It takes no arguments and returns and int result (1 for success or
* 0 for failure). Typical usage might be:
*
* DEFINE_RUN_ONCE(myinitfunc)
* {
* do_some_initialisation();
* if (init_is_successful())
* return 1;
*
* return 0;
* }
*/
#define DEFINE_RUN_ONCE(init) \
static int init(void); \
int init##_ossl_ret_ = 0; \
void init##_ossl_(void) \
{ \
init##_ossl_ret_ = init(); \
} \
static int init(void)
/*
* DECLARE_RUN_ONCE: Declare an initialiser function that should be run exactly
* once that has been defined in another file via DEFINE_RUN_ONCE().
*/
#define DECLARE_RUN_ONCE(init) \
extern int init##_ossl_ret_; \
void init##_ossl_(void);
/*
* DEFINE_RUN_ONCE_STATIC: Define an initialiser function that should be run
* exactly once. This function will be declared as static within the file. It
* takes no arguments and returns and int result (1 for success or 0 for
* failure). Typical usage might be:
*
* DEFINE_RUN_ONCE_STATIC(myinitfunc)
* {
* do_some_initialisation();
* if (init_is_successful())
* return 1;
*
* return 0;
* }
*/
#define DEFINE_RUN_ONCE_STATIC(init) \
static int init(void); \
static int init##_ossl_ret_ = 0; \
static void init##_ossl_(void) \
{ \
init##_ossl_ret_ = init(); \
} \
static int init(void)
/*
* DEFINE_RUN_ONCE_STATIC_ALT: Define an alternative initialiser function. This
* function will be declared as static within the file. It takes no arguments
* and returns an int result (1 for success or 0 for failure). An alternative
* initialiser function is expected to be associated with a primary initialiser
* function defined via DEFINE_ONCE_STATIC where both functions use the same
* CRYPTO_ONCE object to synchronise. Where an alternative initialiser function
* is used only one of the primary or the alternative initialiser function will
* ever be called - and that function will be called exactly once. Definition
* of an alternative initialiser function MUST occur AFTER the definition of the
* primary initialiser function.
*
* Typical usage might be:
*
* DEFINE_RUN_ONCE_STATIC(myinitfunc)
* {
* do_some_initialisation();
* if (init_is_successful())
* return 1;
*
* return 0;
* }
*
* DEFINE_RUN_ONCE_STATIC_ALT(myaltinitfunc, myinitfunc)
* {
* do_some_alternative_initialisation();
* if (init_is_successful())
* return 1;
*
* return 0;
* }
*/
#define DEFINE_RUN_ONCE_STATIC_ALT(initalt, init) \
static int initalt(void); \
static void initalt##_ossl_(void) \
{ \
init##_ossl_ret_ = initalt(); \
} \
static int initalt(void)
/*
* RUN_ONCE - use CRYPTO_THREAD_run_once, and check if the init succeeded
* @once: pointer to static object of type CRYPTO_ONCE
* @init: function name that was previously given to DEFINE_RUN_ONCE,
* DEFINE_RUN_ONCE_STATIC or DECLARE_RUN_ONCE. This function
* must return 1 for success or 0 for failure.
*
* The return value is 1 on success (*) or 0 in case of error.
*
* (*) by convention, since the init function must return 1 on success.
*/
#define RUN_ONCE(once, init) \
(CRYPTO_THREAD_run_once(once, init##_ossl_) ? init##_ossl_ret_ : 0)
/*
* RUN_ONCE_ALT - use CRYPTO_THREAD_run_once, to run an alternative initialiser
* function and check if that initialisation succeeded
* @once: pointer to static object of type CRYPTO_ONCE
* @initalt: alternative initialiser function name that was previously given to
* DEFINE_RUN_ONCE_STATIC_ALT. This function must return 1 for
* success or 0 for failure.
* @init: primary initialiser function name that was previously given to
* DEFINE_RUN_ONCE_STATIC. This function must return 1 for success or
* 0 for failure.
*
* The return value is 1 on success (*) or 0 in case of error.
*
* (*) by convention, since the init function must return 1 on success.
*/
#define RUN_ONCE_ALT(once, initalt, init) \
(CRYPTO_THREAD_run_once(once, initalt##_ossl_) ? init##_ossl_ret_ : 0)

View File

@ -0,0 +1,144 @@
/*
* Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Contemporary compilers implement lock-free atomic memory access
* primitives that facilitate writing "thread-opportunistic" or even real
* multi-threading low-overhead code. "Thread-opportunistic" is when
* exact result is not required, e.g. some statistics, or execution flow
* doesn't have to be unambiguous. Simplest example is lazy "constant"
* initialization when one can synchronize on variable itself, e.g.
*
* if (var == NOT_YET_INITIALIZED)
* var = function_returning_same_value();
*
* This does work provided that loads and stores are single-instruction
* operations (and integer ones are on *all* supported platforms), but
* it upsets Thread Sanitizer. Suggested solution is
*
* if (tsan_load(&var) == NOT_YET_INITIALIZED)
* tsan_store(&var, function_returning_same_value());
*
* Production machine code would be the same, so one can wonder why
* bother. Having Thread Sanitizer accept "thread-opportunistic" code
* allows to move on trouble-shooting real bugs.
*
* Resolving Thread Sanitizer nits was the initial purpose for this module,
* but it was later extended with more nuanced primitives that are useful
* even in "non-opportunistic" scenarios. Most notably verifying if a shared
* structure is fully initialized and bypassing the initialization lock.
* It's suggested to view macros defined in this module as "annotations" for
* thread-safe lock-free code, "Thread-Safe ANnotations"...
*
* It's assumed that ATOMIC_{LONG|INT}_LOCK_FREE are assigned same value as
* ATOMIC_POINTER_LOCK_FREE. And check for >= 2 ensures that corresponding
* code is inlined. It should be noted that statistics counters become
* accurate in such case.
*
* Special note about TSAN_QUALIFIER. It might be undesired to use it in
* a shared header. Because whether operation on specific variable or member
* is atomic or not might be irrelevant in other modules. In such case one
* can use TSAN_QUALIFIER in cast specifically when it has to count.
*/
#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L \
&& !defined(__STDC_NO_ATOMICS__)
# include <stdatomic.h>
# if defined(ATOMIC_POINTER_LOCK_FREE) \
&& ATOMIC_POINTER_LOCK_FREE >= 2
# define TSAN_QUALIFIER _Atomic
# define tsan_load(ptr) atomic_load_explicit((ptr), memory_order_relaxed)
# define tsan_store(ptr, val) atomic_store_explicit((ptr), (val), memory_order_relaxed)
# define tsan_counter(ptr) atomic_fetch_add_explicit((ptr), 1, memory_order_relaxed)
# define tsan_decr(ptr) atomic_fetch_add_explicit((ptr), -1, memory_order_relaxed)
# define tsan_ld_acq(ptr) atomic_load_explicit((ptr), memory_order_acquire)
# define tsan_st_rel(ptr, val) atomic_store_explicit((ptr), (val), memory_order_release)
# endif
#elif defined(__GNUC__) && defined(__ATOMIC_RELAXED)
# if defined(__GCC_ATOMIC_POINTER_LOCK_FREE) \
&& __GCC_ATOMIC_POINTER_LOCK_FREE >= 2
# define TSAN_QUALIFIER volatile
# define tsan_load(ptr) __atomic_load_n((ptr), __ATOMIC_RELAXED)
# define tsan_store(ptr, val) __atomic_store_n((ptr), (val), __ATOMIC_RELAXED)
# define tsan_counter(ptr) __atomic_fetch_add((ptr), 1, __ATOMIC_RELAXED)
# define tsan_decr(ptr) __atomic_fetch_add((ptr), -1, __ATOMIC_RELAXED)
# define tsan_ld_acq(ptr) __atomic_load_n((ptr), __ATOMIC_ACQUIRE)
# define tsan_st_rel(ptr, val) __atomic_store_n((ptr), (val), __ATOMIC_RELEASE)
# endif
#elif defined(_MSC_VER) && _MSC_VER>=1200 \
&& (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
defined(_M_ARM64) || (defined(_M_ARM) && _M_ARM >= 7 && !defined(_WIN32_WCE)))
/*
* There is subtle dependency on /volatile:<iso|ms> command-line option.
* "ms" implies same semantic as memory_order_acquire for loads and
* memory_order_release for stores, while "iso" - memory_order_relaxed for
* either. Real complication is that defaults are different on x86 and ARM.
* There is explanation for that, "ms" is backward compatible with earlier
* compiler versions, while multi-processor ARM can be viewed as brand new
* platform to MSC and its users, and with non-relaxed semantic taking toll
* with additional instructions and penalties, it kind of makes sense to
* default to "iso"...
*/
# define TSAN_QUALIFIER volatile
# if defined(_M_ARM) || defined(_M_ARM64)
# define _InterlockedExchangeAdd _InterlockedExchangeAdd_nf
# pragma intrinsic(_InterlockedExchangeAdd_nf)
# pragma intrinsic(__iso_volatile_load32, __iso_volatile_store32)
# ifdef _WIN64
# define _InterlockedExchangeAdd64 _InterlockedExchangeAdd64_nf
# pragma intrinsic(_InterlockedExchangeAdd64_nf)
# pragma intrinsic(__iso_volatile_load64, __iso_volatile_store64)
# define tsan_load(ptr) (sizeof(*(ptr)) == 8 ? __iso_volatile_load64(ptr) \
: __iso_volatile_load32(ptr))
# define tsan_store(ptr, val) (sizeof(*(ptr)) == 8 ? __iso_volatile_store64((ptr), (val)) \
: __iso_volatile_store32((ptr), (val)))
# else
# define tsan_load(ptr) __iso_volatile_load32(ptr)
# define tsan_store(ptr, val) __iso_volatile_store32((ptr), (val))
# endif
# else
# define tsan_load(ptr) (*(ptr))
# define tsan_store(ptr, val) (*(ptr) = (val))
# endif
# pragma intrinsic(_InterlockedExchangeAdd)
# ifdef _WIN64
# pragma intrinsic(_InterlockedExchangeAdd64)
# define tsan_counter(ptr) (sizeof(*(ptr)) == 8 ? _InterlockedExchangeAdd64((ptr), 1) \
: _InterlockedExchangeAdd((ptr), 1))
# define tsan_decr(ptr) (sizeof(*(ptr)) == 8 ? _InterlockedExchangeAdd64((ptr), -1) \
: _InterlockedExchangeAdd((ptr), -1))
# else
# define tsan_counter(ptr) _InterlockedExchangeAdd((ptr), 1)
# define tsan_decr(ptr) _InterlockedExchangeAdd((ptr), -1)
# endif
# if !defined(_ISO_VOLATILE)
# define tsan_ld_acq(ptr) (*(ptr))
# define tsan_st_rel(ptr, val) (*(ptr) = (val))
# endif
#endif
#ifndef TSAN_QUALIFIER
# define TSAN_QUALIFIER volatile
# define tsan_load(ptr) (*(ptr))
# define tsan_store(ptr, val) (*(ptr) = (val))
# define tsan_counter(ptr) ((*(ptr))++)
# define tsan_decr(ptr) ((*(ptr))--)
/*
* Lack of tsan_ld_acq and tsan_ld_rel means that compiler support is not
* sophisticated enough to support them. Code that relies on them should be
* protected with #ifdef tsan_ld_acq with locked fallback.
*/
#endif

View File

@ -0,0 +1,22 @@
/*
* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This file is only used by HP C/C++ on VMS, and is included automatically
* after each header file from this directory
*/
/*
* The C++ compiler doesn't understand these pragmas, even though it
* understands the corresponding command line qualifier.
*/
#ifndef __cplusplus
/* restore state. Must correspond to the save in __decc_include_prologue.h */
# pragma names restore
#endif

View File

@ -0,0 +1,26 @@
/*
* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This file is only used by HP C/C++ on VMS, and is included automatically
* after each header file from this directory
*/
/*
* The C++ compiler doesn't understand these pragmas, even though it
* understands the corresponding command line qualifier.
*/
#ifndef __cplusplus
/* save state */
# pragma names save
/* have the compiler shorten symbols larger than 31 chars to 23 chars
* followed by a 8 hex char CRC
*/
# pragma names as_is,shortened
#endif

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -29,6 +29,9 @@ extern "C" {
# ifndef OPENSSL_DH_MAX_MODULUS_BITS # ifndef OPENSSL_DH_MAX_MODULUS_BITS
# define OPENSSL_DH_MAX_MODULUS_BITS 10000 # define OPENSSL_DH_MAX_MODULUS_BITS 10000
# endif # endif
# ifndef OPENSSL_DH_CHECK_MAX_MODULUS_BITS
# define OPENSSL_DH_CHECK_MAX_MODULUS_BITS 32768
# endif
# define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024 # define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024

View File

@ -1,6 +1,6 @@
/* /*
* Generated by util/mkerr.pl DO NOT EDIT * Generated by util/mkerr.pl DO NOT EDIT
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -30,6 +30,7 @@ int ERR_load_DH_strings(void);
# define DH_F_COMPUTE_KEY 102 # define DH_F_COMPUTE_KEY 102
# define DH_F_DHPARAMS_PRINT_FP 101 # define DH_F_DHPARAMS_PRINT_FP 101
# define DH_F_DH_BUILTIN_GENPARAMS 106 # define DH_F_DH_BUILTIN_GENPARAMS 106
# define DH_F_DH_CHECK 126
# define DH_F_DH_CHECK_EX 121 # define DH_F_DH_CHECK_EX 121
# define DH_F_DH_CHECK_PARAMS_EX 122 # define DH_F_DH_CHECK_PARAMS_EX 122
# define DH_F_DH_CHECK_PUB_KEY_EX 123 # define DH_F_DH_CHECK_PUB_KEY_EX 123

View File

@ -0,0 +1,160 @@
/*
* {- join("\n * ", @autowarntext) -}
*
* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/opensslv.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifdef OPENSSL_ALGORITHM_DEFINES
# error OPENSSL_ALGORITHM_DEFINES no longer supported
#endif
/*
* OpenSSL was configured with the following options:
*/
{- if (@{$config{openssl_sys_defines}}) {
foreach (@{$config{openssl_sys_defines}}) {
$OUT .= "#ifndef $_\n";
$OUT .= "# define $_ 1\n";
$OUT .= "#endif\n";
}
}
foreach (@{$config{openssl_api_defines}}) {
(my $macro, my $value) = $_ =~ /^(.*?)=(.*?)$/;
$OUT .= "#define $macro $value\n";
}
if (@{$config{openssl_algorithm_defines}}) {
foreach (@{$config{openssl_algorithm_defines}}) {
$OUT .= "#ifndef $_\n";
$OUT .= "# define $_\n";
$OUT .= "#endif\n";
}
}
if (@{$config{openssl_thread_defines}}) {
foreach (@{$config{openssl_thread_defines}}) {
$OUT .= "#ifndef $_\n";
$OUT .= "# define $_\n";
$OUT .= "#endif\n";
}
}
if (@{$config{openssl_other_defines}}) {
foreach (@{$config{openssl_other_defines}}) {
$OUT .= "#ifndef $_\n";
$OUT .= "# define $_\n";
$OUT .= "#endif\n";
}
}
"";
-}
/*
* Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers
* don't like that. This will hopefully silence them.
*/
#define NON_EMPTY_TRANSLATION_UNIT static void *dummy = &dummy;
/*
* Applications should use -DOPENSSL_API_COMPAT=<version> to suppress the
* declarations of functions deprecated in or before <version>. Otherwise, they
* still won't see them if the library has been built to disable deprecated
* functions.
*/
#ifndef DECLARE_DEPRECATED
# define DECLARE_DEPRECATED(f) f;
# ifdef __GNUC__
# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
# undef DECLARE_DEPRECATED
# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
# endif
# elif defined(__SUNPRO_C)
# if (__SUNPRO_C >= 0x5130)
# undef DECLARE_DEPRECATED
# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
# endif
# endif
#endif
#ifndef OPENSSL_FILE
# ifdef OPENSSL_NO_FILENAMES
# define OPENSSL_FILE ""
# define OPENSSL_LINE 0
# else
# define OPENSSL_FILE __FILE__
# define OPENSSL_LINE __LINE__
# endif
#endif
#ifndef OPENSSL_MIN_API
# define OPENSSL_MIN_API 0
#endif
#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API
# undef OPENSSL_API_COMPAT
# define OPENSSL_API_COMPAT OPENSSL_MIN_API
#endif
/*
* Do not deprecate things to be deprecated in version 1.2.0 before the
* OpenSSL version number matches.
*/
#if OPENSSL_VERSION_NUMBER < 0x10200000L
# define DEPRECATEDIN_1_2_0(f) f;
#elif OPENSSL_API_COMPAT < 0x10200000L
# define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f)
#else
# define DEPRECATEDIN_1_2_0(f)
#endif
#if OPENSSL_API_COMPAT < 0x10100000L
# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f)
#else
# define DEPRECATEDIN_1_1_0(f)
#endif
#if OPENSSL_API_COMPAT < 0x10000000L
# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f)
#else
# define DEPRECATEDIN_1_0_0(f)
#endif
#if OPENSSL_API_COMPAT < 0x00908000L
# define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f)
#else
# define DEPRECATEDIN_0_9_8(f)
#endif
/* Generate 80386 code? */
{- $config{processor} eq "386" ? "#define" : "#undef" -} I386_ONLY
#undef OPENSSL_UNISTD
#define OPENSSL_UNISTD {- $target{unistd} -}
{- $config{export_var_as_fn} ? "#define" : "#undef" -} OPENSSL_EXPORT_VAR_AS_FUNCTION
/*
* The following are cipher-specific, but are part of the public API.
*/
#if !defined(OPENSSL_SYS_UEFI)
{- $config{bn_ll} ? "# define" : "# undef" -} BN_LLONG
/* Only one for the following should be defined */
{- $config{b64l} ? "# define" : "# undef" -} SIXTY_FOUR_BIT_LONG
{- $config{b64} ? "# define" : "# undef" -} SIXTY_FOUR_BIT
{- $config{b32} ? "# define" : "# undef" -} THIRTY_TWO_BIT
#endif
#define RC4_INT {- $config{rc4_int} -}
#ifdef __cplusplus
}
#endif

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved. * Copyright 1999-2023 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the OpenSSL license (the "License"). You may not use * Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
@ -39,8 +39,8 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta) * major minor fix final patch/beta)
*/ */
# define OPENSSL_VERSION_NUMBER 0x1010114fL # define OPENSSL_VERSION_NUMBER 0x1010117fL
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1t 7 Feb 2023" # define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1w 11 Sep 2023"
/*- /*-
* The macros below are to be used for shared library (.so, .dll, ...) * The macros below are to be used for shared library (.so, .dll, ...)

View File

@ -1,12 +0,0 @@
prefix=/usr/local
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include
enginesdir=${libdir}/engines-1.1
Name: OpenSSL-libcrypto
Description: OpenSSL cryptography library
Version: 1.1.1t
Libs: -L${libdir} -lcrypto
Libs.private: -ldl -pthread
Cflags: -I${includedir}

View File

@ -1,11 +0,0 @@
prefix=/usr/local
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include
Name: OpenSSL-libssl
Description: Secure Sockets Layer and cryptography libraries
Version: 1.1.1t
Requires.private: libcrypto
Libs: -L${libdir} -lssl
Cflags: -I${includedir}

View File

@ -1,9 +0,0 @@
prefix=/usr/local
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include
Name: OpenSSL
Description: Secure Sockets Layer and cryptography libraries and tools
Version: 1.1.1t
Requires: libssl libcrypto

View File

@ -1,198 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>CA.pl</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#DSA-CERTIFICATES">DSA CERTIFICATES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>CA.pl - friendlier interface for OpenSSL certificate programs</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>CA.pl</b> <b>-?</b> | <b>-h</b> | <b>-help</b></p>
<p><b>CA.pl</b> <b>-newcert</b> | <b>-newreq</b> | <b>-newreq-nodes</b> | <b>-xsign</b> | <b>-sign</b> | <b>-signCA</b> | <b>-signcert</b> | <b>-crl</b> | <b>-newca</b> [<b>-extra-cmd</b> extra-params]</p>
<p><b>CA.pl</b> <b>-pkcs12</b> [<b>-extra-pkcs12</b> extra-params] [<b>certname</b>]</p>
<p><b>CA.pl</b> <b>-verify</b> [<b>-extra-verify</b> extra-params] <b>certfile</b>...</p>
<p><b>CA.pl</b> <b>-revoke</b> [<b>-extra-ca</b> extra-params] <b>certfile</b> [<b>reason</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>CA.pl</b> script is a perl script that supplies the relevant command line arguments to the <b>openssl</b> command for some common certificate operations. It is intended to simplify the process of certificate creation and management by the use of some simple options.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="h--help"><b>?</b>, <b>-h</b>, <b>-help</b></dt>
<dd>
<p>Prints a usage message.</p>
</dd>
<dt id="newcert"><b>-newcert</b></dt>
<dd>
<p>Creates a new self signed certificate. The private key is written to the file &quot;newkey.pem&quot; and the request written to the file &quot;newreq.pem&quot;. This argument invokes <b>openssl req</b> command.</p>
</dd>
<dt id="newreq"><b>-newreq</b></dt>
<dd>
<p>Creates a new certificate request. The private key is written to the file &quot;newkey.pem&quot; and the request written to the file &quot;newreq.pem&quot;. Executes <b>openssl req</b> command below the hood.</p>
</dd>
<dt id="newreq-nodes"><b>-newreq-nodes</b></dt>
<dd>
<p>Is like <b>-newreq</b> except that the private key will not be encrypted. Uses <b>openssl req</b> command.</p>
</dd>
<dt id="newca"><b>-newca</b></dt>
<dd>
<p>Creates a new CA hierarchy for use with the <b>ca</b> program (or the <b>-signcert</b> and <b>-xsign</b> options). The user is prompted to enter the filename of the CA certificates (which should also contain the private key) or by hitting ENTER details of the CA will be prompted for. The relevant files and directories are created in a directory called &quot;demoCA&quot; in the current directory. <b>openssl req</b> and <b>openssl ca</b> commands are get invoked.</p>
</dd>
<dt id="pkcs12"><b>-pkcs12</b></dt>
<dd>
<p>Create a PKCS#12 file containing the user certificate, private key and CA certificate. It expects the user certificate and private key to be in the file &quot;newcert.pem&quot; and the CA certificate to be in the file demoCA/cacert.pem, it creates a file &quot;newcert.p12&quot;. This command can thus be called after the <b>-sign</b> option. The PKCS#12 file can be imported directly into a browser. If there is an additional argument on the command line it will be used as the &quot;friendly name&quot; for the certificate (which is typically displayed in the browser list box), otherwise the name &quot;My Certificate&quot; is used. Delegates work to <b>openssl pkcs12</b> command.</p>
</dd>
<dt id="sign--signcert--xsign"><b>-sign</b>, <b>-signcert</b>, <b>-xsign</b></dt>
<dd>
<p>Calls the <b>ca</b> program to sign a certificate request. It expects the request to be in the file &quot;newreq.pem&quot;. The new certificate is written to the file &quot;newcert.pem&quot; except in the case of the <b>-xsign</b> option when it is written to standard output. Leverages <b>openssl ca</b> command.</p>
</dd>
<dt id="signCA"><b>-signCA</b></dt>
<dd>
<p>This option is the same as the <b>-sign</b> option except it uses the configuration file section <b>v3_ca</b> and so makes the signed request a valid CA certificate. This is useful when creating intermediate CA from a root CA. Extra params are passed on to <b>openssl ca</b> command.</p>
</dd>
<dt id="signcert"><b>-signcert</b></dt>
<dd>
<p>This option is the same as <b>-sign</b> except it expects a self signed certificate to be present in the file &quot;newreq.pem&quot;. Extra params are passed on to <b>openssl x509</b> and <b>openssl ca</b> commands.</p>
</dd>
<dt id="crl"><b>-crl</b></dt>
<dd>
<p>Generate a CRL. Executes <b>openssl ca</b> command.</p>
</dd>
<dt id="revoke-certfile-reason"><b>-revoke certfile [reason]</b></dt>
<dd>
<p>Revoke the certificate contained in the specified <b>certfile</b>. An optional reason may be specified, and must be one of: <b>unspecified</b>, <b>keyCompromise</b>, <b>CACompromise</b>, <b>affiliationChanged</b>, <b>superseded</b>, <b>cessationOfOperation</b>, <b>certificateHold</b>, or <b>removeFromCRL</b>. Leverages <b>openssl ca</b> command.</p>
</dd>
<dt id="verify"><b>-verify</b></dt>
<dd>
<p>Verifies certificates against the CA certificate for &quot;demoCA&quot;. If no certificates are specified on the command line it tries to verify the file &quot;newcert.pem&quot;. Invokes <b>openssl verify</b> command.</p>
</dd>
<dt id="extra-req--extra-ca--extra-pkcs12--extra-x509--extra-verify-extra-params"><b>-extra-req</b> | <b>-extra-ca</b> | <b>-extra-pkcs12</b> | <b>-extra-x509</b> | <b>-extra-verify</b> &lt;extra-params&gt;</dt>
<dd>
<p>The purpose of these parameters is to allow optional parameters to be supplied to <b>openssl</b> that this command executes. The <b>-extra-cmd</b> are specific to the option being used and the <b>openssl</b> command getting invoked. For example when this command invokes <b>openssl req</b> extra parameters can be passed on with the <b>-extra-req</b> parameter. The <b>openssl</b> commands being invoked per option are documented below. Users should consult <b>openssl</b> command documentation for more information.</p>
</dd>
</dl>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Create a CA hierarchy:</p>
<pre><code>CA.pl -newca</code></pre>
<p>Complete certificate creation example: create a CA, create a request, sign the request and finally create a PKCS#12 file containing it.</p>
<pre><code>CA.pl -newca
CA.pl -newreq
CA.pl -sign
CA.pl -pkcs12 &quot;My Test Certificate&quot;</code></pre>
<h1 id="DSA-CERTIFICATES">DSA CERTIFICATES</h1>
<p>Although the <b>CA.pl</b> creates RSA CAs and requests it is still possible to use it with DSA certificates and requests using the <a href="../man1/req.html">req(1)</a> command directly. The following example shows the steps that would typically be taken.</p>
<p>Create some DSA parameters:</p>
<pre><code>openssl dsaparam -out dsap.pem 1024</code></pre>
<p>Create a DSA CA certificate and private key:</p>
<pre><code>openssl req -x509 -newkey dsa:dsap.pem -keyout cacert.pem -out cacert.pem</code></pre>
<p>Create the CA directories and files:</p>
<pre><code>CA.pl -newca</code></pre>
<p>enter cacert.pem when prompted for the CA filename.</p>
<p>Create a DSA certificate request and private key (a different set of parameters can optionally be created first):</p>
<pre><code>openssl req -out newreq.pem -newkey dsa:dsap.pem</code></pre>
<p>Sign the request:</p>
<pre><code>CA.pl -sign</code></pre>
<h1 id="NOTES">NOTES</h1>
<p>Most of the filenames mentioned can be modified by editing the <b>CA.pl</b> script.</p>
<p>If the demoCA directory already exists then the <b>-newca</b> command will not overwrite it and will do nothing. This can happen if a previous call using the <b>-newca</b> option terminated abnormally. To get the correct behaviour delete the demoCA directory if it already exists.</p>
<p>Under some environments it may not be possible to run the <b>CA.pl</b> script directly (for example Win32) and the default configuration file location may be wrong. In this case the command:</p>
<pre><code>perl -S CA.pl</code></pre>
<p>can be used and the <b>OPENSSL_CONF</b> environment variable changed to point to the correct path of the configuration file.</p>
<p>The script is intended as a simple front end for the <b>openssl</b> program for use by a beginner. Its behaviour isn&#39;t always what is wanted. For more control over the behaviour of the certificate commands call the <b>openssl</b> command directly.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man1/x509.html">x509(1)</a>, <a href="../man1/ca.html">ca(1)</a>, <a href="../man1/req.html">req(1)</a>, <a href="../man1/pkcs12.html">pkcs12(1)</a>, <a href="../man5/config.html">config(5)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,227 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>asn1parse</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a>
<ul>
<li><a href="#Output">Output</a></li>
</ul>
</li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-asn1parse, asn1parse - ASN.1 parsing tool</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl</b> <b>asn1parse</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-noout</b>] [<b>-offset number</b>] [<b>-length number</b>] [<b>-i</b>] [<b>-oid filename</b>] [<b>-dump</b>] [<b>-dlimit num</b>] [<b>-strparse offset</b>] [<b>-genstr string</b>] [<b>-genconf file</b>] [<b>-strictpem</b>] [<b>-item name</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>asn1parse</b> command is a diagnostic utility that can parse ASN.1 structures. It can also be used to extract data from ASN.1 formatted data.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="inform-DER-PEM"><b>-inform</b> <b>DER|PEM</b></dt>
<dd>
<p>The input format. <b>DER</b> is binary format and <b>PEM</b> (the default) is base64 encoded.</p>
</dd>
<dt id="in-filename"><b>-in filename</b></dt>
<dd>
<p>The input file, default is standard input.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>Output file to place the DER encoded data into. If this option is not present then no data will be output. This is most useful when combined with the <b>-strparse</b> option.</p>
</dd>
<dt id="noout"><b>-noout</b></dt>
<dd>
<p>Don&#39;t output the parsed version of the input file.</p>
</dd>
<dt id="offset-number"><b>-offset number</b></dt>
<dd>
<p>Starting offset to begin parsing, default is start of file.</p>
</dd>
<dt id="length-number"><b>-length number</b></dt>
<dd>
<p>Number of bytes to parse, default is until end of file.</p>
</dd>
<dt id="i"><b>-i</b></dt>
<dd>
<p>Indents the output according to the &quot;depth&quot; of the structures.</p>
</dd>
<dt id="oid-filename"><b>-oid filename</b></dt>
<dd>
<p>A file containing additional OBJECT IDENTIFIERs (OIDs). The format of this file is described in the NOTES section below.</p>
</dd>
<dt id="dump"><b>-dump</b></dt>
<dd>
<p>Dump unknown data in hex format.</p>
</dd>
<dt id="dlimit-num"><b>-dlimit num</b></dt>
<dd>
<p>Like <b>-dump</b>, but only the first <b>num</b> bytes are output.</p>
</dd>
<dt id="strparse-offset"><b>-strparse offset</b></dt>
<dd>
<p>Parse the contents octets of the ASN.1 object starting at <b>offset</b>. This option can be used multiple times to &quot;drill down&quot; into a nested structure.</p>
</dd>
<dt id="genstr-string--genconf-file"><b>-genstr string</b>, <b>-genconf file</b></dt>
<dd>
<p>Generate encoded data based on <b>string</b>, <b>file</b> or both using <a href="../man3/ASN1_generate_nconf.html">ASN1_generate_nconf(3)</a> format. If <b>file</b> only is present then the string is obtained from the default section using the name <b>asn1</b>. The encoded data is passed through the ASN1 parser and printed out as though it came from a file, the contents can thus be examined and written to a file using the <b>out</b> option.</p>
</dd>
<dt id="strictpem"><b>-strictpem</b></dt>
<dd>
<p>If this option is used then <b>-inform</b> will be ignored. Without this option any data in a PEM format input file will be treated as being base64 encoded and processed whether it has the normal PEM BEGIN and END markers or not. This option will ignore any data prior to the start of the BEGIN marker, or after an END marker in a PEM file.</p>
</dd>
<dt id="item-name"><b>-item name</b></dt>
<dd>
<p>Attempt to decode and print the data as <b>ASN1_ITEM name</b>. This can be used to print out the fields of any supported ASN.1 structure if the type is known.</p>
</dd>
</dl>
<h2 id="Output">Output</h2>
<p>The output will typically contain lines like this:</p>
<pre><code>0:d=0 hl=4 l= 681 cons: SEQUENCE</code></pre>
<p>.....</p>
<pre><code>229:d=3 hl=3 l= 141 prim: BIT STRING
373:d=2 hl=3 l= 162 cons: cont [ 3 ]
376:d=3 hl=3 l= 159 cons: SEQUENCE
379:d=4 hl=2 l= 29 cons: SEQUENCE
381:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Subject Key Identifier
386:d=5 hl=2 l= 22 prim: OCTET STRING
410:d=4 hl=2 l= 112 cons: SEQUENCE
412:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key Identifier
417:d=5 hl=2 l= 105 prim: OCTET STRING
524:d=4 hl=2 l= 12 cons: SEQUENCE</code></pre>
<p>.....</p>
<p>This example is part of a self-signed certificate. Each line starts with the offset in decimal. <b>d=XX</b> specifies the current depth. The depth is increased within the scope of any SET or SEQUENCE. <b>hl=XX</b> gives the header length (tag and length octets) of the current type. <b>l=XX</b> gives the length of the contents octets.</p>
<p>The <b>-i</b> option can be used to make the output more readable.</p>
<p>Some knowledge of the ASN.1 structure is needed to interpret the output.</p>
<p>In this example the BIT STRING at offset 229 is the certificate public key. The contents octets of this will contain the public key information. This can be examined using the option <b>-strparse 229</b> to yield:</p>
<pre><code> 0:d=0 hl=3 l= 137 cons: SEQUENCE
3:d=1 hl=3 l= 129 prim: INTEGER :E5D21E1F5C8D208EA7A2166C7FAF9F6BDF2059669C60876DDB70840F1A5AAFA59699FE471F379F1DD6A487E7D5409AB6A88D4A9746E24B91D8CF55DB3521015460C8EDE44EE8A4189F7A7BE77D6CD3A9AF2696F486855CF58BF0EDF2B4068058C7A947F52548DDF7E15E96B385F86422BEA9064A3EE9E1158A56E4A6F47E5897
135:d=1 hl=2 l= 3 prim: INTEGER :010001</code></pre>
<h1 id="NOTES">NOTES</h1>
<p>If an OID is not part of OpenSSL&#39;s internal table it will be represented in numerical form (for example 1.2.3.4). The file passed to the <b>-oid</b> option allows additional OIDs to be included. Each line consists of three columns, the first column is the OID in numerical format and should be followed by white space. The second column is the &quot;short name&quot; which is a single word followed by white space. The final column is the rest of the line and is the &quot;long name&quot;. <b>asn1parse</b> displays the long name. Example:</p>
<p><code>1.2.3.4 shortName A long name</code></p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Parse a file:</p>
<pre><code>openssl asn1parse -in file.pem</code></pre>
<p>Parse a DER file:</p>
<pre><code>openssl asn1parse -inform DER -in file.der</code></pre>
<p>Generate a simple UTF8String:</p>
<pre><code>openssl asn1parse -genstr &#39;UTF8:Hello World&#39;</code></pre>
<p>Generate and write out a UTF8String, don&#39;t print parsed output:</p>
<pre><code>openssl asn1parse -genstr &#39;UTF8:Hello World&#39; -noout -out utf8.der</code></pre>
<p>Generate using a config file:</p>
<pre><code>openssl asn1parse -genconf asn1.cnf -noout -out asn1.der</code></pre>
<p>Example config file:</p>
<pre><code>asn1=SEQUENCE:seq_sect
[seq_sect]
field1=BOOL:TRUE
field2=EXP:0, UTF8:some random string</code></pre>
<h1 id="BUGS">BUGS</h1>
<p>There should be options to change the format of output lines. The output of some ASN.1 types is not well handled (if at all).</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man3/ASN1_generate_nconf.html">ASN1_generate_nconf(3)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,671 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ca</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#CRL-OPTIONS">CRL OPTIONS</a></li>
<li><a href="#CONFIGURATION-FILE-OPTIONS">CONFIGURATION FILE OPTIONS</a></li>
<li><a href="#POLICY-FORMAT">POLICY FORMAT</a></li>
<li><a href="#SPKAC-FORMAT">SPKAC FORMAT</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#FILES">FILES</a></li>
<li><a href="#RESTRICTIONS">RESTRICTIONS</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#WARNINGS">WARNINGS</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-ca, ca - sample minimal CA application</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl</b> <b>ca</b> [<b>-help</b>] [<b>-verbose</b>] [<b>-config filename</b>] [<b>-name section</b>] [<b>-gencrl</b>] [<b>-revoke file</b>] [<b>-valid file</b>] [<b>-status serial</b>] [<b>-updatedb</b>] [<b>-crl_reason reason</b>] [<b>-crl_hold instruction</b>] [<b>-crl_compromise time</b>] [<b>-crl_CA_compromise time</b>] [<b>-crldays days</b>] [<b>-crlhours hours</b>] [<b>-crlexts section</b>] [<b>-startdate date</b>] [<b>-enddate date</b>] [<b>-days arg</b>] [<b>-md arg</b>] [<b>-policy arg</b>] [<b>-keyfile arg</b>] [<b>-keyform PEM|DER</b>] [<b>-key arg</b>] [<b>-passin arg</b>] [<b>-cert file</b>] [<b>-selfsign</b>] [<b>-in file</b>] [<b>-out file</b>] [<b>-notext</b>] [<b>-outdir dir</b>] [<b>-infiles</b>] [<b>-spkac file</b>] [<b>-ss_cert file</b>] [<b>-preserveDN</b>] [<b>-noemailDN</b>] [<b>-batch</b>] [<b>-msie_hack</b>] [<b>-extensions section</b>] [<b>-extfile section</b>] [<b>-engine id</b>] [<b>-subj arg</b>] [<b>-utf8</b>] [<b>-sigopt nm:v</b>] [<b>-create_serial</b>] [<b>-rand_serial</b>] [<b>-multivalue-rdn</b>] [<b>-rand file...</b>] [<b>-writerand file</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>ca</b> command is a minimal CA application. It can be used to sign certificate requests in a variety of forms and generate CRLs it also maintains a text database of issued certificates and their status.</p>
<p>The options descriptions will be divided into each purpose.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="verbose"><b>-verbose</b></dt>
<dd>
<p>This prints extra details about the operations being performed.</p>
</dd>
<dt id="config-filename"><b>-config filename</b></dt>
<dd>
<p>Specifies the configuration file to use. Optional; for a description of the default value, see <a href="../man1/openssl.html">&quot;COMMAND SUMMARY&quot; in openssl(1)</a>.</p>
</dd>
<dt id="name-section"><b>-name section</b></dt>
<dd>
<p>Specifies the configuration file section to use (overrides <b>default_ca</b> in the <b>ca</b> section).</p>
</dd>
<dt id="in-filename"><b>-in filename</b></dt>
<dd>
<p>An input filename containing a single certificate request to be signed by the CA.</p>
</dd>
<dt id="ss_cert-filename"><b>-ss_cert filename</b></dt>
<dd>
<p>A single self-signed certificate to be signed by the CA.</p>
</dd>
<dt id="spkac-filename"><b>-spkac filename</b></dt>
<dd>
<p>A file containing a single Netscape signed public key and challenge and additional field values to be signed by the CA. See the <b>SPKAC FORMAT</b> section for information on the required input and output format.</p>
</dd>
<dt id="infiles"><b>-infiles</b></dt>
<dd>
<p>If present this should be the last option, all subsequent arguments are taken as the names of files containing certificate requests.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>The output file to output certificates to. The default is standard output. The certificate details will also be printed out to this file in PEM format (except that <b>-spkac</b> outputs DER format).</p>
</dd>
<dt id="outdir-directory"><b>-outdir directory</b></dt>
<dd>
<p>The directory to output certificates to. The certificate will be written to a filename consisting of the serial number in hex with &quot;.pem&quot; appended.</p>
</dd>
<dt id="cert"><b>-cert</b></dt>
<dd>
<p>The CA certificate file.</p>
</dd>
<dt id="keyfile-filename"><b>-keyfile filename</b></dt>
<dd>
<p>The private key to sign requests with.</p>
</dd>
<dt id="keyform-PEM-DER"><b>-keyform PEM|DER</b></dt>
<dd>
<p>The format of the data in the private key file. The default is PEM.</p>
</dd>
<dt id="sigopt-nm:v"><b>-sigopt nm:v</b></dt>
<dd>
<p>Pass options to the signature algorithm during sign or verify operations. Names and values of these options are algorithm-specific.</p>
</dd>
<dt id="key-password"><b>-key password</b></dt>
<dd>
<p>The password used to encrypt the private key. Since on some systems the command line arguments are visible (e.g. Unix with the &#39;ps&#39; utility) this option should be used with caution.</p>
</dd>
<dt id="selfsign"><b>-selfsign</b></dt>
<dd>
<p>Indicates the issued certificates are to be signed with the key the certificate requests were signed with (given with <b>-keyfile</b>). Certificate requests signed with a different key are ignored. If <b>-spkac</b>, <b>-ss_cert</b> or <b>-gencrl</b> are given, <b>-selfsign</b> is ignored.</p>
<p>A consequence of using <b>-selfsign</b> is that the self-signed certificate appears among the entries in the certificate database (see the configuration option <b>database</b>), and uses the same serial number counter as all other certificates sign with the self-signed certificate.</p>
</dd>
<dt id="passin-arg"><b>-passin arg</b></dt>
<dd>
<p>The key password source. For more information about the format of <b>arg</b> see <a href="../man1/openssl.html">&quot;Pass Phrase Options&quot; in openssl(1)</a>.</p>
</dd>
<dt id="notext"><b>-notext</b></dt>
<dd>
<p>Don&#39;t output the text form of a certificate to the output file.</p>
</dd>
<dt id="startdate-date"><b>-startdate date</b></dt>
<dd>
<p>This allows the start date to be explicitly set. The format of the date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure), or YYYYMMDDHHMMSSZ (the same as an ASN1 GeneralizedTime structure). In both formats, seconds SS and timezone Z must be present.</p>
</dd>
<dt id="enddate-date"><b>-enddate date</b></dt>
<dd>
<p>This allows the expiry date to be explicitly set. The format of the date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure), or YYYYMMDDHHMMSSZ (the same as an ASN1 GeneralizedTime structure). In both formats, seconds SS and timezone Z must be present.</p>
</dd>
<dt id="days-arg"><b>-days arg</b></dt>
<dd>
<p>The number of days to certify the certificate for.</p>
</dd>
<dt id="md-alg"><b>-md alg</b></dt>
<dd>
<p>The message digest to use. Any digest supported by the OpenSSL <b>dgst</b> command can be used. For signing algorithms that do not support a digest (i.e. Ed25519 and Ed448) any message digest that is set is ignored. This option also applies to CRLs.</p>
</dd>
<dt id="policy-arg"><b>-policy arg</b></dt>
<dd>
<p>This option defines the CA &quot;policy&quot; to use. This is a section in the configuration file which decides which fields should be mandatory or match the CA certificate. Check out the <b>POLICY FORMAT</b> section for more information.</p>
</dd>
<dt id="msie_hack"><b>-msie_hack</b></dt>
<dd>
<p>This is a deprecated option to make <b>ca</b> work with very old versions of the IE certificate enrollment control &quot;certenr3&quot;. It used UniversalStrings for almost everything. Since the old control has various security bugs its use is strongly discouraged.</p>
</dd>
<dt id="preserveDN"><b>-preserveDN</b></dt>
<dd>
<p>Normally the DN order of a certificate is the same as the order of the fields in the relevant policy section. When this option is set the order is the same as the request. This is largely for compatibility with the older IE enrollment control which would only accept certificates if their DNs match the order of the request. This is not needed for Xenroll.</p>
</dd>
<dt id="noemailDN"><b>-noemailDN</b></dt>
<dd>
<p>The DN of a certificate can contain the EMAIL field if present in the request DN, however, it is good policy just having the e-mail set into the altName extension of the certificate. When this option is set the EMAIL field is removed from the certificate&#39; subject and set only in the, eventually present, extensions. The <b>email_in_dn</b> keyword can be used in the configuration file to enable this behaviour.</p>
</dd>
<dt id="batch"><b>-batch</b></dt>
<dd>
<p>This sets the batch mode. In this mode no questions will be asked and all certificates will be certified automatically.</p>
</dd>
<dt id="extensions-section"><b>-extensions section</b></dt>
<dd>
<p>The section of the configuration file containing certificate extensions to be added when a certificate is issued (defaults to <b>x509_extensions</b> unless the <b>-extfile</b> option is used). If no extension section is present then, a V1 certificate is created. If the extension section is present (even if it is empty), then a V3 certificate is created. See the <a href="../man5/x509v3_config.html">x509v3_config(5)</a> manual page for details of the extension section format.</p>
</dd>
<dt id="extfile-file"><b>-extfile file</b></dt>
<dd>
<p>An additional configuration file to read certificate extensions from (using the default section unless the <b>-extensions</b> option is also used).</p>
</dd>
<dt id="engine-id"><b>-engine id</b></dt>
<dd>
<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>ca</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
</dd>
<dt id="subj-arg"><b>-subj arg</b></dt>
<dd>
<p>Supersedes subject name given in the request. The arg must be formatted as <i>/type0=value0/type1=value1/type2=...</i>. Keyword characters may be escaped by \ (backslash), and whitespace is retained. Empty values are permitted, but the corresponding type will not be included in the resulting certificate.</p>
</dd>
<dt id="utf8"><b>-utf8</b></dt>
<dd>
<p>This option causes field values to be interpreted as UTF8 strings, by default they are interpreted as ASCII. This means that the field values, whether prompted from a terminal or obtained from a configuration file, must be valid UTF8 strings.</p>
</dd>
<dt id="create_serial"><b>-create_serial</b></dt>
<dd>
<p>If reading serial from the text file as specified in the configuration fails, specifying this option creates a new random serial to be used as next serial number. To get random serial numbers, use the <b>-rand_serial</b> flag instead; this should only be used for simple error-recovery.</p>
</dd>
<dt id="rand_serial"><b>-rand_serial</b></dt>
<dd>
<p>Generate a large random number to use as the serial number. This overrides any option or configuration to use a serial number file.</p>
</dd>
<dt id="multivalue-rdn"><b>-multivalue-rdn</b></dt>
<dd>
<p>This option causes the -subj argument to be interpreted with full support for multivalued RDNs. Example:</p>
<p><i>/DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe</i></p>
<p>If -multi-rdn is not used then the UID value is <i>123456+CN=John Doe</i>.</p>
</dd>
<dt id="rand-file"><b>-rand file...</b></dt>
<dd>
<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
</dd>
<dt id="writerand-file">[<b>-writerand file</b>]</dt>
<dd>
<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
</dd>
</dl>
<h1 id="CRL-OPTIONS">CRL OPTIONS</h1>
<dl>
<dt id="gencrl"><b>-gencrl</b></dt>
<dd>
<p>This option generates a CRL based on information in the index file.</p>
</dd>
<dt id="crldays-num"><b>-crldays num</b></dt>
<dd>
<p>The number of days before the next CRL is due. That is the days from now to place in the CRL nextUpdate field.</p>
</dd>
<dt id="crlhours-num"><b>-crlhours num</b></dt>
<dd>
<p>The number of hours before the next CRL is due.</p>
</dd>
<dt id="revoke-filename"><b>-revoke filename</b></dt>
<dd>
<p>A filename containing a certificate to revoke.</p>
</dd>
<dt id="valid-filename"><b>-valid filename</b></dt>
<dd>
<p>A filename containing a certificate to add a Valid certificate entry.</p>
</dd>
<dt id="status-serial"><b>-status serial</b></dt>
<dd>
<p>Displays the revocation status of the certificate with the specified serial number and exits.</p>
</dd>
<dt id="updatedb"><b>-updatedb</b></dt>
<dd>
<p>Updates the database index to purge expired certificates.</p>
</dd>
<dt id="crl_reason-reason"><b>-crl_reason reason</b></dt>
<dd>
<p>Revocation reason, where <b>reason</b> is one of: <b>unspecified</b>, <b>keyCompromise</b>, <b>CACompromise</b>, <b>affiliationChanged</b>, <b>superseded</b>, <b>cessationOfOperation</b>, <b>certificateHold</b> or <b>removeFromCRL</b>. The matching of <b>reason</b> is case insensitive. Setting any revocation reason will make the CRL v2.</p>
<p>In practice <b>removeFromCRL</b> is not particularly useful because it is only used in delta CRLs which are not currently implemented.</p>
</dd>
<dt id="crl_hold-instruction"><b>-crl_hold instruction</b></dt>
<dd>
<p>This sets the CRL revocation reason code to <b>certificateHold</b> and the hold instruction to <b>instruction</b> which must be an OID. Although any OID can be used only <b>holdInstructionNone</b> (the use of which is discouraged by RFC2459) <b>holdInstructionCallIssuer</b> or <b>holdInstructionReject</b> will normally be used.</p>
</dd>
<dt id="crl_compromise-time"><b>-crl_compromise time</b></dt>
<dd>
<p>This sets the revocation reason to <b>keyCompromise</b> and the compromise time to <b>time</b>. <b>time</b> should be in GeneralizedTime format that is <b>YYYYMMDDHHMMSSZ</b>.</p>
</dd>
<dt id="crl_CA_compromise-time"><b>-crl_CA_compromise time</b></dt>
<dd>
<p>This is the same as <b>crl_compromise</b> except the revocation reason is set to <b>CACompromise</b>.</p>
</dd>
<dt id="crlexts-section"><b>-crlexts section</b></dt>
<dd>
<p>The section of the configuration file containing CRL extensions to include. If no CRL extension section is present then a V1 CRL is created, if the CRL extension section is present (even if it is empty) then a V2 CRL is created. The CRL extensions specified are CRL extensions and <b>not</b> CRL entry extensions. It should be noted that some software (for example Netscape) can&#39;t handle V2 CRLs. See <a href="../man5/x509v3_config.html">x509v3_config(5)</a> manual page for details of the extension section format.</p>
</dd>
</dl>
<h1 id="CONFIGURATION-FILE-OPTIONS">CONFIGURATION FILE OPTIONS</h1>
<p>The section of the configuration file containing options for <b>ca</b> is found as follows: If the <b>-name</b> command line option is used, then it names the section to be used. Otherwise the section to be used must be named in the <b>default_ca</b> option of the <b>ca</b> section of the configuration file (or in the default section of the configuration file). Besides <b>default_ca</b>, the following options are read directly from the <b>ca</b> section: RANDFILE preserve msie_hack With the exception of <b>RANDFILE</b>, this is probably a bug and may change in future releases.</p>
<p>Many of the configuration file options are identical to command line options. Where the option is present in the configuration file and the command line the command line value is used. Where an option is described as mandatory then it must be present in the configuration file or the command line equivalent (if any) used.</p>
<dl>
<dt id="oid_file"><b>oid_file</b></dt>
<dd>
<p>This specifies a file containing additional <b>OBJECT IDENTIFIERS</b>. Each line of the file should consist of the numerical form of the object identifier followed by white space then the short name followed by white space and finally the long name.</p>
</dd>
<dt id="oid_section"><b>oid_section</b></dt>
<dd>
<p>This specifies a section in the configuration file containing extra object identifiers. Each line should consist of the short name of the object identifier followed by <b>=</b> and the numerical form. The short and long names are the same when this option is used.</p>
</dd>
<dt id="new_certs_dir"><b>new_certs_dir</b></dt>
<dd>
<p>The same as the <b>-outdir</b> command line option. It specifies the directory where new certificates will be placed. Mandatory.</p>
</dd>
<dt id="certificate"><b>certificate</b></dt>
<dd>
<p>The same as <b>-cert</b>. It gives the file containing the CA certificate. Mandatory.</p>
</dd>
<dt id="private_key"><b>private_key</b></dt>
<dd>
<p>Same as the <b>-keyfile</b> option. The file containing the CA private key. Mandatory.</p>
</dd>
<dt id="RANDFILE"><b>RANDFILE</b></dt>
<dd>
<p>At startup the specified file is loaded into the random number generator, and at exit 256 bytes will be written to it.</p>
</dd>
<dt id="default_days"><b>default_days</b></dt>
<dd>
<p>The same as the <b>-days</b> option. The number of days to certify a certificate for.</p>
</dd>
<dt id="default_startdate"><b>default_startdate</b></dt>
<dd>
<p>The same as the <b>-startdate</b> option. The start date to certify a certificate for. If not set the current time is used.</p>
</dd>
<dt id="default_enddate"><b>default_enddate</b></dt>
<dd>
<p>The same as the <b>-enddate</b> option. Either this option or <b>default_days</b> (or the command line equivalents) must be present.</p>
</dd>
<dt id="default_crl_hours-default_crl_days"><b>default_crl_hours default_crl_days</b></dt>
<dd>
<p>The same as the <b>-crlhours</b> and the <b>-crldays</b> options. These will only be used if neither command line option is present. At least one of these must be present to generate a CRL.</p>
</dd>
<dt id="default_md"><b>default_md</b></dt>
<dd>
<p>The same as the <b>-md</b> option. Mandatory except where the signing algorithm does not require a digest (i.e. Ed25519 and Ed448).</p>
</dd>
<dt id="database"><b>database</b></dt>
<dd>
<p>The text database file to use. Mandatory. This file must be present though initially it will be empty.</p>
</dd>
<dt id="unique_subject"><b>unique_subject</b></dt>
<dd>
<p>If the value <b>yes</b> is given, the valid certificate entries in the database must have unique subjects. if the value <b>no</b> is given, several valid certificate entries may have the exact same subject. The default value is <b>yes</b>, to be compatible with older (pre 0.9.8) versions of OpenSSL. However, to make CA certificate roll-over easier, it&#39;s recommended to use the value <b>no</b>, especially if combined with the <b>-selfsign</b> command line option.</p>
<p>Note that it is valid in some circumstances for certificates to be created without any subject. In the case where there are multiple certificates without subjects this does not count as a duplicate.</p>
</dd>
<dt id="serial"><b>serial</b></dt>
<dd>
<p>A text file containing the next serial number to use in hex. Mandatory. This file must be present and contain a valid serial number.</p>
</dd>
<dt id="crlnumber"><b>crlnumber</b></dt>
<dd>
<p>A text file containing the next CRL number to use in hex. The crl number will be inserted in the CRLs only if this file exists. If this file is present, it must contain a valid CRL number.</p>
</dd>
<dt id="x509_extensions"><b>x509_extensions</b></dt>
<dd>
<p>The same as <b>-extensions</b>.</p>
</dd>
<dt id="crl_extensions"><b>crl_extensions</b></dt>
<dd>
<p>The same as <b>-crlexts</b>.</p>
</dd>
<dt id="preserve"><b>preserve</b></dt>
<dd>
<p>The same as <b>-preserveDN</b></p>
</dd>
<dt id="email_in_dn"><b>email_in_dn</b></dt>
<dd>
<p>The same as <b>-noemailDN</b>. If you want the EMAIL field to be removed from the DN of the certificate simply set this to &#39;no&#39;. If not present the default is to allow for the EMAIL filed in the certificate&#39;s DN.</p>
</dd>
<dt id="msie_hack1"><b>msie_hack</b></dt>
<dd>
<p>The same as <b>-msie_hack</b></p>
</dd>
<dt id="policy"><b>policy</b></dt>
<dd>
<p>The same as <b>-policy</b>. Mandatory. See the <b>POLICY FORMAT</b> section for more information.</p>
</dd>
<dt id="name_opt-cert_opt"><b>name_opt</b>, <b>cert_opt</b></dt>
<dd>
<p>These options allow the format used to display the certificate details when asking the user to confirm signing. All the options supported by the <b>x509</b> utilities <b>-nameopt</b> and <b>-certopt</b> switches can be used here, except the <b>no_signame</b> and <b>no_sigdump</b> are permanently set and cannot be disabled (this is because the certificate signature cannot be displayed because the certificate has not been signed at this point).</p>
<p>For convenience the values <b>ca_default</b> are accepted by both to produce a reasonable output.</p>
<p>If neither option is present the format used in earlier versions of OpenSSL is used. Use of the old format is <b>strongly</b> discouraged because it only displays fields mentioned in the <b>policy</b> section, mishandles multicharacter string types and does not display extensions.</p>
</dd>
<dt id="copy_extensions"><b>copy_extensions</b></dt>
<dd>
<p>Determines how extensions in certificate requests should be handled. If set to <b>none</b> or this option is not present then extensions are ignored and not copied to the certificate. If set to <b>copy</b> then any extensions present in the request that are not already present are copied to the certificate. If set to <b>copyall</b> then all extensions in the request are copied to the certificate: if the extension is already present in the certificate it is deleted first. See the <b>WARNINGS</b> section before using this option.</p>
<p>The main use of this option is to allow a certificate request to supply values for certain extensions such as subjectAltName.</p>
</dd>
</dl>
<h1 id="POLICY-FORMAT">POLICY FORMAT</h1>
<p>The policy section consists of a set of variables corresponding to certificate DN fields. If the value is &quot;match&quot; then the field value must match the same field in the CA certificate. If the value is &quot;supplied&quot; then it must be present. If the value is &quot;optional&quot; then it may be present. Any fields not mentioned in the policy section are silently deleted, unless the <b>-preserveDN</b> option is set but this can be regarded more of a quirk than intended behaviour.</p>
<h1 id="SPKAC-FORMAT">SPKAC FORMAT</h1>
<p>The input to the <b>-spkac</b> command line option is a Netscape signed public key and challenge. This will usually come from the <b>KEYGEN</b> tag in an HTML form to create a new private key. It is however possible to create SPKACs using the <b>spkac</b> utility.</p>
<p>The file should contain the variable SPKAC set to the value of the SPKAC and also the required DN components as name value pairs. If you need to include the same component twice then it can be preceded by a number and a &#39;.&#39;.</p>
<p>When processing SPKAC format, the output is DER if the <b>-out</b> flag is used, but PEM format if sending to stdout or the <b>-outdir</b> flag is used.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Note: these examples assume that the <b>ca</b> directory structure is already set up and the relevant files already exist. This usually involves creating a CA certificate and private key with <b>req</b>, a serial number file and an empty index file and placing them in the relevant directories.</p>
<p>To use the sample configuration file below the directories demoCA, demoCA/private and demoCA/newcerts would be created. The CA certificate would be copied to demoCA/cacert.pem and its private key to demoCA/private/cakey.pem. A file demoCA/serial would be created containing for example &quot;01&quot; and the empty index file demoCA/index.txt.</p>
<p>Sign a certificate request:</p>
<pre><code>openssl ca -in req.pem -out newcert.pem</code></pre>
<p>Sign a certificate request, using CA extensions:</p>
<pre><code>openssl ca -in req.pem -extensions v3_ca -out newcert.pem</code></pre>
<p>Generate a CRL</p>
<pre><code>openssl ca -gencrl -out crl.pem</code></pre>
<p>Sign several requests:</p>
<pre><code>openssl ca -infiles req1.pem req2.pem req3.pem</code></pre>
<p>Certify a Netscape SPKAC:</p>
<pre><code>openssl ca -spkac spkac.txt</code></pre>
<p>A sample SPKAC file (the SPKAC line has been truncated for clarity):</p>
<pre><code>SPKAC=MIG0MGAwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAn7PDhCeV/xIxUg8V70YRxK2A5
CN=Steve Test
emailAddress=steve@openssl.org
0.OU=OpenSSL Group
1.OU=Another Group</code></pre>
<p>A sample configuration file with the relevant sections for <b>ca</b>:</p>
<pre><code>[ ca ]
default_ca = CA_default # The default ca section
[ CA_default ]
dir = ./demoCA # top dir
database = $dir/index.txt # index file.
new_certs_dir = $dir/newcerts # new certs dir
certificate = $dir/cacert.pem # The CA cert
serial = $dir/serial # serial no file
#rand_serial = yes # for random serial#&#39;s
private_key = $dir/private/cakey.pem# CA private key
RANDFILE = $dir/private/.rand # random number file
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = md5 # md to use
policy = policy_any # default policy
email_in_dn = no # Don&#39;t add the email into cert DN
name_opt = ca_default # Subject name display option
cert_opt = ca_default # Certificate display option
copy_extensions = none # Don&#39;t copy extensions from request
[ policy_any ]
countryName = supplied
stateOrProvinceName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional</code></pre>
<h1 id="FILES">FILES</h1>
<p>Note: the location of all files can change either by compile time options, configuration file entries, environment variables or command line options. The values below reflect the default values.</p>
<pre><code>/usr/local/ssl/lib/openssl.cnf - master configuration file
./demoCA - main CA directory
./demoCA/cacert.pem - CA certificate
./demoCA/private/cakey.pem - CA private key
./demoCA/serial - CA serial number file
./demoCA/serial.old - CA serial number backup file
./demoCA/index.txt - CA text database file
./demoCA/index.txt.old - CA text database backup file
./demoCA/certs - certificate output file
./demoCA/.rnd - CA random seed information</code></pre>
<h1 id="RESTRICTIONS">RESTRICTIONS</h1>
<p>The text database index file is a critical part of the process and if corrupted it can be difficult to fix. It is theoretically possible to rebuild the index file from all the issued certificates and a current CRL: however there is no option to do this.</p>
<p>V2 CRL features like delta CRLs are not currently supported.</p>
<p>Although several requests can be input and handled at once it is only possible to include one SPKAC or self-signed certificate.</p>
<h1 id="BUGS">BUGS</h1>
<p>The use of an in-memory text database can cause problems when large numbers of certificates are present because, as the name implies the database has to be kept in memory.</p>
<p>The <b>ca</b> command really needs rewriting or the required functionality exposed at either a command or interface level so a more friendly utility (perl script or GUI) can handle things properly. The script <b>CA.pl</b> helps a little but not very much.</p>
<p>Any fields in a request that are not present in a policy are silently deleted. This does not happen if the <b>-preserveDN</b> option is used. To enforce the absence of the EMAIL field within the DN, as suggested by RFCs, regardless the contents of the request&#39; subject the <b>-noemailDN</b> option can be used. The behaviour should be more friendly and configurable.</p>
<p>Canceling some commands by refusing to certify a certificate can create an empty file.</p>
<h1 id="WARNINGS">WARNINGS</h1>
<p>The <b>ca</b> command is quirky and at times downright unfriendly.</p>
<p>The <b>ca</b> utility was originally meant as an example of how to do things in a CA. It was not supposed to be used as a full blown CA itself: nevertheless some people are using it for this purpose.</p>
<p>The <b>ca</b> command is effectively a single user command: no locking is done on the various files and attempts to run more than one <b>ca</b> command on the same database can have unpredictable results.</p>
<p>The <b>copy_extensions</b> option should be used with caution. If care is not taken then it can be a security risk. For example if a certificate request contains a basicConstraints extension with CA:TRUE and the <b>copy_extensions</b> value is set to <b>copyall</b> and the user does not spot this when the certificate is displayed then this will hand the requester a valid CA certificate.</p>
<p>This situation can be avoided by setting <b>copy_extensions</b> to <b>copy</b> and including basicConstraints with CA:FALSE in the configuration file. Then if the request contains a basicConstraints extension it will be ignored.</p>
<p>It is advisable to also include values for other extensions such as <b>keyUsage</b> to prevent a request supplying its own values.</p>
<p>Additional restrictions can be placed on the CA certificate itself. For example if the CA certificate has:</p>
<pre><code>basicConstraints = CA:TRUE, pathlen:0</code></pre>
<p>then even if a certificate is issued with CA:TRUE it will not be valid.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>Since OpenSSL 1.1.1, the program follows RFC5280. Specifically, certificate validity period (specified by any of <b>-startdate</b>, <b>-enddate</b> and <b>-days</b>) will be encoded as UTCTime if the dates are earlier than year 2049 (included), and as GeneralizedTime if the dates are in year 2050 or later.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man1/req.html">req(1)</a>, <a href="../man1/spkac.html">spkac(1)</a>, <a href="../man1/x509.html">x509(1)</a>, <a href="../man1/CA.pl.html">CA.pl(1)</a>, <a href="../man5/config.html">config(5)</a>, <a href="../man5/x509v3_config.html">x509v3_config(5)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,811 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ciphers</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#CIPHER-LIST-FORMAT">CIPHER LIST FORMAT</a></li>
<li><a href="#CIPHER-STRINGS">CIPHER STRINGS</a></li>
<li><a href="#CIPHER-SUITE-NAMES">CIPHER SUITE NAMES</a>
<ul>
<li><a href="#SSL-v3.0-cipher-suites">SSL v3.0 cipher suites</a></li>
<li><a href="#TLS-v1.0-cipher-suites">TLS v1.0 cipher suites</a></li>
<li><a href="#AES-cipher-suites-from-RFC3268-extending-TLS-v1.0">AES cipher suites from RFC3268, extending TLS v1.0</a></li>
<li><a href="#Camellia-cipher-suites-from-RFC4132-extending-TLS-v1.0">Camellia cipher suites from RFC4132, extending TLS v1.0</a></li>
<li><a href="#SEED-cipher-suites-from-RFC4162-extending-TLS-v1.0">SEED cipher suites from RFC4162, extending TLS v1.0</a></li>
<li><a href="#GOST-cipher-suites-from-draft-chudov-cryptopro-cptls-extending-TLS-v1.0">GOST cipher suites from draft-chudov-cryptopro-cptls, extending TLS v1.0</a></li>
<li><a href="#Additional-Export-1024-and-other-cipher-suites">Additional Export 1024 and other cipher suites</a></li>
<li><a href="#Elliptic-curve-cipher-suites">Elliptic curve cipher suites.</a></li>
<li><a href="#TLS-v1.2-cipher-suites">TLS v1.2 cipher suites</a></li>
<li><a href="#ARIA-cipher-suites-from-RFC6209-extending-TLS-v1.2">ARIA cipher suites from RFC6209, extending TLS v1.2</a></li>
<li><a href="#Camellia-HMAC-Based-cipher-suites-from-RFC6367-extending-TLS-v1.2">Camellia HMAC-Based cipher suites from RFC6367, extending TLS v1.2</a></li>
<li><a href="#Pre-shared-keying-PSK-cipher-suites">Pre-shared keying (PSK) cipher suites</a></li>
<li><a href="#ChaCha20-Poly1305-cipher-suites-extending-TLS-v1.2">ChaCha20-Poly1305 cipher suites, extending TLS v1.2</a></li>
<li><a href="#TLS-v1.3-cipher-suites">TLS v1.3 cipher suites</a></li>
<li><a href="#Older-names-used-by-OpenSSL">Older names used by OpenSSL</a></li>
</ul>
</li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-ciphers, ciphers - SSL cipher display and cipher list tool</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl</b> <b>ciphers</b> [<b>-help</b>] [<b>-s</b>] [<b>-v</b>] [<b>-V</b>] [<b>-ssl3</b>] [<b>-tls1</b>] [<b>-tls1_1</b>] [<b>-tls1_2</b>] [<b>-tls1_3</b>] [<b>-s</b>] [<b>-psk</b>] [<b>-srp</b>] [<b>-stdname</b>] [<b>-convert name</b>] [<b>-ciphersuites val</b>] [<b>cipherlist</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>ciphers</b> command converts textual OpenSSL cipher lists into ordered SSL cipher preference lists. It can be used as a test tool to determine the appropriate cipherlist.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print a usage message.</p>
</dd>
<dt id="s"><b>-s</b></dt>
<dd>
<p>Only list supported ciphers: those consistent with the security level, and minimum and maximum protocol version. This is closer to the actual cipher list an application will support.</p>
<p>PSK and SRP ciphers are not enabled by default: they require <b>-psk</b> or <b>-srp</b> to enable them.</p>
<p>It also does not change the default list of supported signature algorithms.</p>
<p>On a server the list of supported ciphers might also exclude other ciphers depending on the configured certificates and presence of DH parameters.</p>
<p>If this option is not used then all ciphers that match the cipherlist will be listed.</p>
</dd>
<dt id="psk"><b>-psk</b></dt>
<dd>
<p>When combined with <b>-s</b> includes cipher suites which require PSK.</p>
</dd>
<dt id="srp"><b>-srp</b></dt>
<dd>
<p>When combined with <b>-s</b> includes cipher suites which require SRP.</p>
</dd>
<dt id="v"><b>-v</b></dt>
<dd>
<p>Verbose output: For each cipher suite, list details as provided by <a href="../man3/SSL_CIPHER_description.html">SSL_CIPHER_description(3)</a>.</p>
</dd>
<dt id="V"><b>-V</b></dt>
<dd>
<p>Like <b>-v</b>, but include the official cipher suite values in hex.</p>
</dd>
<dt id="tls1_3--tls1_2--tls1_1--tls1--ssl3"><b>-tls1_3</b>, <b>-tls1_2</b>, <b>-tls1_1</b>, <b>-tls1</b>, <b>-ssl3</b></dt>
<dd>
<p>In combination with the <b>-s</b> option, list the ciphers which could be used if the specified protocol were negotiated. Note that not all protocols and flags may be available, depending on how OpenSSL was built.</p>
</dd>
<dt id="stdname"><b>-stdname</b></dt>
<dd>
<p>Precede each cipher suite by its standard name.</p>
</dd>
<dt id="convert-name"><b>-convert name</b></dt>
<dd>
<p>Convert a standard cipher <b>name</b> to its OpenSSL name.</p>
</dd>
<dt id="ciphersuites-val"><b>-ciphersuites val</b></dt>
<dd>
<p>Sets the list of TLSv1.3 ciphersuites. This list will be combined with any TLSv1.2 and below ciphersuites that have been configured. The format for this list is a simple colon (&quot;:&quot;) separated list of TLSv1.3 ciphersuite names. By default this value is:</p>
<pre><code>TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256</code></pre>
</dd>
<dt id="cipherlist"><b>cipherlist</b></dt>
<dd>
<p>A cipher list of TLSv1.2 and below ciphersuites to convert to a cipher preference list. This list will be combined with any TLSv1.3 ciphersuites that have been configured. If it is not included then the default cipher list will be used. The format is described below.</p>
</dd>
</dl>
<h1 id="CIPHER-LIST-FORMAT">CIPHER LIST FORMAT</h1>
<p>The cipher list consists of one or more <i>cipher strings</i> separated by colons. Commas or spaces are also acceptable separators but colons are normally used.</p>
<p>The actual cipher string can take several different forms.</p>
<p>It can consist of a single cipher suite such as <b>RC4-SHA</b>.</p>
<p>It can represent a list of cipher suites containing a certain algorithm, or cipher suites of a certain type. For example <b>SHA1</b> represents all ciphers suites using the digest algorithm SHA1 and <b>SSLv3</b> represents all SSL v3 algorithms.</p>
<p>Lists of cipher suites can be combined in a single cipher string using the <b>+</b> character. This is used as a logical <b>and</b> operation. For example <b>SHA1+DES</b> represents all cipher suites containing the SHA1 <b>and</b> the DES algorithms.</p>
<p>Each cipher string can be optionally preceded by the characters <b>!</b>, <b>-</b> or <b>+</b>.</p>
<p>If <b>!</b> is used then the ciphers are permanently deleted from the list. The ciphers deleted can never reappear in the list even if they are explicitly stated.</p>
<p>If <b>-</b> is used then the ciphers are deleted from the list, but some or all of the ciphers can be added again by later options.</p>
<p>If <b>+</b> is used then the ciphers are moved to the end of the list. This option doesn&#39;t add any new ciphers it just moves matching existing ones.</p>
<p>If none of these characters is present then the string is just interpreted as a list of ciphers to be appended to the current preference list. If the list includes any ciphers already present they will be ignored: that is they will not moved to the end of the list.</p>
<p>The cipher string <b>@STRENGTH</b> can be used at any point to sort the current cipher list in order of encryption algorithm key length.</p>
<p>The cipher string <b>@SECLEVEL=n</b> can be used at any point to set the security level to <b>n</b>, which should be a number between zero and five, inclusive. See <a href="/../man3/SSL_CTX_set_security_level.html">SSL_CTX_set_security_level</a> for a description of what each level means.</p>
<p>The cipher list can be prefixed with the <b>DEFAULT</b> keyword, which enables the default cipher list as defined below. Unlike cipher strings, this prefix may not be combined with other strings using <b>+</b> character. For example, <b>DEFAULT+DES</b> is not valid.</p>
<p>The content of the default list is determined at compile time and normally corresponds to <b>ALL:!COMPLEMENTOFDEFAULT:!eNULL</b>.</p>
<h1 id="CIPHER-STRINGS">CIPHER STRINGS</h1>
<p>The following is a list of all permitted cipher strings and their meanings.</p>
<dl>
<dt id="COMPLEMENTOFDEFAULT"><b>COMPLEMENTOFDEFAULT</b></dt>
<dd>
<p>The ciphers included in <b>ALL</b>, but not enabled by default. Currently this includes all RC4 and anonymous ciphers. Note that this rule does not cover <b>eNULL</b>, which is not included by <b>ALL</b> (use <b>COMPLEMENTOFALL</b> if necessary). Note that RC4 based cipher suites are not built into OpenSSL by default (see the enable-weak-ssl-ciphers option to Configure).</p>
</dd>
<dt id="ALL"><b>ALL</b></dt>
<dd>
<p>All cipher suites except the <b>eNULL</b> ciphers (which must be explicitly enabled if needed). As of OpenSSL 1.0.0, the <b>ALL</b> cipher suites are sensibly ordered by default.</p>
</dd>
<dt id="COMPLEMENTOFALL"><b>COMPLEMENTOFALL</b></dt>
<dd>
<p>The cipher suites not enabled by <b>ALL</b>, currently <b>eNULL</b>.</p>
</dd>
<dt id="HIGH"><b>HIGH</b></dt>
<dd>
<p>&quot;High&quot; encryption cipher suites. This currently means those with key lengths larger than 128 bits, and some cipher suites with 128-bit keys.</p>
</dd>
<dt id="MEDIUM"><b>MEDIUM</b></dt>
<dd>
<p>&quot;Medium&quot; encryption cipher suites, currently some of those using 128 bit encryption.</p>
</dd>
<dt id="LOW"><b>LOW</b></dt>
<dd>
<p>&quot;Low&quot; encryption cipher suites, currently those using 64 or 56 bit encryption algorithms but excluding export cipher suites. All these cipher suites have been removed as of OpenSSL 1.1.0.</p>
</dd>
<dt id="eNULL-NULL"><b>eNULL</b>, <b>NULL</b></dt>
<dd>
<p>The &quot;NULL&quot; ciphers that is those offering no encryption. Because these offer no encryption at all and are a security risk they are not enabled via either the <b>DEFAULT</b> or <b>ALL</b> cipher strings. Be careful when building cipherlists out of lower-level primitives such as <b>kRSA</b> or <b>aECDSA</b> as these do overlap with the <b>eNULL</b> ciphers. When in doubt, include <b>!eNULL</b> in your cipherlist.</p>
</dd>
<dt id="aNULL"><b>aNULL</b></dt>
<dd>
<p>The cipher suites offering no authentication. This is currently the anonymous DH algorithms and anonymous ECDH algorithms. These cipher suites are vulnerable to &quot;man in the middle&quot; attacks and so their use is discouraged. These are excluded from the <b>DEFAULT</b> ciphers, but included in the <b>ALL</b> ciphers. Be careful when building cipherlists out of lower-level primitives such as <b>kDHE</b> or <b>AES</b> as these do overlap with the <b>aNULL</b> ciphers. When in doubt, include <b>!aNULL</b> in your cipherlist.</p>
</dd>
<dt id="kRSA-aRSA-RSA"><b>kRSA</b>, <b>aRSA</b>, <b>RSA</b></dt>
<dd>
<p>Cipher suites using RSA key exchange or authentication. <b>RSA</b> is an alias for <b>kRSA</b>.</p>
</dd>
<dt id="kDHr-kDHd-kDH"><b>kDHr</b>, <b>kDHd</b>, <b>kDH</b></dt>
<dd>
<p>Cipher suites using static DH key agreement and DH certificates signed by CAs with RSA and DSS keys or either respectively. All these cipher suites have been removed in OpenSSL 1.1.0.</p>
</dd>
<dt id="kDHE-kEDH-DH"><b>kDHE</b>, <b>kEDH</b>, <b>DH</b></dt>
<dd>
<p>Cipher suites using ephemeral DH key agreement, including anonymous cipher suites.</p>
</dd>
<dt id="DHE-EDH"><b>DHE</b>, <b>EDH</b></dt>
<dd>
<p>Cipher suites using authenticated ephemeral DH key agreement.</p>
</dd>
<dt id="ADH"><b>ADH</b></dt>
<dd>
<p>Anonymous DH cipher suites, note that this does not include anonymous Elliptic Curve DH (ECDH) cipher suites.</p>
</dd>
<dt id="kEECDH-kECDHE-ECDH"><b>kEECDH</b>, <b>kECDHE</b>, <b>ECDH</b></dt>
<dd>
<p>Cipher suites using ephemeral ECDH key agreement, including anonymous cipher suites.</p>
</dd>
<dt id="ECDHE-EECDH"><b>ECDHE</b>, <b>EECDH</b></dt>
<dd>
<p>Cipher suites using authenticated ephemeral ECDH key agreement.</p>
</dd>
<dt id="AECDH"><b>AECDH</b></dt>
<dd>
<p>Anonymous Elliptic Curve Diffie-Hellman cipher suites.</p>
</dd>
<dt id="aDSS-DSS"><b>aDSS</b>, <b>DSS</b></dt>
<dd>
<p>Cipher suites using DSS authentication, i.e. the certificates carry DSS keys.</p>
</dd>
<dt id="aDH"><b>aDH</b></dt>
<dd>
<p>Cipher suites effectively using DH authentication, i.e. the certificates carry DH keys. All these cipher suites have been removed in OpenSSL 1.1.0.</p>
</dd>
<dt id="aECDSA-ECDSA"><b>aECDSA</b>, <b>ECDSA</b></dt>
<dd>
<p>Cipher suites using ECDSA authentication, i.e. the certificates carry ECDSA keys.</p>
</dd>
<dt id="TLSv1.2-TLSv1.0-SSLv3"><b>TLSv1.2</b>, <b>TLSv1.0</b>, <b>SSLv3</b></dt>
<dd>
<p>Lists cipher suites which are only supported in at least TLS v1.2, TLS v1.0 or SSL v3.0 respectively. Note: there are no cipher suites specific to TLS v1.1. Since this is only the minimum version, if, for example, TLSv1.0 is negotiated then both TLSv1.0 and SSLv3.0 cipher suites are available.</p>
<p>Note: these cipher strings <b>do not</b> change the negotiated version of SSL or TLS, they only affect the list of available cipher suites.</p>
</dd>
<dt id="AES128-AES256-AES"><b>AES128</b>, <b>AES256</b>, <b>AES</b></dt>
<dd>
<p>cipher suites using 128 bit AES, 256 bit AES or either 128 or 256 bit AES.</p>
</dd>
<dt id="AESGCM"><b>AESGCM</b></dt>
<dd>
<p>AES in Galois Counter Mode (GCM): these cipher suites are only supported in TLS v1.2.</p>
</dd>
<dt id="AESCCM-AESCCM8"><b>AESCCM</b>, <b>AESCCM8</b></dt>
<dd>
<p>AES in Cipher Block Chaining - Message Authentication Mode (CCM): these cipher suites are only supported in TLS v1.2. <b>AESCCM</b> references CCM cipher suites using both 16 and 8 octet Integrity Check Value (ICV) while <b>AESCCM8</b> only references 8 octet ICV.</p>
</dd>
<dt id="ARIA128-ARIA256-ARIA"><b>ARIA128</b>, <b>ARIA256</b>, <b>ARIA</b></dt>
<dd>
<p>Cipher suites using 128 bit ARIA, 256 bit ARIA or either 128 or 256 bit ARIA.</p>
</dd>
<dt id="CAMELLIA128-CAMELLIA256-CAMELLIA"><b>CAMELLIA128</b>, <b>CAMELLIA256</b>, <b>CAMELLIA</b></dt>
<dd>
<p>Cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either 128 or 256 bit CAMELLIA.</p>
</dd>
<dt id="CHACHA20"><b>CHACHA20</b></dt>
<dd>
<p>Cipher suites using ChaCha20.</p>
</dd>
<dt id="DES"><b>3DES</b></dt>
<dd>
<p>Cipher suites using triple DES.</p>
</dd>
<dt id="DES1"><b>DES</b></dt>
<dd>
<p>Cipher suites using DES (not triple DES). All these cipher suites have been removed in OpenSSL 1.1.0.</p>
</dd>
<dt id="RC4"><b>RC4</b></dt>
<dd>
<p>Cipher suites using RC4.</p>
</dd>
<dt id="RC2"><b>RC2</b></dt>
<dd>
<p>Cipher suites using RC2.</p>
</dd>
<dt id="IDEA"><b>IDEA</b></dt>
<dd>
<p>Cipher suites using IDEA.</p>
</dd>
<dt id="SEED"><b>SEED</b></dt>
<dd>
<p>Cipher suites using SEED.</p>
</dd>
<dt id="MD5"><b>MD5</b></dt>
<dd>
<p>Cipher suites using MD5.</p>
</dd>
<dt id="SHA1-SHA"><b>SHA1</b>, <b>SHA</b></dt>
<dd>
<p>Cipher suites using SHA1.</p>
</dd>
<dt id="SHA256-SHA384"><b>SHA256</b>, <b>SHA384</b></dt>
<dd>
<p>Cipher suites using SHA256 or SHA384.</p>
</dd>
<dt id="aGOST"><b>aGOST</b></dt>
<dd>
<p>Cipher suites using GOST R 34.10 (either 2001 or 94) for authentication (needs an engine supporting GOST algorithms).</p>
</dd>
<dt id="aGOST01"><b>aGOST01</b></dt>
<dd>
<p>Cipher suites using GOST R 34.10-2001 authentication.</p>
</dd>
<dt id="kGOST"><b>kGOST</b></dt>
<dd>
<p>Cipher suites, using VKO 34.10 key exchange, specified in the RFC 4357.</p>
</dd>
<dt id="GOST94"><b>GOST94</b></dt>
<dd>
<p>Cipher suites, using HMAC based on GOST R 34.11-94.</p>
</dd>
<dt id="GOST89MAC"><b>GOST89MAC</b></dt>
<dd>
<p>Cipher suites using GOST 28147-89 MAC <b>instead of</b> HMAC.</p>
</dd>
<dt id="PSK"><b>PSK</b></dt>
<dd>
<p>All cipher suites using pre-shared keys (PSK).</p>
</dd>
<dt id="kPSK-kECDHEPSK-kDHEPSK-kRSAPSK"><b>kPSK</b>, <b>kECDHEPSK</b>, <b>kDHEPSK</b>, <b>kRSAPSK</b></dt>
<dd>
<p>Cipher suites using PSK key exchange, ECDHE_PSK, DHE_PSK or RSA_PSK.</p>
</dd>
<dt id="aPSK"><b>aPSK</b></dt>
<dd>
<p>Cipher suites using PSK authentication (currently all PSK modes apart from RSA_PSK).</p>
</dd>
<dt id="SUITEB128-SUITEB128ONLY-SUITEB192"><b>SUITEB128</b>, <b>SUITEB128ONLY</b>, <b>SUITEB192</b></dt>
<dd>
<p>Enables suite B mode of operation using 128 (permitting 192 bit mode by peer) 128 bit (not permitting 192 bit by peer) or 192 bit level of security respectively. If used these cipherstrings should appear first in the cipher list and anything after them is ignored. Setting Suite B mode has additional consequences required to comply with RFC6460. In particular the supported signature algorithms is reduced to support only ECDSA and SHA256 or SHA384, only the elliptic curves P-256 and P-384 can be used and only the two suite B compliant cipher suites (ECDHE-ECDSA-AES128-GCM-SHA256 and ECDHE-ECDSA-AES256-GCM-SHA384) are permissible.</p>
</dd>
</dl>
<h1 id="CIPHER-SUITE-NAMES">CIPHER SUITE NAMES</h1>
<p>The following lists give the SSL or TLS cipher suites names from the relevant specification and their OpenSSL equivalents. It should be noted, that several cipher suite names do not include the authentication used, e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.</p>
<h2 id="SSL-v3.0-cipher-suites">SSL v3.0 cipher suites</h2>
<pre><code>SSL_RSA_WITH_NULL_MD5 NULL-MD5
SSL_RSA_WITH_NULL_SHA NULL-SHA
SSL_RSA_WITH_RC4_128_MD5 RC4-MD5
SSL_RSA_WITH_RC4_128_SHA RC4-SHA
SSL_RSA_WITH_IDEA_CBC_SHA IDEA-CBC-SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA
SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA DH-DSS-DES-CBC3-SHA
SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA DH-RSA-DES-CBC3-SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA DHE-DSS-DES-CBC3-SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA DHE-RSA-DES-CBC3-SHA
SSL_DH_anon_WITH_RC4_128_MD5 ADH-RC4-MD5
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA
SSL_FORTEZZA_KEA_WITH_NULL_SHA Not implemented.
SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA Not implemented.
SSL_FORTEZZA_KEA_WITH_RC4_128_SHA Not implemented.</code></pre>
<h2 id="TLS-v1.0-cipher-suites">TLS v1.0 cipher suites</h2>
<pre><code>TLS_RSA_WITH_NULL_MD5 NULL-MD5
TLS_RSA_WITH_NULL_SHA NULL-SHA
TLS_RSA_WITH_RC4_128_MD5 RC4-MD5
TLS_RSA_WITH_RC4_128_SHA RC4-SHA
TLS_RSA_WITH_IDEA_CBC_SHA IDEA-CBC-SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA
TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA Not implemented.
TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA Not implemented.
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA DHE-DSS-DES-CBC3-SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DHE-RSA-DES-CBC3-SHA
TLS_DH_anon_WITH_RC4_128_MD5 ADH-RC4-MD5
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA</code></pre>
<h2 id="AES-cipher-suites-from-RFC3268-extending-TLS-v1.0">AES cipher suites from RFC3268, extending TLS v1.0</h2>
<pre><code>TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA
TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA
TLS_DH_DSS_WITH_AES_128_CBC_SHA DH-DSS-AES128-SHA
TLS_DH_DSS_WITH_AES_256_CBC_SHA DH-DSS-AES256-SHA
TLS_DH_RSA_WITH_AES_128_CBC_SHA DH-RSA-AES128-SHA
TLS_DH_RSA_WITH_AES_256_CBC_SHA DH-RSA-AES256-SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA DHE-DSS-AES128-SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA DHE-DSS-AES256-SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA DHE-RSA-AES128-SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA DHE-RSA-AES256-SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA ADH-AES128-SHA
TLS_DH_anon_WITH_AES_256_CBC_SHA ADH-AES256-SHA</code></pre>
<h2 id="Camellia-cipher-suites-from-RFC4132-extending-TLS-v1.0">Camellia cipher suites from RFC4132, extending TLS v1.0</h2>
<pre><code>TLS_RSA_WITH_CAMELLIA_128_CBC_SHA CAMELLIA128-SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA CAMELLIA256-SHA
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA DH-DSS-CAMELLIA128-SHA
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA DH-DSS-CAMELLIA256-SHA
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA DH-RSA-CAMELLIA128-SHA
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA DH-RSA-CAMELLIA256-SHA
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA DHE-DSS-CAMELLIA128-SHA
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA DHE-DSS-CAMELLIA256-SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA DHE-RSA-CAMELLIA128-SHA
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA DHE-RSA-CAMELLIA256-SHA
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA ADH-CAMELLIA128-SHA
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA ADH-CAMELLIA256-SHA</code></pre>
<h2 id="SEED-cipher-suites-from-RFC4162-extending-TLS-v1.0">SEED cipher suites from RFC4162, extending TLS v1.0</h2>
<pre><code>TLS_RSA_WITH_SEED_CBC_SHA SEED-SHA
TLS_DH_DSS_WITH_SEED_CBC_SHA DH-DSS-SEED-SHA
TLS_DH_RSA_WITH_SEED_CBC_SHA DH-RSA-SEED-SHA
TLS_DHE_DSS_WITH_SEED_CBC_SHA DHE-DSS-SEED-SHA
TLS_DHE_RSA_WITH_SEED_CBC_SHA DHE-RSA-SEED-SHA
TLS_DH_anon_WITH_SEED_CBC_SHA ADH-SEED-SHA</code></pre>
<h2 id="GOST-cipher-suites-from-draft-chudov-cryptopro-cptls-extending-TLS-v1.0">GOST cipher suites from draft-chudov-cryptopro-cptls, extending TLS v1.0</h2>
<p>Note: these ciphers require an engine which including GOST cryptographic algorithms, such as the <b>ccgost</b> engine, included in the OpenSSL distribution.</p>
<pre><code>TLS_GOSTR341094_WITH_28147_CNT_IMIT GOST94-GOST89-GOST89
TLS_GOSTR341001_WITH_28147_CNT_IMIT GOST2001-GOST89-GOST89
TLS_GOSTR341094_WITH_NULL_GOSTR3411 GOST94-NULL-GOST94
TLS_GOSTR341001_WITH_NULL_GOSTR3411 GOST2001-NULL-GOST94</code></pre>
<h2 id="Additional-Export-1024-and-other-cipher-suites">Additional Export 1024 and other cipher suites</h2>
<p>Note: these ciphers can also be used in SSL v3.</p>
<pre><code>TLS_DHE_DSS_WITH_RC4_128_SHA DHE-DSS-RC4-SHA</code></pre>
<h2 id="Elliptic-curve-cipher-suites">Elliptic curve cipher suites.</h2>
<pre><code>TLS_ECDHE_RSA_WITH_NULL_SHA ECDHE-RSA-NULL-SHA
TLS_ECDHE_RSA_WITH_RC4_128_SHA ECDHE-RSA-RC4-SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA ECDHE-RSA-DES-CBC3-SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDHE-RSA-AES128-SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDHE-RSA-AES256-SHA
TLS_ECDHE_ECDSA_WITH_NULL_SHA ECDHE-ECDSA-NULL-SHA
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA ECDHE-ECDSA-RC4-SHA
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA ECDHE-ECDSA-DES-CBC3-SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA ECDHE-ECDSA-AES128-SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA ECDHE-ECDSA-AES256-SHA
TLS_ECDH_anon_WITH_NULL_SHA AECDH-NULL-SHA
TLS_ECDH_anon_WITH_RC4_128_SHA AECDH-RC4-SHA
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA AECDH-DES-CBC3-SHA
TLS_ECDH_anon_WITH_AES_128_CBC_SHA AECDH-AES128-SHA
TLS_ECDH_anon_WITH_AES_256_CBC_SHA AECDH-AES256-SHA</code></pre>
<h2 id="TLS-v1.2-cipher-suites">TLS v1.2 cipher suites</h2>
<pre><code>TLS_RSA_WITH_NULL_SHA256 NULL-SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256 AES128-SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256 AES256-SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256 AES128-GCM-SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384 AES256-GCM-SHA384
TLS_DH_RSA_WITH_AES_128_CBC_SHA256 DH-RSA-AES128-SHA256
TLS_DH_RSA_WITH_AES_256_CBC_SHA256 DH-RSA-AES256-SHA256
TLS_DH_RSA_WITH_AES_128_GCM_SHA256 DH-RSA-AES128-GCM-SHA256
TLS_DH_RSA_WITH_AES_256_GCM_SHA384 DH-RSA-AES256-GCM-SHA384
TLS_DH_DSS_WITH_AES_128_CBC_SHA256 DH-DSS-AES128-SHA256
TLS_DH_DSS_WITH_AES_256_CBC_SHA256 DH-DSS-AES256-SHA256
TLS_DH_DSS_WITH_AES_128_GCM_SHA256 DH-DSS-AES128-GCM-SHA256
TLS_DH_DSS_WITH_AES_256_GCM_SHA384 DH-DSS-AES256-GCM-SHA384
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 DHE-RSA-AES128-SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 DHE-RSA-AES256-SHA256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 DHE-RSA-AES128-GCM-SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 DHE-RSA-AES256-GCM-SHA384
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 DHE-DSS-AES128-SHA256
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 DHE-DSS-AES256-SHA256
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 DHE-DSS-AES128-GCM-SHA256
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 DHE-DSS-AES256-GCM-SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDHE-RSA-AES128-SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDHE-RSA-AES256-SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDHE-RSA-AES256-GCM-SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 ECDHE-ECDSA-AES128-SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 ECDHE-ECDSA-AES256-SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ECDHE-ECDSA-AES128-GCM-SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 ECDHE-ECDSA-AES256-GCM-SHA384
TLS_DH_anon_WITH_AES_128_CBC_SHA256 ADH-AES128-SHA256
TLS_DH_anon_WITH_AES_256_CBC_SHA256 ADH-AES256-SHA256
TLS_DH_anon_WITH_AES_128_GCM_SHA256 ADH-AES128-GCM-SHA256
TLS_DH_anon_WITH_AES_256_GCM_SHA384 ADH-AES256-GCM-SHA384
RSA_WITH_AES_128_CCM AES128-CCM
RSA_WITH_AES_256_CCM AES256-CCM
DHE_RSA_WITH_AES_128_CCM DHE-RSA-AES128-CCM
DHE_RSA_WITH_AES_256_CCM DHE-RSA-AES256-CCM
RSA_WITH_AES_128_CCM_8 AES128-CCM8
RSA_WITH_AES_256_CCM_8 AES256-CCM8
DHE_RSA_WITH_AES_128_CCM_8 DHE-RSA-AES128-CCM8
DHE_RSA_WITH_AES_256_CCM_8 DHE-RSA-AES256-CCM8
ECDHE_ECDSA_WITH_AES_128_CCM ECDHE-ECDSA-AES128-CCM
ECDHE_ECDSA_WITH_AES_256_CCM ECDHE-ECDSA-AES256-CCM
ECDHE_ECDSA_WITH_AES_128_CCM_8 ECDHE-ECDSA-AES128-CCM8
ECDHE_ECDSA_WITH_AES_256_CCM_8 ECDHE-ECDSA-AES256-CCM8</code></pre>
<h2 id="ARIA-cipher-suites-from-RFC6209-extending-TLS-v1.2">ARIA cipher suites from RFC6209, extending TLS v1.2</h2>
<p>Note: the CBC modes mentioned in this RFC are not supported.</p>
<pre><code>TLS_RSA_WITH_ARIA_128_GCM_SHA256 ARIA128-GCM-SHA256
TLS_RSA_WITH_ARIA_256_GCM_SHA384 ARIA256-GCM-SHA384
TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 DHE-RSA-ARIA128-GCM-SHA256
TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 DHE-RSA-ARIA256-GCM-SHA384
TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 DHE-DSS-ARIA128-GCM-SHA256
TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 DHE-DSS-ARIA256-GCM-SHA384
TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 ECDHE-ECDSA-ARIA128-GCM-SHA256
TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 ECDHE-ECDSA-ARIA256-GCM-SHA384
TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 ECDHE-ARIA128-GCM-SHA256
TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 ECDHE-ARIA256-GCM-SHA384
TLS_PSK_WITH_ARIA_128_GCM_SHA256 PSK-ARIA128-GCM-SHA256
TLS_PSK_WITH_ARIA_256_GCM_SHA384 PSK-ARIA256-GCM-SHA384
TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 DHE-PSK-ARIA128-GCM-SHA256
TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 DHE-PSK-ARIA256-GCM-SHA384
TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 RSA-PSK-ARIA128-GCM-SHA256
TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 RSA-PSK-ARIA256-GCM-SHA384</code></pre>
<h2 id="Camellia-HMAC-Based-cipher-suites-from-RFC6367-extending-TLS-v1.2">Camellia HMAC-Based cipher suites from RFC6367, extending TLS v1.2</h2>
<pre><code>TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-ECDSA-CAMELLIA128-SHA256
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 ECDHE-ECDSA-CAMELLIA256-SHA384
TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-RSA-CAMELLIA128-SHA256
TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 ECDHE-RSA-CAMELLIA256-SHA384</code></pre>
<h2 id="Pre-shared-keying-PSK-cipher-suites">Pre-shared keying (PSK) cipher suites</h2>
<pre><code>PSK_WITH_NULL_SHA PSK-NULL-SHA
DHE_PSK_WITH_NULL_SHA DHE-PSK-NULL-SHA
RSA_PSK_WITH_NULL_SHA RSA-PSK-NULL-SHA
PSK_WITH_RC4_128_SHA PSK-RC4-SHA
PSK_WITH_3DES_EDE_CBC_SHA PSK-3DES-EDE-CBC-SHA
PSK_WITH_AES_128_CBC_SHA PSK-AES128-CBC-SHA
PSK_WITH_AES_256_CBC_SHA PSK-AES256-CBC-SHA
DHE_PSK_WITH_RC4_128_SHA DHE-PSK-RC4-SHA
DHE_PSK_WITH_3DES_EDE_CBC_SHA DHE-PSK-3DES-EDE-CBC-SHA
DHE_PSK_WITH_AES_128_CBC_SHA DHE-PSK-AES128-CBC-SHA
DHE_PSK_WITH_AES_256_CBC_SHA DHE-PSK-AES256-CBC-SHA
RSA_PSK_WITH_RC4_128_SHA RSA-PSK-RC4-SHA
RSA_PSK_WITH_3DES_EDE_CBC_SHA RSA-PSK-3DES-EDE-CBC-SHA
RSA_PSK_WITH_AES_128_CBC_SHA RSA-PSK-AES128-CBC-SHA
RSA_PSK_WITH_AES_256_CBC_SHA RSA-PSK-AES256-CBC-SHA
PSK_WITH_AES_128_GCM_SHA256 PSK-AES128-GCM-SHA256
PSK_WITH_AES_256_GCM_SHA384 PSK-AES256-GCM-SHA384
DHE_PSK_WITH_AES_128_GCM_SHA256 DHE-PSK-AES128-GCM-SHA256
DHE_PSK_WITH_AES_256_GCM_SHA384 DHE-PSK-AES256-GCM-SHA384
RSA_PSK_WITH_AES_128_GCM_SHA256 RSA-PSK-AES128-GCM-SHA256
RSA_PSK_WITH_AES_256_GCM_SHA384 RSA-PSK-AES256-GCM-SHA384
PSK_WITH_AES_128_CBC_SHA256 PSK-AES128-CBC-SHA256
PSK_WITH_AES_256_CBC_SHA384 PSK-AES256-CBC-SHA384
PSK_WITH_NULL_SHA256 PSK-NULL-SHA256
PSK_WITH_NULL_SHA384 PSK-NULL-SHA384
DHE_PSK_WITH_AES_128_CBC_SHA256 DHE-PSK-AES128-CBC-SHA256
DHE_PSK_WITH_AES_256_CBC_SHA384 DHE-PSK-AES256-CBC-SHA384
DHE_PSK_WITH_NULL_SHA256 DHE-PSK-NULL-SHA256
DHE_PSK_WITH_NULL_SHA384 DHE-PSK-NULL-SHA384
RSA_PSK_WITH_AES_128_CBC_SHA256 RSA-PSK-AES128-CBC-SHA256
RSA_PSK_WITH_AES_256_CBC_SHA384 RSA-PSK-AES256-CBC-SHA384
RSA_PSK_WITH_NULL_SHA256 RSA-PSK-NULL-SHA256
RSA_PSK_WITH_NULL_SHA384 RSA-PSK-NULL-SHA384
PSK_WITH_AES_128_GCM_SHA256 PSK-AES128-GCM-SHA256
PSK_WITH_AES_256_GCM_SHA384 PSK-AES256-GCM-SHA384
ECDHE_PSK_WITH_RC4_128_SHA ECDHE-PSK-RC4-SHA
ECDHE_PSK_WITH_3DES_EDE_CBC_SHA ECDHE-PSK-3DES-EDE-CBC-SHA
ECDHE_PSK_WITH_AES_128_CBC_SHA ECDHE-PSK-AES128-CBC-SHA
ECDHE_PSK_WITH_AES_256_CBC_SHA ECDHE-PSK-AES256-CBC-SHA
ECDHE_PSK_WITH_AES_128_CBC_SHA256 ECDHE-PSK-AES128-CBC-SHA256
ECDHE_PSK_WITH_AES_256_CBC_SHA384 ECDHE-PSK-AES256-CBC-SHA384
ECDHE_PSK_WITH_NULL_SHA ECDHE-PSK-NULL-SHA
ECDHE_PSK_WITH_NULL_SHA256 ECDHE-PSK-NULL-SHA256
ECDHE_PSK_WITH_NULL_SHA384 ECDHE-PSK-NULL-SHA384
PSK_WITH_CAMELLIA_128_CBC_SHA256 PSK-CAMELLIA128-SHA256
PSK_WITH_CAMELLIA_256_CBC_SHA384 PSK-CAMELLIA256-SHA384
DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 DHE-PSK-CAMELLIA128-SHA256
DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 DHE-PSK-CAMELLIA256-SHA384
RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 RSA-PSK-CAMELLIA128-SHA256
RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 RSA-PSK-CAMELLIA256-SHA384
ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-PSK-CAMELLIA128-SHA256
ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 ECDHE-PSK-CAMELLIA256-SHA384
PSK_WITH_AES_128_CCM PSK-AES128-CCM
PSK_WITH_AES_256_CCM PSK-AES256-CCM
DHE_PSK_WITH_AES_128_CCM DHE-PSK-AES128-CCM
DHE_PSK_WITH_AES_256_CCM DHE-PSK-AES256-CCM
PSK_WITH_AES_128_CCM_8 PSK-AES128-CCM8
PSK_WITH_AES_256_CCM_8 PSK-AES256-CCM8
DHE_PSK_WITH_AES_128_CCM_8 DHE-PSK-AES128-CCM8
DHE_PSK_WITH_AES_256_CCM_8 DHE-PSK-AES256-CCM8</code></pre>
<h2 id="ChaCha20-Poly1305-cipher-suites-extending-TLS-v1.2">ChaCha20-Poly1305 cipher suites, extending TLS v1.2</h2>
<pre><code>TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDHE-RSA-CHACHA20-POLY1305
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 ECDHE-ECDSA-CHACHA20-POLY1305
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 DHE-RSA-CHACHA20-POLY1305
TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 PSK-CHACHA20-POLY1305
TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 ECDHE-PSK-CHACHA20-POLY1305
TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 DHE-PSK-CHACHA20-POLY1305
TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 RSA-PSK-CHACHA20-POLY1305</code></pre>
<h2 id="TLS-v1.3-cipher-suites">TLS v1.3 cipher suites</h2>
<pre><code>TLS_AES_128_GCM_SHA256 TLS_AES_128_GCM_SHA256
TLS_AES_256_GCM_SHA384 TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256 TLS_CHACHA20_POLY1305_SHA256
TLS_AES_128_CCM_SHA256 TLS_AES_128_CCM_SHA256
TLS_AES_128_CCM_8_SHA256 TLS_AES_128_CCM_8_SHA256</code></pre>
<h2 id="Older-names-used-by-OpenSSL">Older names used by OpenSSL</h2>
<p>The following names are accepted by older releases:</p>
<pre><code>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA EDH-RSA-DES-CBC3-SHA (DHE-RSA-DES-CBC3-SHA)
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA EDH-DSS-DES-CBC3-SHA (DHE-DSS-DES-CBC3-SHA)</code></pre>
<h1 id="NOTES">NOTES</h1>
<p>Some compiled versions of OpenSSL may not include all the ciphers listed here because some ciphers were excluded at compile time.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Verbose listing of all OpenSSL ciphers including NULL ciphers:</p>
<pre><code>openssl ciphers -v &#39;ALL:eNULL&#39;</code></pre>
<p>Include all ciphers except NULL and anonymous DH then sort by strength:</p>
<pre><code>openssl ciphers -v &#39;ALL:!ADH:@STRENGTH&#39;</code></pre>
<p>Include all ciphers except ones with no encryption (eNULL) or no authentication (aNULL):</p>
<pre><code>openssl ciphers -v &#39;ALL:!aNULL&#39;</code></pre>
<p>Include only 3DES ciphers and then place RSA ciphers last:</p>
<pre><code>openssl ciphers -v &#39;3DES:+RSA&#39;</code></pre>
<p>Include all RC4 ciphers but leave out those without authentication:</p>
<pre><code>openssl ciphers -v &#39;RC4:!COMPLEMENTOFDEFAULT&#39;</code></pre>
<p>Include all ciphers with RSA authentication but leave out ciphers without encryption.</p>
<pre><code>openssl ciphers -v &#39;RSA:!COMPLEMENTOFALL&#39;</code></pre>
<p>Set security level to 2 and display all ciphers consistent with level 2:</p>
<pre><code>openssl ciphers -s -v &#39;ALL:@SECLEVEL=2&#39;</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man1/s_client.html">s_client(1)</a>, <a href="../man1/s_server.html">s_server(1)</a>, <a href="../man7/ssl.html">ssl(7)</a></p>
<h1 id="HISTORY">HISTORY</h1>
<p>The <b>-V</b> option for the <b>ciphers</b> command was added in OpenSSL 1.0.0.</p>
<p>The <b>-stdname</b> is only available if OpenSSL is built with tracing enabled (<b>enable-ssl-trace</b> argument to Configure) before OpenSSL 1.1.1.</p>
<p>The <b>-convert</b> option was added in OpenSSL 1.1.1.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,638 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>cms</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXIT-CODES">EXIT CODES</a></li>
<li><a href="#COMPATIBILITY-WITH-PKCS-7-format">COMPATIBILITY WITH PKCS#7 format.</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-cms, cms - CMS utility</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl</b> <b>cms</b> [<b>-help</b>] [<b>-encrypt</b>] [<b>-decrypt</b>] [<b>-sign</b>] [<b>-verify</b>] [<b>-cmsout</b>] [<b>-resign</b>] [<b>-data_create</b>] [<b>-data_out</b>] [<b>-digest_create</b>] [<b>-digest_verify</b>] [<b>-compress</b>] [<b>-uncompress</b>] [<b>-EncryptedData_encrypt</b>] [<b>-sign_receipt</b>] [<b>-verify_receipt receipt</b>] [<b>-in filename</b>] [<b>-inform SMIME|PEM|DER</b>] [<b>-rctform SMIME|PEM|DER</b>] [<b>-out filename</b>] [<b>-outform SMIME|PEM|DER</b>] [<b>-stream -indef -noindef</b>] [<b>-noindef</b>] [<b>-content filename</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-print</b>] [<b>-CAfile file</b>] [<b>-CApath dir</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-attime timestamp</b>] [<b>-check_ss_sig</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-explicit_policy</b>] [<b>-extended_crl</b>] [<b>-ignore_critical</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-no_check_time</b>] [<b>-partial_chain</b>] [<b>-policy arg</b>] [<b>-policy_check</b>] [<b>-policy_print</b>] [<b>-purpose purpose</b>] [<b>-suiteB_128</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_192</b>] [<b>-trusted_first</b>] [<b>-no_alt_chains</b>] [<b>-use_deltas</b>] [<b>-auth_level num</b>] [<b>-verify_depth num</b>] [<b>-verify_email email</b>] [<b>-verify_hostname hostname</b>] [<b>-verify_ip ip</b>] [<b>-verify_name name</b>] [<b>-x509_strict</b>] [<b>-md digest</b>] [<b>-<i>cipher</i></b>] [<b>-nointern</b>] [<b>-noverify</b>] [<b>-nocerts</b>] [<b>-noattr</b>] [<b>-nosmimecap</b>] [<b>-binary</b>] [<b>-crlfeol</b>] [<b>-asciicrlf</b>] [<b>-nodetach</b>] [<b>-certfile file</b>] [<b>-certsout file</b>] [<b>-signer file</b>] [<b>-recip file</b>] [<b>-keyid</b>] [<b>-receipt_request_all</b>] [<b>-receipt_request_first</b>] [<b>-receipt_request_from emailaddress</b>] [<b>-receipt_request_to emailaddress</b>] [<b>-receipt_request_print</b>] [<b>-secretkey key</b>] [<b>-secretkeyid id</b>] [<b>-econtent_type type</b>] [<b>-inkey file</b>] [<b>-keyopt name:parameter</b>] [<b>-passin arg</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>cert.pem...</b>] [<b>-to addr</b>] [<b>-from addr</b>] [<b>-subject subj</b>] [cert.pem]...</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>cms</b> command handles S/MIME v3.1 mail. It can encrypt, decrypt, sign and verify, compress and uncompress S/MIME messages.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<p>There are fourteen operation options that set the type of operation to be performed. The meaning of the other options varies according to the operation type.</p>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="encrypt"><b>-encrypt</b></dt>
<dd>
<p>Encrypt mail for the given recipient certificates. Input file is the message to be encrypted. The output file is the encrypted mail in MIME format. The actual CMS type is &lt;B&gt;EnvelopedData&lt;B&gt;.</p>
<p>Note that no revocation check is done for the recipient cert, so if that key has been compromised, others may be able to decrypt the text.</p>
</dd>
<dt id="decrypt"><b>-decrypt</b></dt>
<dd>
<p>Decrypt mail using the supplied certificate and private key. Expects an encrypted mail message in MIME format for the input file. The decrypted mail is written to the output file.</p>
</dd>
<dt id="debug_decrypt"><b>-debug_decrypt</b></dt>
<dd>
<p>This option sets the <b>CMS_DEBUG_DECRYPT</b> flag. This option should be used with caution: see the notes section below.</p>
</dd>
<dt id="sign"><b>-sign</b></dt>
<dd>
<p>Sign mail using the supplied certificate and private key. Input file is the message to be signed. The signed message in MIME format is written to the output file.</p>
</dd>
<dt id="verify"><b>-verify</b></dt>
<dd>
<p>Verify signed mail. Expects a signed mail message on input and outputs the signed data. Both clear text and opaque signing is supported.</p>
</dd>
<dt id="cmsout"><b>-cmsout</b></dt>
<dd>
<p>Takes an input message and writes out a PEM encoded CMS structure.</p>
</dd>
<dt id="resign"><b>-resign</b></dt>
<dd>
<p>Resign a message: take an existing message and one or more new signers.</p>
</dd>
<dt id="data_create"><b>-data_create</b></dt>
<dd>
<p>Create a CMS <b>Data</b> type.</p>
</dd>
<dt id="data_out"><b>-data_out</b></dt>
<dd>
<p><b>Data</b> type and output the content.</p>
</dd>
<dt id="digest_create"><b>-digest_create</b></dt>
<dd>
<p>Create a CMS <b>DigestedData</b> type.</p>
</dd>
<dt id="digest_verify"><b>-digest_verify</b></dt>
<dd>
<p>Verify a CMS <b>DigestedData</b> type and output the content.</p>
</dd>
<dt id="compress"><b>-compress</b></dt>
<dd>
<p>Create a CMS <b>CompressedData</b> type. OpenSSL must be compiled with <b>zlib</b> support for this option to work, otherwise it will output an error.</p>
</dd>
<dt id="uncompress"><b>-uncompress</b></dt>
<dd>
<p>Uncompress a CMS <b>CompressedData</b> type and output the content. OpenSSL must be compiled with <b>zlib</b> support for this option to work, otherwise it will output an error.</p>
</dd>
<dt id="EncryptedData_encrypt"><b>-EncryptedData_encrypt</b></dt>
<dd>
<p>Encrypt content using supplied symmetric key and algorithm using a CMS <b>EncryptedData</b> type and output the content.</p>
</dd>
<dt id="sign_receipt"><b>-sign_receipt</b></dt>
<dd>
<p>Generate and output a signed receipt for the supplied message. The input message <b>must</b> contain a signed receipt request. Functionality is otherwise similar to the <b>-sign</b> operation.</p>
</dd>
<dt id="verify_receipt-receipt"><b>-verify_receipt receipt</b></dt>
<dd>
<p>Verify a signed receipt in filename <b>receipt</b>. The input message <b>must</b> contain the original receipt request. Functionality is otherwise similar to the <b>-verify</b> operation.</p>
</dd>
<dt id="in-filename"><b>-in filename</b></dt>
<dd>
<p>The input message to be encrypted or signed or the message to be decrypted or verified.</p>
</dd>
<dt id="inform-SMIME-PEM-DER"><b>-inform SMIME|PEM|DER</b></dt>
<dd>
<p>This specifies the input format for the CMS structure. The default is <b>SMIME</b> which reads an S/MIME format message. <b>PEM</b> and <b>DER</b> format change this to expect PEM and DER format CMS structures instead. This currently only affects the input format of the CMS structure, if no CMS structure is being input (for example with <b>-encrypt</b> or <b>-sign</b>) this option has no effect.</p>
</dd>
<dt id="rctform-SMIME-PEM-DER"><b>-rctform SMIME|PEM|DER</b></dt>
<dd>
<p>Specify the format for a signed receipt for use with the <b>-receipt_verify</b> operation.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>The message text that has been decrypted or verified or the output MIME format message that has been signed or verified.</p>
</dd>
<dt id="outform-SMIME-PEM-DER"><b>-outform SMIME|PEM|DER</b></dt>
<dd>
<p>This specifies the output format for the CMS structure. The default is <b>SMIME</b> which writes an S/MIME format message. <b>PEM</b> and <b>DER</b> format change this to write PEM and DER format CMS structures instead. This currently only affects the output format of the CMS structure, if no CMS structure is being output (for example with <b>-verify</b> or <b>-decrypt</b>) this option has no effect.</p>
</dd>
<dt id="stream--indef--noindef"><b>-stream -indef -noindef</b></dt>
<dd>
<p>The <b>-stream</b> and <b>-indef</b> options are equivalent and enable streaming I/O for encoding operations. This permits single pass processing of data without the need to hold the entire contents in memory, potentially supporting very large files. Streaming is automatically set for S/MIME signing with detached data if the output format is <b>SMIME</b> it is currently off by default for all other operations.</p>
</dd>
<dt id="noindef"><b>-noindef</b></dt>
<dd>
<p>Disable streaming I/O where it would produce and indefinite length constructed encoding. This option currently has no effect. In future streaming will be enabled by default on all relevant operations and this option will disable it.</p>
</dd>
<dt id="content-filename"><b>-content filename</b></dt>
<dd>
<p>This specifies a file containing the detached content, this is only useful with the <b>-verify</b> command. This is only usable if the CMS structure is using the detached signature form where the content is not included. This option will override any content if the input format is S/MIME and it uses the multipart/signed MIME content type.</p>
</dd>
<dt id="text"><b>-text</b></dt>
<dd>
<p>This option adds plain text (text/plain) MIME headers to the supplied message if encrypting or signing. If decrypting or verifying it strips off text headers: if the decrypted or verified message is not of MIME type text/plain then an error occurs.</p>
</dd>
<dt id="noout"><b>-noout</b></dt>
<dd>
<p>For the <b>-cmsout</b> operation do not output the parsed CMS structure. This is useful when combined with the <b>-print</b> option or if the syntax of the CMS structure is being checked.</p>
</dd>
<dt id="print"><b>-print</b></dt>
<dd>
<p>For the <b>-cmsout</b> operation print out all fields of the CMS structure. This is mainly useful for testing purposes.</p>
</dd>
<dt id="CAfile-file"><b>-CAfile file</b></dt>
<dd>
<p>A file containing trusted CA certificates, only used with <b>-verify</b>.</p>
</dd>
<dt id="CApath-dir"><b>-CApath dir</b></dt>
<dd>
<p>A directory containing trusted CA certificates, only used with <b>-verify</b>. This directory must be a standard certificate directory: that is a hash of each subject name (using <b>x509 -hash</b>) should be linked to each certificate.</p>
</dd>
<dt id="no-CAfile"><b>-no-CAfile</b></dt>
<dd>
<p>Do not load the trusted CA certificates from the default file location</p>
</dd>
<dt id="no-CApath"><b>-no-CApath</b></dt>
<dd>
<p>Do not load the trusted CA certificates from the default directory location</p>
</dd>
<dt id="md-digest"><b>-md digest</b></dt>
<dd>
<p>Digest algorithm to use when signing or resigning. If not present then the default digest algorithm for the signing key will be used (usually SHA1).</p>
</dd>
<dt id="cipher"><b>-<i>cipher</i></b></dt>
<dd>
<p>The encryption algorithm to use. For example triple DES (168 bits) - <b>-des3</b> or 256 bit AES - <b>-aes256</b>. Any standard algorithm name (as used by the EVP_get_cipherbyname() function) can also be used preceded by a dash, for example <b>-aes-128-cbc</b>. See <a href="../man1/enc.html">enc(1)</a> for a list of ciphers supported by your version of OpenSSL.</p>
<p>If not specified triple DES is used. Only used with <b>-encrypt</b> and <b>-EncryptedData_create</b> commands.</p>
</dd>
<dt id="nointern"><b>-nointern</b></dt>
<dd>
<p>When verifying a message normally certificates (if any) included in the message are searched for the signing certificate. With this option only the certificates specified in the <b>-certfile</b> option are used. The supplied certificates can still be used as untrusted CAs however.</p>
</dd>
<dt id="noverify"><b>-noverify</b></dt>
<dd>
<p>Do not verify the signers certificate of a signed message.</p>
</dd>
<dt id="nocerts"><b>-nocerts</b></dt>
<dd>
<p>When signing a message the signer&#39;s certificate is normally included with this option it is excluded. This will reduce the size of the signed message but the verifier must have a copy of the signers certificate available locally (passed using the <b>-certfile</b> option for example).</p>
</dd>
<dt id="noattr"><b>-noattr</b></dt>
<dd>
<p>Normally when a message is signed a set of attributes are included which include the signing time and supported symmetric algorithms. With this option they are not included.</p>
</dd>
<dt id="nosmimecap"><b>-nosmimecap</b></dt>
<dd>
<p>Exclude the list of supported algorithms from signed attributes, other options such as signing time and content type are still included.</p>
</dd>
<dt id="binary"><b>-binary</b></dt>
<dd>
<p>Normally the input message is converted to &quot;canonical&quot; format which is effectively using CR and LF as end of line: as required by the S/MIME specification. When this option is present no translation occurs. This is useful when handling binary data which may not be in MIME format.</p>
</dd>
<dt id="crlfeol"><b>-crlfeol</b></dt>
<dd>
<p>Normally the output file uses a single <b>LF</b> as end of line. When this option is present <b>CRLF</b> is used instead.</p>
</dd>
<dt id="asciicrlf"><b>-asciicrlf</b></dt>
<dd>
<p>When signing use ASCII CRLF format canonicalisation. This strips trailing whitespace from all lines, deletes trailing blank lines at EOF and sets the encapsulated content type. This option is normally used with detached content and an output signature format of DER. This option is not normally needed when verifying as it is enabled automatically if the encapsulated content format is detected.</p>
</dd>
<dt id="nodetach"><b>-nodetach</b></dt>
<dd>
<p>When signing a message use opaque signing: this form is more resistant to translation by mail relays but it cannot be read by mail agents that do not support S/MIME. Without this option cleartext signing with the MIME type multipart/signed is used.</p>
</dd>
<dt id="certfile-file"><b>-certfile file</b></dt>
<dd>
<p>Allows additional certificates to be specified. When signing these will be included with the message. When verifying these will be searched for the signers certificates. The certificates should be in PEM format.</p>
</dd>
<dt id="certsout-file"><b>-certsout file</b></dt>
<dd>
<p>Any certificates contained in the message are written to <b>file</b>.</p>
</dd>
<dt id="signer-file"><b>-signer file</b></dt>
<dd>
<p>A signing certificate when signing or resigning a message, this option can be used multiple times if more than one signer is required. If a message is being verified then the signers certificates will be written to this file if the verification was successful.</p>
</dd>
<dt id="recip-file"><b>-recip file</b></dt>
<dd>
<p>When decrypting a message this specifies the recipients certificate. The certificate must match one of the recipients of the message or an error occurs.</p>
<p>When encrypting a message this option may be used multiple times to specify each recipient. This form <b>must</b> be used if customised parameters are required (for example to specify RSA-OAEP).</p>
<p>Only certificates carrying RSA, Diffie-Hellman or EC keys are supported by this option.</p>
</dd>
<dt id="keyid"><b>-keyid</b></dt>
<dd>
<p>Use subject key identifier to identify certificates instead of issuer name and serial number. The supplied certificate <b>must</b> include a subject key identifier extension. Supported by <b>-sign</b> and <b>-encrypt</b> options.</p>
</dd>
<dt id="receipt_request_all--receipt_request_first"><b>-receipt_request_all</b>, <b>-receipt_request_first</b></dt>
<dd>
<p>For <b>-sign</b> option include a signed receipt request. Indicate requests should be provided by all recipient or first tier recipients (those mailed directly and not from a mailing list). Ignored it <b>-receipt_request_from</b> is included.</p>
</dd>
<dt id="receipt_request_from-emailaddress"><b>-receipt_request_from emailaddress</b></dt>
<dd>
<p>For <b>-sign</b> option include a signed receipt request. Add an explicit email address where receipts should be supplied.</p>
</dd>
<dt id="receipt_request_to-emailaddress"><b>-receipt_request_to emailaddress</b></dt>
<dd>
<p>Add an explicit email address where signed receipts should be sent to. This option <b>must</b> but supplied if a signed receipt it requested.</p>
</dd>
<dt id="receipt_request_print"><b>-receipt_request_print</b></dt>
<dd>
<p>For the <b>-verify</b> operation print out the contents of any signed receipt requests.</p>
</dd>
<dt id="secretkey-key"><b>-secretkey key</b></dt>
<dd>
<p>Specify symmetric key to use. The key must be supplied in hex format and be consistent with the algorithm used. Supported by the <b>-EncryptedData_encrypt</b> <b>-EncryptedData_decrypt</b>, <b>-encrypt</b> and <b>-decrypt</b> options. When used with <b>-encrypt</b> or <b>-decrypt</b> the supplied key is used to wrap or unwrap the content encryption key using an AES key in the <b>KEKRecipientInfo</b> type.</p>
</dd>
<dt id="secretkeyid-id"><b>-secretkeyid id</b></dt>
<dd>
<p>The key identifier for the supplied symmetric key for <b>KEKRecipientInfo</b> type. This option <b>must</b> be present if the <b>-secretkey</b> option is used with <b>-encrypt</b>. With <b>-decrypt</b> operations the <b>id</b> is used to locate the relevant key if it is not supplied then an attempt is used to decrypt any <b>KEKRecipientInfo</b> structures.</p>
</dd>
<dt id="econtent_type-type"><b>-econtent_type type</b></dt>
<dd>
<p>Set the encapsulated content type to <b>type</b> if not supplied the <b>Data</b> type is used. The <b>type</b> argument can be any valid OID name in either text or numerical format.</p>
</dd>
<dt id="inkey-file"><b>-inkey file</b></dt>
<dd>
<p>The private key to use when signing or decrypting. This must match the corresponding certificate. If this option is not specified then the private key must be included in the certificate file specified with the <b>-recip</b> or <b>-signer</b> file. When signing this option can be used multiple times to specify successive keys.</p>
</dd>
<dt id="keyopt-name:opt"><b>-keyopt name:opt</b></dt>
<dd>
<p>For signing and encryption this option can be used multiple times to set customised parameters for the preceding key or certificate. It can currently be used to set RSA-PSS for signing, RSA-OAEP for encryption or to modify default parameters for ECDH.</p>
</dd>
<dt id="passin-arg"><b>-passin arg</b></dt>
<dd>
<p>The private key password source. For more information about the format of <b>arg</b> see <a href="../man1/openssl.html">&quot;Pass Phrase Options&quot; in openssl(1)</a>.</p>
</dd>
<dt id="rand-file"><b>-rand file...</b></dt>
<dd>
<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
</dd>
<dt id="writerand-file">[<b>-writerand file</b>]</dt>
<dd>
<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
</dd>
<dt id="cert.pem"><b>cert.pem...</b></dt>
<dd>
<p>One or more certificates of message recipients: used when encrypting a message.</p>
</dd>
<dt id="to--from--subject"><b>-to, -from, -subject</b></dt>
<dd>
<p>The relevant mail headers. These are included outside the signed portion of a message so they may be included manually. If signing then many S/MIME mail clients check the signers certificate&#39;s email address matches that specified in the From: address.</p>
</dd>
<dt id="attime--check_ss_sig--crl_check--crl_check_all--explicit_policy--extended_crl--ignore_critical--inhibit_any--inhibit_map--no_alt_chains--no_check_time--partial_chain--policy--policy_check--policy_print--purpose--suiteB_128--suiteB_128_only--suiteB_192--trusted_first--use_deltas--auth_level--verify_depth--verify_email--verify_hostname--verify_ip--verify_name--x509_strict"><b>-attime</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-no_alt_chains</b>, <b>-no_check_time</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, <b>-x509_strict</b></dt>
<dd>
<p>Set various certificate chain validation options. See the <a href="../man1/verify.html">verify(1)</a> manual page for details.</p>
</dd>
</dl>
<h1 id="NOTES">NOTES</h1>
<p>The MIME message must be sent without any blank lines between the headers and the output. Some mail programs will automatically add a blank line. Piping the mail directly to sendmail is one way to achieve the correct format.</p>
<p>The supplied message to be signed or encrypted must include the necessary MIME headers or many S/MIME clients won&#39;t display it properly (if at all). You can use the <b>-text</b> option to automatically add plain text headers.</p>
<p>A &quot;signed and encrypted&quot; message is one where a signed message is then encrypted. This can be produced by encrypting an already signed message: see the examples section.</p>
<p>This version of the program only allows one signer per message but it will verify multiple signers on received messages. Some S/MIME clients choke if a message contains multiple signers. It is possible to sign messages &quot;in parallel&quot; by signing an already signed message.</p>
<p>The options <b>-encrypt</b> and <b>-decrypt</b> reflect common usage in S/MIME clients. Strictly speaking these process CMS enveloped data: CMS encrypted data is used for other purposes.</p>
<p>The <b>-resign</b> option uses an existing message digest when adding a new signer. This means that attributes must be present in at least one existing signer using the same message digest or this operation will fail.</p>
<p>The <b>-stream</b> and <b>-indef</b> options enable streaming I/O support. As a result the encoding is BER using indefinite length constructed encoding and no longer DER. Streaming is supported for the <b>-encrypt</b> operation and the <b>-sign</b> operation if the content is not detached.</p>
<p>Streaming is always used for the <b>-sign</b> operation with detached data but since the content is no longer part of the CMS structure the encoding remains DER.</p>
<p>If the <b>-decrypt</b> option is used without a recipient certificate then an attempt is made to locate the recipient by trying each potential recipient in turn using the supplied private key. To thwart the MMA attack (Bleichenbacher&#39;s attack on PKCS #1 v1.5 RSA padding) all recipients are tried whether they succeed or not and if no recipients match the message is &quot;decrypted&quot; using a random key which will typically output garbage. The <b>-debug_decrypt</b> option can be used to disable the MMA attack protection and return an error if no recipient can be found: this option should be used with caution. For a fuller description see <a href="../man3/CMS_decrypt.html">CMS_decrypt(3)</a>).</p>
<h1 id="EXIT-CODES">EXIT CODES</h1>
<dl>
<dt id="pod0">0</dt>
<dd>
<p>The operation was completely successfully.</p>
</dd>
<dt id="pod1">1</dt>
<dd>
<p>An error occurred parsing the command options.</p>
</dd>
<dt id="pod2">2</dt>
<dd>
<p>One of the input files could not be read.</p>
</dd>
<dt id="pod3">3</dt>
<dd>
<p>An error occurred creating the CMS file or when reading the MIME message.</p>
</dd>
<dt id="pod4">4</dt>
<dd>
<p>An error occurred decrypting or verifying the message.</p>
</dd>
<dt id="pod5">5</dt>
<dd>
<p>The message was verified correctly but an error occurred writing out the signers certificates.</p>
</dd>
</dl>
<h1 id="COMPATIBILITY-WITH-PKCS-7-format">COMPATIBILITY WITH PKCS#7 format.</h1>
<p>The <b>smime</b> utility can only process the older <b>PKCS#7</b> format. The <b>cms</b> utility supports Cryptographic Message Syntax format. Use of some features will result in messages which cannot be processed by applications which only support the older format. These are detailed below.</p>
<p>The use of the <b>-keyid</b> option with <b>-sign</b> or <b>-encrypt</b>.</p>
<p>The <b>-outform PEM</b> option uses different headers.</p>
<p>The <b>-compress</b> option.</p>
<p>The <b>-secretkey</b> option when used with <b>-encrypt</b>.</p>
<p>The use of PSS with <b>-sign</b>.</p>
<p>The use of OAEP or non-RSA keys with <b>-encrypt</b>.</p>
<p>Additionally the <b>-EncryptedData_create</b> and <b>-data_create</b> type cannot be processed by the older <b>smime</b> command.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Create a cleartext signed message:</p>
<pre><code>openssl cms -sign -in message.txt -text -out mail.msg \
-signer mycert.pem</code></pre>
<p>Create an opaque signed message</p>
<pre><code>openssl cms -sign -in message.txt -text -out mail.msg -nodetach \
-signer mycert.pem</code></pre>
<p>Create a signed message, include some additional certificates and read the private key from another file:</p>
<pre><code>openssl cms -sign -in in.txt -text -out mail.msg \
-signer mycert.pem -inkey mykey.pem -certfile mycerts.pem</code></pre>
<p>Create a signed message with two signers, use key identifier:</p>
<pre><code>openssl cms -sign -in message.txt -text -out mail.msg \
-signer mycert.pem -signer othercert.pem -keyid</code></pre>
<p>Send a signed message under Unix directly to sendmail, including headers:</p>
<pre><code>openssl cms -sign -in in.txt -text -signer mycert.pem \
-from steve@openssl.org -to someone@somewhere \
-subject &quot;Signed message&quot; | sendmail someone@somewhere</code></pre>
<p>Verify a message and extract the signer&#39;s certificate if successful:</p>
<pre><code>openssl cms -verify -in mail.msg -signer user.pem -out signedtext.txt</code></pre>
<p>Send encrypted mail using triple DES:</p>
<pre><code>openssl cms -encrypt -in in.txt -from steve@openssl.org \
-to someone@somewhere -subject &quot;Encrypted message&quot; \
-des3 user.pem -out mail.msg</code></pre>
<p>Sign and encrypt mail:</p>
<pre><code>openssl cms -sign -in ml.txt -signer my.pem -text \
| openssl cms -encrypt -out mail.msg \
-from steve@openssl.org -to someone@somewhere \
-subject &quot;Signed and Encrypted message&quot; -des3 user.pem</code></pre>
<p>Note: the encryption command does not include the <b>-text</b> option because the message being encrypted already has MIME headers.</p>
<p>Decrypt mail:</p>
<pre><code>openssl cms -decrypt -in mail.msg -recip mycert.pem -inkey key.pem</code></pre>
<p>The output from Netscape form signing is a PKCS#7 structure with the detached signature format. You can use this program to verify the signature by line wrapping the base64 encoded structure and surrounding it with:</p>
<pre><code>-----BEGIN PKCS7-----
-----END PKCS7-----</code></pre>
<p>and using the command,</p>
<pre><code>openssl cms -verify -inform PEM -in signature.pem -content content.txt</code></pre>
<p>alternatively you can base64 decode the signature and use</p>
<pre><code>openssl cms -verify -inform DER -in signature.der -content content.txt</code></pre>
<p>Create an encrypted message using 128 bit Camellia:</p>
<pre><code>openssl cms -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem</code></pre>
<p>Add a signer to an existing message:</p>
<pre><code>openssl cms -resign -in mail.msg -signer newsign.pem -out mail2.msg</code></pre>
<p>Sign mail using RSA-PSS:</p>
<pre><code>openssl cms -sign -in message.txt -text -out mail.msg \
-signer mycert.pem -keyopt rsa_padding_mode:pss</code></pre>
<p>Create encrypted mail using RSA-OAEP:</p>
<pre><code>openssl cms -encrypt -in plain.txt -out mail.msg \
-recip cert.pem -keyopt rsa_padding_mode:oaep</code></pre>
<p>Use SHA256 KDF with an ECDH certificate:</p>
<pre><code>openssl cms -encrypt -in plain.txt -out mail.msg \
-recip ecdhcert.pem -keyopt ecdh_kdf_md:sha256</code></pre>
<h1 id="BUGS">BUGS</h1>
<p>The MIME parser isn&#39;t very clever: it seems to handle most messages that I&#39;ve thrown at it but it may choke on others.</p>
<p>The code currently will only write out the signer&#39;s certificate to a file: if the signer has a separate encryption certificate this must be manually extracted. There should be some heuristic that determines the correct encryption certificate.</p>
<p>Ideally a database should be maintained of a certificates for each email address.</p>
<p>The code doesn&#39;t currently take note of the permitted symmetric encryption algorithms as supplied in the SMIMECapabilities signed attribute. this means the user has to manually include the correct encryption algorithm. It should store the list of permitted ciphers in a database and only use those.</p>
<p>No revocation checking is done on the signer&#39;s certificate.</p>
<p>The <b>-binary</b> option does not work correctly when processing text input which (contrary to the S/MIME specification) uses LF rather than CRLF line endings.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>The use of multiple <b>-signer</b> options and the <b>-resign</b> command were first added in OpenSSL 1.0.0.</p>
<p>The <b>keyopt</b> option was added in OpenSSL 1.0.2.</p>
<p>Support for RSA-OAEP and RSA-PSS was added in OpenSSL 1.0.2.</p>
<p>The use of non-RSA keys with <b>-encrypt</b> and <b>-decrypt</b> was added in OpenSSL 1.0.2.</p>
<p>The -no_alt_chains option was added in OpenSSL 1.0.2b.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,170 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>crl</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-crl, crl - CRL utility</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl</b> <b>crl</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-text</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-nameopt option</b>] [<b>-noout</b>] [<b>-hash</b>] [<b>-issuer</b>] [<b>-lastupdate</b>] [<b>-nextupdate</b>] [<b>-CAfile file</b>] [<b>-CApath dir</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>crl</b> command processes CRL files in DER or PEM format.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
<dd>
<p>This specifies the input format. <b>DER</b> format is DER encoded CRL structure. <b>PEM</b> (the default) is a base64 encoded version of the DER form with header and footer lines.</p>
</dd>
<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
<dd>
<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
</dd>
<dt id="in-filename"><b>-in filename</b></dt>
<dd>
<p>This specifies the input filename to read from or standard input if this option is not specified.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>Specifies the output filename to write to or standard output by default.</p>
</dd>
<dt id="text"><b>-text</b></dt>
<dd>
<p>Print out the CRL in text form.</p>
</dd>
<dt id="nameopt-option"><b>-nameopt option</b></dt>
<dd>
<p>Option which determines how the subject or issuer names are displayed. See the description of <b>-nameopt</b> in <a href="../man1/x509.html">x509(1)</a>.</p>
</dd>
<dt id="noout"><b>-noout</b></dt>
<dd>
<p>Don&#39;t output the encoded version of the CRL.</p>
</dd>
<dt id="hash"><b>-hash</b></dt>
<dd>
<p>Output a hash of the issuer name. This can be use to lookup CRLs in a directory by issuer name.</p>
</dd>
<dt id="hash_old"><b>-hash_old</b></dt>
<dd>
<p>Outputs the &quot;hash&quot; of the CRL issuer name using the older algorithm as used by OpenSSL before version 1.0.0.</p>
</dd>
<dt id="issuer"><b>-issuer</b></dt>
<dd>
<p>Output the issuer name.</p>
</dd>
<dt id="lastupdate"><b>-lastupdate</b></dt>
<dd>
<p>Output the lastUpdate field.</p>
</dd>
<dt id="nextupdate"><b>-nextupdate</b></dt>
<dd>
<p>Output the nextUpdate field.</p>
</dd>
<dt id="CAfile-file"><b>-CAfile file</b></dt>
<dd>
<p>Verify the signature on a CRL by looking up the issuing certificate in <b>file</b>.</p>
</dd>
<dt id="CApath-dir"><b>-CApath dir</b></dt>
<dd>
<p>Verify the signature on a CRL by looking up the issuing certificate in <b>dir</b>. This directory must be a standard certificate directory: that is a hash of each subject name (using <b>x509 -hash</b>) should be linked to each certificate.</p>
</dd>
</dl>
<h1 id="NOTES">NOTES</h1>
<p>The PEM CRL format uses the header and footer lines:</p>
<pre><code>-----BEGIN X509 CRL-----
-----END X509 CRL-----</code></pre>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Convert a CRL file from PEM to DER:</p>
<pre><code>openssl crl -in crl.pem -outform DER -out crl.der</code></pre>
<p>Output the text form of a DER encoded certificate:</p>
<pre><code>openssl crl -in crl.der -inform DER -text -noout</code></pre>
<h1 id="BUGS">BUGS</h1>
<p>Ideally it should be possible to create a CRL using appropriate options and files too.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man1/crl2pkcs7.html">crl2pkcs7(1)</a>, <a href="../man1/ca.html">ca(1)</a>, <a href="../man1/x509.html">x509(1)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,119 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>crl2pkcs7</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-crl2pkcs7, crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl</b> <b>crl2pkcs7</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-certfile filename</b>] [<b>-nocrl</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>crl2pkcs7</b> command takes an optional CRL and one or more certificates and converts them into a PKCS#7 degenerate &quot;certificates only&quot; structure.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
<dd>
<p>This specifies the CRL input format. <b>DER</b> format is DER encoded CRL structure.<b>PEM</b> (the default) is a base64 encoded version of the DER form with header and footer lines. The default format is PEM.</p>
</dd>
<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
<dd>
<p>This specifies the PKCS#7 structure output format. <b>DER</b> format is DER encoded PKCS#7 structure.<b>PEM</b> (the default) is a base64 encoded version of the DER form with header and footer lines. The default format is PEM.</p>
</dd>
<dt id="in-filename"><b>-in filename</b></dt>
<dd>
<p>This specifies the input filename to read a CRL from or standard input if this option is not specified.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>Specifies the output filename to write the PKCS#7 structure to or standard output by default.</p>
</dd>
<dt id="certfile-filename"><b>-certfile filename</b></dt>
<dd>
<p>Specifies a filename containing one or more certificates in <b>PEM</b> format. All certificates in the file will be added to the PKCS#7 structure. This option can be used more than once to read certificates from multiple files.</p>
</dd>
<dt id="nocrl"><b>-nocrl</b></dt>
<dd>
<p>Normally a CRL is included in the output file. With this option no CRL is included in the output file and a CRL is not read from the input file.</p>
</dd>
</dl>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Create a PKCS#7 structure from a certificate and CRL:</p>
<pre><code>openssl crl2pkcs7 -in crl.pem -certfile cert.pem -out p7.pem</code></pre>
<p>Creates a PKCS#7 structure in DER format with no CRL from several different certificates:</p>
<pre><code>openssl crl2pkcs7 -nocrl -certfile newcert.pem
-certfile demoCA/cacert.pem -outform DER -out p7.der</code></pre>
<h1 id="NOTES">NOTES</h1>
<p>The output file is a PKCS#7 signed data structure containing no signers and just certificates and an optional CRL.</p>
<p>This utility can be used to send certificates and CAs to Netscape as part of the certificate enrollment process. This involves sending the DER encoded output as MIME type application/x-x509-user-cert.</p>
<p>The <b>PEM</b> encoded form with the header and footer lines removed can be used to install user certificates and CAs in MSIE using the Xenroll control.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man1/pkcs7.html">pkcs7(1)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,250 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>dgst</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-dgst, dgst - perform digest operations</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl dgst</b> [<b>-<i>digest</i></b>] [<b>-help</b>] [<b>-c</b>] [<b>-d</b>] [<b>-list</b>] [<b>-hex</b>] [<b>-binary</b>] [<b>-r</b>] [<b>-out filename</b>] [<b>-sign filename</b>] [<b>-keyform arg</b>] [<b>-passin arg</b>] [<b>-verify filename</b>] [<b>-prverify filename</b>] [<b>-signature filename</b>] [<b>-sigopt nm:v</b>] [<b>-hmac key</b>] [<b>-fips-fingerprint</b>] [<b>-rand file...</b>] [<b>-engine id</b>] [<b>-engine_impl</b>] [<b>file...</b>]</p>
<p><b>openssl</b> <i>digest</i> [<b>...</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The digest functions output the message digest of a supplied file or files in hexadecimal. The digest functions also generate and verify digital signatures using message digests.</p>
<p>The generic name, <b>dgst</b>, may be used with an option specifying the algorithm to be used. The default digest is <i>sha256</i>. A supported <i>digest</i> name may also be used as the command name. To see the list of supported algorithms, use the <i>list --digest-commands</i> command.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="digest"><b>-<i>digest</i></b></dt>
<dd>
<p>Specifies name of a supported digest to be used. To see the list of supported digests, use the command <i>list --digest-commands</i>.</p>
</dd>
<dt id="c"><b>-c</b></dt>
<dd>
<p>Print out the digest in two digit groups separated by colons, only relevant if <b>hex</b> format output is used.</p>
</dd>
<dt id="d"><b>-d</b></dt>
<dd>
<p>Print out BIO debugging information.</p>
</dd>
<dt id="list"><b>-list</b></dt>
<dd>
<p>Prints out a list of supported message digests.</p>
</dd>
<dt id="hex"><b>-hex</b></dt>
<dd>
<p>Digest is to be output as a hex dump. This is the default case for a &quot;normal&quot; digest as opposed to a digital signature. See NOTES below for digital signatures using <b>-hex</b>.</p>
</dd>
<dt id="binary"><b>-binary</b></dt>
<dd>
<p>Output the digest or signature in binary form.</p>
</dd>
<dt id="r"><b>-r</b></dt>
<dd>
<p>Output the digest in the &quot;coreutils&quot; format, including newlines. Used by programs like <b>sha1sum</b>.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>Filename to output to, or standard output by default.</p>
</dd>
<dt id="sign-filename"><b>-sign filename</b></dt>
<dd>
<p>Digitally sign the digest using the private key in &quot;filename&quot;. Note this option does not support Ed25519 or Ed448 private keys.</p>
</dd>
<dt id="keyform-arg"><b>-keyform arg</b></dt>
<dd>
<p>Specifies the key format to sign digest with. The DER, PEM, P12, and ENGINE formats are supported.</p>
</dd>
<dt id="sigopt-nm:v"><b>-sigopt nm:v</b></dt>
<dd>
<p>Pass options to the signature algorithm during sign or verify operations. Names and values of these options are algorithm-specific.</p>
</dd>
<dt id="passin-arg"><b>-passin arg</b></dt>
<dd>
<p>The private key password source. For more information about the format of <b>arg</b> see <a href="../man1/openssl.html">&quot;Pass Phrase Options&quot; in openssl(1)</a>.</p>
</dd>
<dt id="verify-filename"><b>-verify filename</b></dt>
<dd>
<p>Verify the signature using the public key in &quot;filename&quot;. The output is either &quot;Verification OK&quot; or &quot;Verification Failure&quot;.</p>
</dd>
<dt id="prverify-filename"><b>-prverify filename</b></dt>
<dd>
<p>Verify the signature using the private key in &quot;filename&quot;.</p>
</dd>
<dt id="signature-filename"><b>-signature filename</b></dt>
<dd>
<p>The actual signature to verify.</p>
</dd>
<dt id="hmac-key"><b>-hmac key</b></dt>
<dd>
<p>Create a hashed MAC using &quot;key&quot;.</p>
</dd>
<dt id="mac-alg"><b>-mac alg</b></dt>
<dd>
<p>Create MAC (keyed Message Authentication Code). The most popular MAC algorithm is HMAC (hash-based MAC), but there are other MAC algorithms which are not based on hash, for instance <b>gost-mac</b> algorithm, supported by <b>ccgost</b> engine. MAC keys and other options should be set via <b>-macopt</b> parameter.</p>
</dd>
<dt id="macopt-nm:v"><b>-macopt nm:v</b></dt>
<dd>
<p>Passes options to MAC algorithm, specified by <b>-mac</b> key. Following options are supported by both by <b>HMAC</b> and <b>gost-mac</b>:</p>
<dl>
<dt id="key:string"><b>key:string</b></dt>
<dd>
<p>Specifies MAC key as alphanumeric string (use if key contain printable characters only). String length must conform to any restrictions of the MAC algorithm for example exactly 32 chars for gost-mac.</p>
</dd>
<dt id="hexkey:string"><b>hexkey:string</b></dt>
<dd>
<p>Specifies MAC key in hexadecimal form (two hex digits per byte). Key length must conform to any restrictions of the MAC algorithm for example exactly 32 chars for gost-mac.</p>
</dd>
</dl>
</dd>
<dt id="rand-file"><b>-rand file...</b></dt>
<dd>
<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
</dd>
<dt id="writerand-file">[<b>-writerand file</b>]</dt>
<dd>
<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
</dd>
<dt id="fips-fingerprint"><b>-fips-fingerprint</b></dt>
<dd>
<p>Compute HMAC using a specific key for certain OpenSSL-FIPS operations.</p>
</dd>
<dt id="engine-id"><b>-engine id</b></dt>
<dd>
<p>Use engine <b>id</b> for operations (including private key storage). This engine is not used as source for digest algorithms, unless it is also specified in the configuration file or <b>-engine_impl</b> is also specified.</p>
</dd>
<dt id="engine_impl"><b>-engine_impl</b></dt>
<dd>
<p>When used with the <b>-engine</b> option, it specifies to also use engine <b>id</b> for digest operations.</p>
</dd>
<dt id="file"><b>file...</b></dt>
<dd>
<p>File or files to digest. If no files are specified then standard input is used.</p>
</dd>
</dl>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>To create a hex-encoded message digest of a file: openssl dgst -md5 -hex file.txt</p>
<p>To sign a file using SHA-256 with binary file output: openssl dgst -sha256 -sign privatekey.pem -out signature.sign file.txt</p>
<p>To verify a signature: openssl dgst -sha256 -verify publickey.pem \ -signature signature.sign \ file.txt</p>
<h1 id="NOTES">NOTES</h1>
<p>The digest mechanisms that are available will depend on the options used when building OpenSSL. The <b>list digest-commands</b> command can be used to list them.</p>
<p>New or agile applications should use probably use SHA-256. Other digests, particularly SHA-1 and MD5, are still widely used for interoperating with existing formats and protocols.</p>
<p>When signing a file, <b>dgst</b> will automatically determine the algorithm (RSA, ECC, etc) to use for signing based on the private key&#39;s ASN.1 info. When verifying signatures, it only handles the RSA, DSA, or ECDSA signature itself, not the related data to identify the signer and algorithm used in formats such as x.509, CMS, and S/MIME.</p>
<p>A source of random numbers is required for certain signing algorithms, in particular ECDSA and DSA.</p>
<p>The signing and verify options should only be used if a single file is being signed or verified.</p>
<p>Hex signatures cannot be verified using <b>openssl</b>. Instead, use &quot;xxd -r&quot; or similar program to transform the hex signature into a binary signature prior to verification.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>The default digest was changed from MD5 to SHA256 in OpenSSL 1.1.0. The FIPS-related options were removed in OpenSSL 1.1.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,170 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>dhparam</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#WARNINGS">WARNINGS</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-dhparam, dhparam - DH parameter manipulation and generation</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl dhparam</b> [<b>-help</b>] [<b>-inform DER|PEM</b>] [<b>-outform DER|PEM</b>] [<b>-in</b> <i>filename</i>] [<b>-out</b> <i>filename</i>] [<b>-dsaparam</b>] [<b>-check</b>] [<b>-noout</b>] [<b>-text</b>] [<b>-C</b>] [<b>-2</b>] [<b>-5</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>] [<i>numbits</i>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>This command is used to manipulate DH parameter files.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
<dd>
<p>This specifies the input format. The <b>DER</b> option uses an ASN1 DER encoded form compatible with the PKCS#3 DHparameter structure. The PEM form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines.</p>
</dd>
<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
<dd>
<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
</dd>
<dt id="in-filename"><b>-in</b> <i>filename</i></dt>
<dd>
<p>This specifies the input filename to read parameters from or standard input if this option is not specified.</p>
</dd>
<dt id="out-filename"><b>-out</b> <i>filename</i></dt>
<dd>
<p>This specifies the output filename parameters to. Standard output is used if this option is not present. The output filename should <b>not</b> be the same as the input filename.</p>
</dd>
<dt id="dsaparam"><b>-dsaparam</b></dt>
<dd>
<p>If this option is used, DSA rather than DH parameters are read or created; they are converted to DH format. Otherwise, &quot;strong&quot; primes (such that (p-1)/2 is also prime) will be used for DH parameter generation.</p>
<p>DH parameter generation with the <b>-dsaparam</b> option is much faster, and the recommended exponent length is shorter, which makes DH key exchange more efficient. Beware that with such DSA-style DH parameters, a fresh DH key should be created for each use to avoid small-subgroup attacks that may be possible otherwise.</p>
</dd>
<dt id="check"><b>-check</b></dt>
<dd>
<p>Performs numerous checks to see if the supplied parameters are valid and displays a warning if not.</p>
</dd>
<dt id="pod-2--5"><b>-2</b>, <b>-5</b></dt>
<dd>
<p>The generator to use, either 2 or 5. If present then the input file is ignored and parameters are generated instead. If not present but <b>numbits</b> is present, parameters are generated with the default generator 2.</p>
</dd>
<dt id="rand-file"><b>-rand file...</b></dt>
<dd>
<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
</dd>
<dt id="writerand-file">[<b>-writerand file</b>]</dt>
<dd>
<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
</dd>
<dt id="numbits"><i>numbits</i></dt>
<dd>
<p>This option specifies that a parameter set should be generated of size <i>numbits</i>. It must be the last option. If this option is present then the input file is ignored and parameters are generated instead. If this option is not present but a generator (<b>-2</b> or <b>-5</b>) is present, parameters are generated with a default length of 2048 bits.</p>
</dd>
<dt id="noout"><b>-noout</b></dt>
<dd>
<p>This option inhibits the output of the encoded version of the parameters.</p>
</dd>
<dt id="text"><b>-text</b></dt>
<dd>
<p>This option prints out the DH parameters in human readable form.</p>
</dd>
<dt id="C"><b>-C</b></dt>
<dd>
<p>This option converts the parameters into C code. The parameters can then be loaded by calling the get_dhNNNN() function.</p>
</dd>
<dt id="engine-id"><b>-engine id</b></dt>
<dd>
<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>dhparam</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
</dd>
</dl>
<h1 id="WARNINGS">WARNINGS</h1>
<p>The program <b>dhparam</b> combines the functionality of the programs <b>dh</b> and <b>gendh</b> in previous versions of OpenSSL. The <b>dh</b> and <b>gendh</b> programs are retained for now but may have different purposes in future versions of OpenSSL.</p>
<h1 id="NOTES">NOTES</h1>
<p>PEM format DH parameters use the header and footer lines:</p>
<pre><code>-----BEGIN DH PARAMETERS-----
-----END DH PARAMETERS-----</code></pre>
<p>OpenSSL currently only supports the older PKCS#3 DH, not the newer X9.42 DH.</p>
<p>This program manipulates DH parameters not keys.</p>
<h1 id="BUGS">BUGS</h1>
<p>There should be a way to generate and manipulate DH keys.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man1/dsaparam.html">dsaparam(1)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,178 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>dsa</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-dsa, dsa - DSA key processing</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl</b> <b>dsa</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-aes128</b>] [<b>-aes192</b>] [<b>-aes256</b>] [<b>-aria128</b>] [<b>-aria192</b>] [<b>-aria256</b>] [<b>-camellia128</b>] [<b>-camellia192</b>] [<b>-camellia256</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-modulus</b>] [<b>-pubin</b>] [<b>-pubout</b>] [<b>-engine id</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>dsa</b> command processes DSA keys. They can be converted between various forms and their components printed out. <b>Note</b> This command uses the traditional SSLeay compatible format for private key encryption: newer applications should use the more secure PKCS#8 format using the <b>pkcs8</b></p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
<dd>
<p>This specifies the input format. The <b>DER</b> option with a private key uses an ASN1 DER encoded form of an ASN.1 SEQUENCE consisting of the values of version (currently zero), p, q, g, the public and private key components respectively as ASN.1 INTEGERs. When used with a public key it uses a SubjectPublicKeyInfo structure: it is an error if the key is not DSA.</p>
<p>The <b>PEM</b> form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines. In the case of a private key PKCS#8 format is also accepted.</p>
</dd>
<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
<dd>
<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
</dd>
<dt id="in-filename"><b>-in filename</b></dt>
<dd>
<p>This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for.</p>
</dd>
<dt id="passin-arg"><b>-passin arg</b></dt>
<dd>
<p>The input file password source. For more information about the format of <b>arg</b> see <a href="../man1/openssl.html">&quot;Pass Phrase Options&quot; in openssl(1)</a>.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>This specifies the output filename to write a key to or standard output by is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should <b>not</b> be the same as the input filename.</p>
</dd>
<dt id="passout-arg"><b>-passout arg</b></dt>
<dd>
<p>The output file password source. For more information about the format of <b>arg</b> see <a href="../man1/openssl.html">&quot;Pass Phrase Options&quot; in openssl(1)</a>.</p>
</dd>
<dt id="aes128--aes192--aes256--aria128--aria192--aria256--camellia128--camellia192--camellia256--des--des3--idea"><b>-aes128</b>, <b>-aes192</b>, <b>-aes256</b>, <b>-aria128</b>, <b>-aria192</b>, <b>-aria256</b>, <b>-camellia128</b>, <b>-camellia192</b>, <b>-camellia256</b>, <b>-des</b>, <b>-des3</b>, <b>-idea</b></dt>
<dd>
<p>These options encrypt the private key with the specified cipher before outputting it. A pass phrase is prompted for. If none of these options is specified the key is written in plain text. This means that using the <b>dsa</b> utility to read in an encrypted key with no encryption option can be used to remove the pass phrase from a key, or by setting the encryption options it can be use to add or change the pass phrase. These options can only be used with PEM format output files.</p>
</dd>
<dt id="text"><b>-text</b></dt>
<dd>
<p>Prints out the public, private key components and parameters.</p>
</dd>
<dt id="noout"><b>-noout</b></dt>
<dd>
<p>This option prevents output of the encoded version of the key.</p>
</dd>
<dt id="modulus"><b>-modulus</b></dt>
<dd>
<p>This option prints out the value of the public key component of the key.</p>
</dd>
<dt id="pubin"><b>-pubin</b></dt>
<dd>
<p>By default, a private key is read from the input file. With this option a public key is read instead.</p>
</dd>
<dt id="pubout"><b>-pubout</b></dt>
<dd>
<p>By default, a private key is output. With this option a public key will be output instead. This option is automatically set if the input is a public key.</p>
</dd>
<dt id="engine-id"><b>-engine id</b></dt>
<dd>
<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>dsa</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
</dd>
</dl>
<h1 id="NOTES">NOTES</h1>
<p>The PEM private key format uses the header and footer lines:</p>
<pre><code>-----BEGIN DSA PRIVATE KEY-----
-----END DSA PRIVATE KEY-----</code></pre>
<p>The PEM public key format uses the header and footer lines:</p>
<pre><code>-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----</code></pre>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>To remove the pass phrase on a DSA private key:</p>
<pre><code>openssl dsa -in key.pem -out keyout.pem</code></pre>
<p>To encrypt a private key using triple DES:</p>
<pre><code>openssl dsa -in key.pem -des3 -out keyout.pem</code></pre>
<p>To convert a private key from PEM to DER format:</p>
<pre><code>openssl dsa -in key.pem -outform DER -out keyout.der</code></pre>
<p>To print out the components of a private key to standard output:</p>
<pre><code>openssl dsa -in key.pem -text -noout</code></pre>
<p>To just output the public part of a private key:</p>
<pre><code>openssl dsa -in key.pem -pubout -out pubkey.pem</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man1/dsaparam.html">dsaparam(1)</a>, <a href="../man1/gendsa.html">gendsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,144 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>dsaparam</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-dsaparam, dsaparam - DSA parameter manipulation and generation</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl dsaparam</b> [<b>-help</b>] [<b>-inform DER|PEM</b>] [<b>-outform DER|PEM</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-noout</b>] [<b>-text</b>] [<b>-C</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-genkey</b>] [<b>-engine id</b>] [<b>numbits</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>This command is used to manipulate or generate DSA parameter files.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
<dd>
<p>This specifies the input format. The <b>DER</b> option uses an ASN1 DER encoded form compatible with RFC2459 (PKIX) DSS-Parms that is a SEQUENCE consisting of p, q and g respectively. The PEM form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines.</p>
</dd>
<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
<dd>
<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
</dd>
<dt id="in-filename"><b>-in filename</b></dt>
<dd>
<p>This specifies the input filename to read parameters from or standard input if this option is not specified. If the <b>numbits</b> parameter is included then this option will be ignored.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>This specifies the output filename parameters to. Standard output is used if this option is not present. The output filename should <b>not</b> be the same as the input filename.</p>
</dd>
<dt id="noout"><b>-noout</b></dt>
<dd>
<p>This option inhibits the output of the encoded version of the parameters.</p>
</dd>
<dt id="text"><b>-text</b></dt>
<dd>
<p>This option prints out the DSA parameters in human readable form.</p>
</dd>
<dt id="C"><b>-C</b></dt>
<dd>
<p>This option converts the parameters into C code. The parameters can then be loaded by calling the get_dsaXXX() function.</p>
</dd>
<dt id="genkey"><b>-genkey</b></dt>
<dd>
<p>This option will generate a DSA either using the specified or generated parameters.</p>
</dd>
<dt id="rand-file"><b>-rand file...</b></dt>
<dd>
<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
</dd>
<dt id="writerand-file">[<b>-writerand file</b>]</dt>
<dd>
<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
</dd>
<dt id="numbits"><b>numbits</b></dt>
<dd>
<p>This option specifies that a parameter set should be generated of size <b>numbits</b>. It must be the last option. If this option is included then the input file (if any) is ignored.</p>
</dd>
<dt id="engine-id"><b>-engine id</b></dt>
<dd>
<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>dsaparam</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
</dd>
</dl>
<h1 id="NOTES">NOTES</h1>
<p>PEM format DSA parameters use the header and footer lines:</p>
<pre><code>-----BEGIN DSA PARAMETERS-----
-----END DSA PARAMETERS-----</code></pre>
<p>DSA parameter generation is a slow process and as a result the same set of DSA parameters is often used to generate several distinct keys.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man1/gendsa.html">gendsa(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,198 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ec</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-ec, ec - EC key processing</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl</b> <b>ec</b> [<b>-help</b>] [<b>-inform PEM|DER</b>] [<b>-outform PEM|DER</b>] [<b>-in filename</b>] [<b>-passin arg</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-text</b>] [<b>-noout</b>] [<b>-param_out</b>] [<b>-pubin</b>] [<b>-pubout</b>] [<b>-conv_form arg</b>] [<b>-param_enc arg</b>] [<b>-no_public</b>] [<b>-check</b>] [<b>-engine id</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>ec</b> command processes EC keys. They can be converted between various forms and their components printed out. <b>Note</b> OpenSSL uses the private key format specified in &#39;SEC 1: Elliptic Curve Cryptography&#39; (http://www.secg.org/). To convert an OpenSSL EC private key into the PKCS#8 private key format use the <b>pkcs8</b> command.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
<dd>
<p>This specifies the input format. The <b>DER</b> option with a private key uses an ASN.1 DER encoded SEC1 private key. When used with a public key it uses the SubjectPublicKeyInfo structure as specified in RFC 3280. The <b>PEM</b> form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines. In the case of a private key PKCS#8 format is also accepted.</p>
</dd>
<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
<dd>
<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
</dd>
<dt id="in-filename"><b>-in filename</b></dt>
<dd>
<p>This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for.</p>
</dd>
<dt id="passin-arg"><b>-passin arg</b></dt>
<dd>
<p>The input file password source. For more information about the format of <b>arg</b> see <a href="../man1/openssl.html">&quot;Pass Phrase Options&quot; in openssl(1)</a>.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>This specifies the output filename to write a key to or standard output by is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should <b>not</b> be the same as the input filename.</p>
</dd>
<dt id="passout-arg"><b>-passout arg</b></dt>
<dd>
<p>The output file password source. For more information about the format of <b>arg</b> see <a href="../man1/openssl.html">&quot;Pass Phrase Options&quot; in openssl(1)</a>.</p>
</dd>
<dt id="des--des3--idea"><b>-des|-des3|-idea</b></dt>
<dd>
<p>These options encrypt the private key with the DES, triple DES, IDEA or any other cipher supported by OpenSSL before outputting it. A pass phrase is prompted for. If none of these options is specified the key is written in plain text. This means that using the <b>ec</b> utility to read in an encrypted key with no encryption option can be used to remove the pass phrase from a key, or by setting the encryption options it can be use to add or change the pass phrase. These options can only be used with PEM format output files.</p>
</dd>
<dt id="text"><b>-text</b></dt>
<dd>
<p>Prints out the public, private key components and parameters.</p>
</dd>
<dt id="noout"><b>-noout</b></dt>
<dd>
<p>This option prevents output of the encoded version of the key.</p>
</dd>
<dt id="pubin"><b>-pubin</b></dt>
<dd>
<p>By default, a private key is read from the input file. With this option a public key is read instead.</p>
</dd>
<dt id="pubout"><b>-pubout</b></dt>
<dd>
<p>By default a private key is output. With this option a public key will be output instead. This option is automatically set if the input is a public key.</p>
</dd>
<dt id="conv_form"><b>-conv_form</b></dt>
<dd>
<p>This specifies how the points on the elliptic curve are converted into octet strings. Possible values are: <b>compressed</b> (the default value), <b>uncompressed</b> and <b>hybrid</b>. For more information regarding the point conversion forms please read the X9.62 standard. <b>Note</b> Due to patent issues the <b>compressed</b> option is disabled by default for binary curves and can be enabled by defining the preprocessor macro <b>OPENSSL_EC_BIN_PT_COMP</b> at compile time.</p>
</dd>
<dt id="param_enc-arg"><b>-param_enc arg</b></dt>
<dd>
<p>This specifies how the elliptic curve parameters are encoded. Possible value are: <b>named_curve</b>, i.e. the ec parameters are specified by an OID, or <b>explicit</b> where the ec parameters are explicitly given (see RFC 3279 for the definition of the EC parameters structures). The default value is <b>named_curve</b>. <b>Note</b> the <b>implicitlyCA</b> alternative, as specified in RFC 3279, is currently not implemented in OpenSSL.</p>
</dd>
<dt id="no_public"><b>-no_public</b></dt>
<dd>
<p>This option omits the public key components from the private key output.</p>
</dd>
<dt id="check"><b>-check</b></dt>
<dd>
<p>This option checks the consistency of an EC private or public key.</p>
</dd>
<dt id="engine-id"><b>-engine id</b></dt>
<dd>
<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>ec</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
</dd>
</dl>
<h1 id="NOTES">NOTES</h1>
<p>The PEM private key format uses the header and footer lines:</p>
<pre><code>-----BEGIN EC PRIVATE KEY-----
-----END EC PRIVATE KEY-----</code></pre>
<p>The PEM public key format uses the header and footer lines:</p>
<pre><code>-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----</code></pre>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>To encrypt a private key using triple DES:</p>
<pre><code>openssl ec -in key.pem -des3 -out keyout.pem</code></pre>
<p>To convert a private key from PEM to DER format:</p>
<pre><code>openssl ec -in key.pem -outform DER -out keyout.der</code></pre>
<p>To print out the components of a private key to standard output:</p>
<pre><code>openssl ec -in key.pem -text -noout</code></pre>
<p>To just output the public part of a private key:</p>
<pre><code>openssl ec -in key.pem -pubout -out pubkey.pem</code></pre>
<p>To change the parameters encoding to <b>explicit</b>:</p>
<pre><code>openssl ec -in key.pem -param_enc explicit -out keyout.pem</code></pre>
<p>To change the point conversion form to <b>compressed</b>:</p>
<pre><code>openssl ec -in key.pem -conv_form compressed -out keyout.pem</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man1/ecparam.html">ecparam(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2003-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,201 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ecparam</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-ecparam, ecparam - EC parameter manipulation and generation</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl ecparam</b> [<b>-help</b>] [<b>-inform DER|PEM</b>] [<b>-outform DER|PEM</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-noout</b>] [<b>-text</b>] [<b>-C</b>] [<b>-check</b>] [<b>-name arg</b>] [<b>-list_curves</b>] [<b>-conv_form arg</b>] [<b>-param_enc arg</b>] [<b>-no_seed</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-genkey</b>] [<b>-engine id</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>This command is used to manipulate or generate EC parameter files.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="inform-DER-PEM"><b>-inform DER|PEM</b></dt>
<dd>
<p>This specifies the input format. The <b>DER</b> option uses an ASN.1 DER encoded form compatible with RFC 3279 EcpkParameters. The PEM form is the default format: it consists of the <b>DER</b> format base64 encoded with additional header and footer lines.</p>
</dd>
<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
<dd>
<p>This specifies the output format, the options have the same meaning and default as the <b>-inform</b> option.</p>
</dd>
<dt id="in-filename"><b>-in filename</b></dt>
<dd>
<p>This specifies the input filename to read parameters from or standard input if this option is not specified.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>This specifies the output filename parameters to. Standard output is used if this option is not present. The output filename should <b>not</b> be the same as the input filename.</p>
</dd>
<dt id="noout"><b>-noout</b></dt>
<dd>
<p>This option inhibits the output of the encoded version of the parameters.</p>
</dd>
<dt id="text"><b>-text</b></dt>
<dd>
<p>This option prints out the EC parameters in human readable form.</p>
</dd>
<dt id="C"><b>-C</b></dt>
<dd>
<p>This option converts the EC parameters into C code. The parameters can then be loaded by calling the get_ec_group_XXX() function.</p>
</dd>
<dt id="check"><b>-check</b></dt>
<dd>
<p>Validate the elliptic curve parameters.</p>
</dd>
<dt id="name-arg"><b>-name arg</b></dt>
<dd>
<p>Use the EC parameters with the specified &#39;short&#39; name. Use <b>-list_curves</b> to get a list of all currently implemented EC parameters.</p>
</dd>
<dt id="list_curves"><b>-list_curves</b></dt>
<dd>
<p>If this options is specified <b>ecparam</b> will print out a list of all currently implemented EC parameters names and exit.</p>
</dd>
<dt id="conv_form"><b>-conv_form</b></dt>
<dd>
<p>This specifies how the points on the elliptic curve are converted into octet strings. Possible values are: <b>compressed</b>, <b>uncompressed</b> (the default value) and <b>hybrid</b>. For more information regarding the point conversion forms please read the X9.62 standard. <b>Note</b> Due to patent issues the <b>compressed</b> option is disabled by default for binary curves and can be enabled by defining the preprocessor macro <b>OPENSSL_EC_BIN_PT_COMP</b> at compile time.</p>
</dd>
<dt id="param_enc-arg"><b>-param_enc arg</b></dt>
<dd>
<p>This specifies how the elliptic curve parameters are encoded. Possible value are: <b>named_curve</b>, i.e. the ec parameters are specified by an OID, or <b>explicit</b> where the ec parameters are explicitly given (see RFC 3279 for the definition of the EC parameters structures). The default value is <b>named_curve</b>. <b>Note</b> the <b>implicitlyCA</b> alternative, as specified in RFC 3279, is currently not implemented in OpenSSL.</p>
</dd>
<dt id="no_seed"><b>-no_seed</b></dt>
<dd>
<p>This option inhibits that the &#39;seed&#39; for the parameter generation is included in the ECParameters structure (see RFC 3279).</p>
</dd>
<dt id="genkey"><b>-genkey</b></dt>
<dd>
<p>This option will generate an EC private key using the specified parameters.</p>
</dd>
<dt id="rand-file"><b>-rand file...</b></dt>
<dd>
<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
</dd>
<dt id="writerand-file">[<b>-writerand file</b>]</dt>
<dd>
<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
</dd>
<dt id="engine-id"><b>-engine id</b></dt>
<dd>
<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>ecparam</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
</dd>
</dl>
<h1 id="NOTES">NOTES</h1>
<p>PEM format EC parameters use the header and footer lines:</p>
<pre><code>-----BEGIN EC PARAMETERS-----
-----END EC PARAMETERS-----</code></pre>
<p>OpenSSL is currently not able to generate new groups and therefore <b>ecparam</b> can only create EC parameters from known (named) curves.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>To create EC parameters with the group &#39;prime192v1&#39;:</p>
<pre><code>openssl ecparam -out ec_param.pem -name prime192v1</code></pre>
<p>To create EC parameters with explicit parameters:</p>
<pre><code>openssl ecparam -out ec_param.pem -name prime192v1 -param_enc explicit</code></pre>
<p>To validate given EC parameters:</p>
<pre><code>openssl ecparam -in ec_param.pem -check</code></pre>
<p>To create EC parameters and a private key:</p>
<pre><code>openssl ecparam -out ec_key.pem -name prime192v1 -genkey</code></pre>
<p>To change the point encoding to &#39;compressed&#39;:</p>
<pre><code>openssl ecparam -in ec_in.pem -out ec_out.pem -conv_form compressed</code></pre>
<p>To print out the EC parameters to standard output:</p>
<pre><code>openssl ecparam -in ec_param.pem -noout -text</code></pre>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man1/ec.html">ec(1)</a>, <a href="../man1/dsaparam.html">dsaparam(1)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2003-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,412 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>enc</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#SUPPORTED-CIPHERS">SUPPORTED CIPHERS</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-enc, enc - symmetric cipher routines</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl enc -<i>cipher</i></b> [<b>-help</b>] [<b>-list</b>] [<b>-ciphers</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-pass arg</b>] [<b>-e</b>] [<b>-d</b>] [<b>-a</b>] [<b>-base64</b>] [<b>-A</b>] [<b>-k password</b>] [<b>-kfile filename</b>] [<b>-K key</b>] [<b>-iv IV</b>] [<b>-S salt</b>] [<b>-salt</b>] [<b>-nosalt</b>] [<b>-z</b>] [<b>-md digest</b>] [<b>-iter count</b>] [<b>-pbkdf2</b>] [<b>-p</b>] [<b>-P</b>] [<b>-bufsize number</b>] [<b>-nopad</b>] [<b>-debug</b>] [<b>-none</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>]</p>
<p><b>openssl</b> <i>[cipher]</i> [<b>...</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The symmetric cipher commands allow data to be encrypted or decrypted using various block and stream ciphers using keys based on passwords or explicitly provided. Base64 encoding or decoding can also be performed either by itself or in addition to the encryption or decryption.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="list"><b>-list</b></dt>
<dd>
<p>List all supported ciphers.</p>
</dd>
<dt id="ciphers"><b>-ciphers</b></dt>
<dd>
<p>Alias of -list to display all supported ciphers.</p>
</dd>
<dt id="in-filename"><b>-in filename</b></dt>
<dd>
<p>The input filename, standard input by default.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>The output filename, standard output by default.</p>
</dd>
<dt id="pass-arg"><b>-pass arg</b></dt>
<dd>
<p>The password source. For more information about the format of <b>arg</b> see <a href="../man1/openssl.html">&quot;Pass Phrase Options&quot; in openssl(1)</a>.</p>
</dd>
<dt id="e"><b>-e</b></dt>
<dd>
<p>Encrypt the input data: this is the default.</p>
</dd>
<dt id="d"><b>-d</b></dt>
<dd>
<p>Decrypt the input data.</p>
</dd>
<dt id="a"><b>-a</b></dt>
<dd>
<p>Base64 process the data. This means that if encryption is taking place the data is base64 encoded after encryption. If decryption is set then the input data is base64 decoded before being decrypted.</p>
</dd>
<dt id="base64"><b>-base64</b></dt>
<dd>
<p>Same as <b>-a</b></p>
</dd>
<dt id="A"><b>-A</b></dt>
<dd>
<p>If the <b>-a</b> option is set then base64 process the data on one line.</p>
</dd>
<dt id="k-password"><b>-k password</b></dt>
<dd>
<p>The password to derive the key from. This is for compatibility with previous versions of OpenSSL. Superseded by the <b>-pass</b> argument.</p>
</dd>
<dt id="kfile-filename"><b>-kfile filename</b></dt>
<dd>
<p>Read the password to derive the key from the first line of <b>filename</b>. This is for compatibility with previous versions of OpenSSL. Superseded by the <b>-pass</b> argument.</p>
</dd>
<dt id="md-digest"><b>-md digest</b></dt>
<dd>
<p>Use the specified digest to create the key from the passphrase. The default algorithm is sha-256.</p>
</dd>
<dt id="iter-count"><b>-iter count</b></dt>
<dd>
<p>Use a given number of iterations on the password in deriving the encryption key. High values increase the time required to brute-force the resulting file. This option enables the use of PBKDF2 algorithm to derive the key.</p>
</dd>
<dt id="pbkdf2"><b>-pbkdf2</b></dt>
<dd>
<p>Use PBKDF2 algorithm with default iteration count unless otherwise specified.</p>
</dd>
<dt id="nosalt"><b>-nosalt</b></dt>
<dd>
<p>Don&#39;t use a salt in the key derivation routines. This option <b>SHOULD NOT</b> be used except for test purposes or compatibility with ancient versions of OpenSSL.</p>
</dd>
<dt id="salt"><b>-salt</b></dt>
<dd>
<p>Use salt (randomly generated or provide with <b>-S</b> option) when encrypting, this is the default.</p>
</dd>
<dt id="S-salt"><b>-S salt</b></dt>
<dd>
<p>The actual salt to use: this must be represented as a string of hex digits.</p>
</dd>
<dt id="K-key"><b>-K key</b></dt>
<dd>
<p>The actual key to use: this must be represented as a string comprised only of hex digits. If only the key is specified, the IV must additionally specified using the <b>-iv</b> option. When both a key and a password are specified, the key given with the <b>-K</b> option will be used and the IV generated from the password will be taken. It does not make much sense to specify both key and password.</p>
</dd>
<dt id="iv-IV"><b>-iv IV</b></dt>
<dd>
<p>The actual IV to use: this must be represented as a string comprised only of hex digits. When only the key is specified using the <b>-K</b> option, the IV must explicitly be defined. When a password is being specified using one of the other options, the IV is generated from this password.</p>
</dd>
<dt id="p"><b>-p</b></dt>
<dd>
<p>Print out the key and IV used.</p>
</dd>
<dt id="P"><b>-P</b></dt>
<dd>
<p>Print out the key and IV used then immediately exit: don&#39;t do any encryption or decryption.</p>
</dd>
<dt id="bufsize-number"><b>-bufsize number</b></dt>
<dd>
<p>Set the buffer size for I/O.</p>
</dd>
<dt id="nopad"><b>-nopad</b></dt>
<dd>
<p>Disable standard block padding.</p>
</dd>
<dt id="debug"><b>-debug</b></dt>
<dd>
<p>Debug the BIOs used for I/O.</p>
</dd>
<dt id="z"><b>-z</b></dt>
<dd>
<p>Compress or decompress encrypted data using zlib after encryption or before decryption. This option exists only if OpenSSL was compiled with the zlib or zlib-dynamic option.</p>
</dd>
<dt id="none"><b>-none</b></dt>
<dd>
<p>Use NULL cipher (no encryption or decryption of input).</p>
</dd>
<dt id="rand-file"><b>-rand file...</b></dt>
<dd>
<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
</dd>
<dt id="writerand-file">[<b>-writerand file</b>]</dt>
<dd>
<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
</dd>
</dl>
<h1 id="NOTES">NOTES</h1>
<p>The program can be called either as <b>openssl cipher</b> or <b>openssl enc -cipher</b>. The first form doesn&#39;t work with engine-provided ciphers, because this form is processed before the configuration file is read and any ENGINEs loaded. Use the <b>list</b> command to get a list of supported ciphers.</p>
<p>Engines which provide entirely new encryption algorithms (such as the ccgost engine which provides gost89 algorithm) should be configured in the configuration file. Engines specified on the command line using -engine options can only be used for hardware-assisted implementations of ciphers which are supported by the OpenSSL core or another engine specified in the configuration file.</p>
<p>When the enc command lists supported ciphers, ciphers provided by engines, specified in the configuration files are listed too.</p>
<p>A password will be prompted for to derive the key and IV if necessary.</p>
<p>The <b>-salt</b> option should <b>ALWAYS</b> be used if the key is being derived from a password unless you want compatibility with previous versions of OpenSSL.</p>
<p>Without the <b>-salt</b> option it is possible to perform efficient dictionary attacks on the password and to attack stream cipher encrypted data. The reason for this is that without the salt the same password always generates the same encryption key. When the salt is being used the first eight bytes of the encrypted data are reserved for the salt: it is generated at random when encrypting a file and read from the encrypted file when it is decrypted.</p>
<p>Some of the ciphers do not have large keys and others have security implications if not used correctly. A beginner is advised to just use a strong block cipher, such as AES, in CBC mode.</p>
<p>All the block ciphers normally use PKCS#5 padding, also known as standard block padding. This allows a rudimentary integrity or password check to be performed. However, since the chance of random data passing the test is better than 1 in 256 it isn&#39;t a very good test.</p>
<p>If padding is disabled then the input data must be a multiple of the cipher block length.</p>
<p>All RC2 ciphers have the same key and effective key length.</p>
<p>Blowfish and RC5 algorithms use a 128 bit key.</p>
<h1 id="SUPPORTED-CIPHERS">SUPPORTED CIPHERS</h1>
<p>Note that some of these ciphers can be disabled at compile time and some are available only if an appropriate engine is configured in the configuration file. The output of the <b>enc</b> command run with the <b>-ciphers</b> option (that is <b>openssl enc -ciphers</b>) produces a list of ciphers, supported by your version of OpenSSL, including ones provided by configured engines.</p>
<p>The <b>enc</b> program does not support authenticated encryption modes like CCM and GCM, and will not support such modes in the future. The <b>enc</b> interface by necessity must begin streaming output (e.g., to standard output when <b>-out</b> is not used) before the authentication tag could be validated, leading to the usage of <b>enc</b> in pipelines that begin processing untrusted data and are not capable of rolling back upon authentication failure. The AEAD modes currently in common use also suffer from catastrophic failure of confidentiality and/or integrity upon reuse of key/iv/nonce, and since <b>enc</b> places the entire burden of key/iv/nonce management upon the user, the risk of exposing AEAD modes is too great to allow. These key/iv/nonce management issues also affect other modes currently exposed in <b>enc</b>, but the failure modes are less extreme in these cases, and the functionality cannot be removed with a stable release branch. For bulk encryption of data, whether using authenticated encryption modes or other modes, <a href="../man1/cms.html">cms(1)</a> is recommended, as it provides a standard data format and performs the needed key/iv/nonce management.</p>
<pre><code>base64 Base 64
bf-cbc Blowfish in CBC mode
bf Alias for bf-cbc
blowfish Alias for bf-cbc
bf-cfb Blowfish in CFB mode
bf-ecb Blowfish in ECB mode
bf-ofb Blowfish in OFB mode
cast-cbc CAST in CBC mode
cast Alias for cast-cbc
cast5-cbc CAST5 in CBC mode
cast5-cfb CAST5 in CFB mode
cast5-ecb CAST5 in ECB mode
cast5-ofb CAST5 in OFB mode
chacha20 ChaCha20 algorithm
des-cbc DES in CBC mode
des Alias for des-cbc
des-cfb DES in CFB mode
des-ofb DES in OFB mode
des-ecb DES in ECB mode
des-ede-cbc Two key triple DES EDE in CBC mode
des-ede Two key triple DES EDE in ECB mode
des-ede-cfb Two key triple DES EDE in CFB mode
des-ede-ofb Two key triple DES EDE in OFB mode
des-ede3-cbc Three key triple DES EDE in CBC mode
des-ede3 Three key triple DES EDE in ECB mode
des3 Alias for des-ede3-cbc
des-ede3-cfb Three key triple DES EDE CFB mode
des-ede3-ofb Three key triple DES EDE in OFB mode
desx DESX algorithm.
gost89 GOST 28147-89 in CFB mode (provided by ccgost engine)
gost89-cnt `GOST 28147-89 in CNT mode (provided by ccgost engine)
idea-cbc IDEA algorithm in CBC mode
idea same as idea-cbc
idea-cfb IDEA in CFB mode
idea-ecb IDEA in ECB mode
idea-ofb IDEA in OFB mode
rc2-cbc 128 bit RC2 in CBC mode
rc2 Alias for rc2-cbc
rc2-cfb 128 bit RC2 in CFB mode
rc2-ecb 128 bit RC2 in ECB mode
rc2-ofb 128 bit RC2 in OFB mode
rc2-64-cbc 64 bit RC2 in CBC mode
rc2-40-cbc 40 bit RC2 in CBC mode
rc4 128 bit RC4
rc4-64 64 bit RC4
rc4-40 40 bit RC4
rc5-cbc RC5 cipher in CBC mode
rc5 Alias for rc5-cbc
rc5-cfb RC5 cipher in CFB mode
rc5-ecb RC5 cipher in ECB mode
rc5-ofb RC5 cipher in OFB mode
seed-cbc SEED cipher in CBC mode
seed Alias for seed-cbc
seed-cfb SEED cipher in CFB mode
seed-ecb SEED cipher in ECB mode
seed-ofb SEED cipher in OFB mode
sm4-cbc SM4 cipher in CBC mode
sm4 Alias for sm4-cbc
sm4-cfb SM4 cipher in CFB mode
sm4-ctr SM4 cipher in CTR mode
sm4-ecb SM4 cipher in ECB mode
sm4-ofb SM4 cipher in OFB mode
aes-[128|192|256]-cbc 128/192/256 bit AES in CBC mode
aes[128|192|256] Alias for aes-[128|192|256]-cbc
aes-[128|192|256]-cfb 128/192/256 bit AES in 128 bit CFB mode
aes-[128|192|256]-cfb1 128/192/256 bit AES in 1 bit CFB mode
aes-[128|192|256]-cfb8 128/192/256 bit AES in 8 bit CFB mode
aes-[128|192|256]-ctr 128/192/256 bit AES in CTR mode
aes-[128|192|256]-ecb 128/192/256 bit AES in ECB mode
aes-[128|192|256]-ofb 128/192/256 bit AES in OFB mode
aria-[128|192|256]-cbc 128/192/256 bit ARIA in CBC mode
aria[128|192|256] Alias for aria-[128|192|256]-cbc
aria-[128|192|256]-cfb 128/192/256 bit ARIA in 128 bit CFB mode
aria-[128|192|256]-cfb1 128/192/256 bit ARIA in 1 bit CFB mode
aria-[128|192|256]-cfb8 128/192/256 bit ARIA in 8 bit CFB mode
aria-[128|192|256]-ctr 128/192/256 bit ARIA in CTR mode
aria-[128|192|256]-ecb 128/192/256 bit ARIA in ECB mode
aria-[128|192|256]-ofb 128/192/256 bit ARIA in OFB mode
camellia-[128|192|256]-cbc 128/192/256 bit Camellia in CBC mode
camellia[128|192|256] Alias for camellia-[128|192|256]-cbc
camellia-[128|192|256]-cfb 128/192/256 bit Camellia in 128 bit CFB mode
camellia-[128|192|256]-cfb1 128/192/256 bit Camellia in 1 bit CFB mode
camellia-[128|192|256]-cfb8 128/192/256 bit Camellia in 8 bit CFB mode
camellia-[128|192|256]-ctr 128/192/256 bit Camellia in CTR mode
camellia-[128|192|256]-ecb 128/192/256 bit Camellia in ECB mode
camellia-[128|192|256]-ofb 128/192/256 bit Camellia in OFB mode</code></pre>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Just base64 encode a binary file:</p>
<pre><code>openssl base64 -in file.bin -out file.b64</code></pre>
<p>Decode the same file</p>
<pre><code>openssl base64 -d -in file.b64 -out file.bin</code></pre>
<p>Encrypt a file using AES-128 using a prompted password and PBKDF2 key derivation:</p>
<pre><code>openssl enc -aes128 -pbkdf2 -in file.txt -out file.aes128</code></pre>
<p>Decrypt a file using a supplied password:</p>
<pre><code>openssl enc -aes128 -pbkdf2 -d -in file.aes128 -out file.txt \
-pass pass:&lt;password&gt;</code></pre>
<p>Encrypt a file then base64 encode it (so it can be sent via mail for example) using AES-256 in CTR mode and PBKDF2 key derivation:</p>
<pre><code>openssl enc -aes-256-ctr -pbkdf2 -a -in file.txt -out file.aes256</code></pre>
<p>Base64 decode a file then decrypt it using a password supplied in a file:</p>
<pre><code>openssl enc -aes-256-ctr -pbkdf2 -d -a -in file.aes256 -out file.txt \
-pass file:&lt;passfile&gt;</code></pre>
<h1 id="BUGS">BUGS</h1>
<p>The <b>-A</b> option when used with large files doesn&#39;t work properly.</p>
<p>The <b>enc</b> program only supports a fixed number of algorithms with certain parameters. So if, for example, you want to use RC2 with a 76 bit key or RC4 with an 84 bit key you can&#39;t use this program.</p>
<h1 id="HISTORY">HISTORY</h1>
<p>The default digest was changed from MD5 to SHA256 in OpenSSL 1.1.0.</p>
<p>The <b>-list</b> option was added in OpenSSL 1.1.1e.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,133 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>engine</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#ENVIRONMENT">ENVIRONMENT</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-engine, engine - load and query engines</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl engine</b> [ <i>engine...</i> ] [<b>-v</b>] [<b>-vv</b>] [<b>-vvv</b>] [<b>-vvv</b>] [<b>-vvv</b>] [<b>-c</b>] [<b>-t</b>] [<b>-tt</b>] [<b>-pre</b> <i>command</i>] [<b>-post</b> <i>command</i>] [ <i>engine...</i> ]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>engine</b> command is used to query the status and capabilities of the specified <b>engine</b>&#39;s. Engines may be specified before and after all other command-line flags. Only those specified are queried.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="v--vv--vvv--vvvv"><b>-v</b> <b>-vv</b> <b>-vvv</b> <b>-vvvv</b></dt>
<dd>
<p>Provides information about each specified engine. The first flag lists all the possible run-time control commands; the second adds a description of each command; the third adds the input flags, and the final option adds the internal input flags.</p>
</dd>
<dt id="c"><b>-c</b></dt>
<dd>
<p>Lists the capabilities of each engine.</p>
</dd>
<dt id="t"><b>-t</b></dt>
<dd>
<p>Tests if each specified engine is available, and displays the answer.</p>
</dd>
<dt id="tt"><b>-tt</b></dt>
<dd>
<p>Displays an error trace for any unavailable engine.</p>
</dd>
<dt id="pre-command"><b>-pre</b> <i>command</i></dt>
<dd>
</dd>
<dt id="post-command"><b>-post</b> <i>command</i></dt>
<dd>
<p>Command-line configuration of engines. The <b>-pre</b> command is given to the engine before it is loaded and the <b>-post</b> command is given after the engine is loaded. The <i>command</i> is of the form <i>cmd:val</i> where <i>cmd</i> is the command, and <i>val</i> is the value for the command. See the example below.</p>
</dd>
</dl>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>To list all the commands available to a dynamic engine:</p>
<pre><code>$ openssl engine -t -tt -vvvv dynamic
(dynamic) Dynamic engine loading support
[ unavailable ]
SO_PATH: Specifies the path to the new ENGINE shared library
(input flags): STRING
NO_VCHECK: Specifies to continue even if version checking fails (boolean)
(input flags): NUMERIC
ID: Specifies an ENGINE id name for loading
(input flags): STRING
LIST_ADD: Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)
(input flags): NUMERIC
DIR_LOAD: Specifies whether to load from &#39;DIR_ADD&#39; directories (0=no,1=yes,2=mandatory)
(input flags): NUMERIC
DIR_ADD: Adds a directory from which ENGINEs can be loaded
(input flags): STRING
LOAD: Load up the ENGINE specified by other settings
(input flags): NO_INPUT</code></pre>
<p>To list the capabilities of the <i>rsax</i> engine:</p>
<pre><code>$ openssl engine -c
(rsax) RSAX engine support
[RSA]
(dynamic) Dynamic engine loading support</code></pre>
<h1 id="ENVIRONMENT">ENVIRONMENT</h1>
<dl>
<dt id="OPENSSL_ENGINES"><b>OPENSSL_ENGINES</b></dt>
<dd>
<p>The path to the engines directory.</p>
</dd>
</dl>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man5/config.html">config(5)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,64 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>errstr</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-errstr, errstr - lookup error codes</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl errstr error_code</b></p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>Sometimes an application will not load error message and only numerical forms will be available. The <b>errstr</b> utility can be used to display the meaning of the hex code. The hex code is the hex digits after the second colon.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<p>None.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>The error code:</p>
<pre><code>27594:error:2006D080:lib(32):func(109):reason(128):bss_file.c:107:</code></pre>
<p>can be displayed with:</p>
<pre><code>openssl errstr 2006D080</code></pre>
<p>to produce the error message:</p>
<pre><code>error:2006D080:BIO routines:BIO_new_file:no such file</code></pre>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2004-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,103 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>gendsa</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-gendsa, gendsa - generate a DSA private key from a set of parameters</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl</b> <b>gendsa</b> [<b>-help</b>] [<b>-out filename</b>] [<b>-aes128</b>] [<b>-aes192</b>] [<b>-aes256</b>] [<b>-aria128</b>] [<b>-aria192</b>] [<b>-aria256</b>] [<b>-camellia128</b>] [<b>-camellia192</b>] [<b>-camellia256</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>] [<b>paramfile</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>gendsa</b> command generates a DSA private key from a DSA parameter file (which will be typically generated by the <b>openssl dsaparam</b> command).</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>Output the key to the specified file. If this argument is not specified then standard output is used.</p>
</dd>
<dt id="aes128--aes192--aes256--aria128--aria192--aria256--camellia128--camellia192--camellia256--des--des3--idea"><b>-aes128</b>, <b>-aes192</b>, <b>-aes256</b>, <b>-aria128</b>, <b>-aria192</b>, <b>-aria256</b>, <b>-camellia128</b>, <b>-camellia192</b>, <b>-camellia256</b>, <b>-des</b>, <b>-des3</b>, <b>-idea</b></dt>
<dd>
<p>These options encrypt the private key with specified cipher before outputting it. A pass phrase is prompted for. If none of these options is specified no encryption is used.</p>
</dd>
<dt id="rand-file"><b>-rand file...</b></dt>
<dd>
<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
</dd>
<dt id="writerand-file">[<b>-writerand file</b>]</dt>
<dd>
<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
</dd>
<dt id="engine-id"><b>-engine id</b></dt>
<dd>
<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>gendsa</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
</dd>
<dt id="paramfile"><b>paramfile</b></dt>
<dd>
<p>This option specifies the DSA parameter file to use. The parameters in this file determine the size of the private key. DSA parameters can be generated and examined using the <b>openssl dsaparam</b> command.</p>
</dd>
</dl>
<h1 id="NOTES">NOTES</h1>
<p>DSA key generation is little more than random number generation so it is much quicker that RSA key generation for example.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man1/dsaparam.html">dsaparam(1)</a>, <a href="../man1/dsa.html">dsa(1)</a>, <a href="../man1/genrsa.html">genrsa(1)</a>, <a href="../man1/rsa.html">rsa(1)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,363 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>genpkey</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#KEY-GENERATION-OPTIONS">KEY GENERATION OPTIONS</a>
<ul>
<li><a href="#RSA-Key-Generation-Options">RSA Key Generation Options</a></li>
<li><a href="#RSA-PSS-Key-Generation-Options">RSA-PSS Key Generation Options</a></li>
<li><a href="#EC-Key-Generation-Options">EC Key Generation Options</a></li>
</ul>
</li>
<li><a href="#PARAMETER-GENERATION-OPTIONS">PARAMETER GENERATION OPTIONS</a>
<ul>
<li><a href="#DSA-Parameter-Generation-Options">DSA Parameter Generation Options</a></li>
<li><a href="#DH-Parameter-Generation-Options">DH Parameter Generation Options</a></li>
<li><a href="#EC-Parameter-Generation-Options">EC Parameter Generation Options</a></li>
</ul>
</li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-genpkey, genpkey - generate a private key</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl</b> <b>genpkey</b> [<b>-help</b>] [<b>-out filename</b>] [<b>-outform PEM|DER</b>] [<b>-pass arg</b>] [<b>-<i>cipher</i></b>] [<b>-engine id</b>] [<b>-paramfile file</b>] [<b>-algorithm alg</b>] [<b>-pkeyopt opt:value</b>] [<b>-genparam</b>] [<b>-text</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>genpkey</b> command generates a private key.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>Output the key to the specified file. If this argument is not specified then standard output is used.</p>
</dd>
<dt id="outform-DER-PEM"><b>-outform DER|PEM</b></dt>
<dd>
<p>This specifies the output format DER or PEM. The default format is PEM.</p>
</dd>
<dt id="pass-arg"><b>-pass arg</b></dt>
<dd>
<p>The output file password source. For more information about the format of <b>arg</b> see <a href="../man1/openssl.html">&quot;Pass Phrase Options&quot; in openssl(1)</a>.</p>
</dd>
<dt id="cipher"><b>-<i>cipher</i></b></dt>
<dd>
<p>This option encrypts the private key with the supplied cipher. Any algorithm name accepted by EVP_get_cipherbyname() is acceptable such as <b>des3</b>.</p>
</dd>
<dt id="engine-id"><b>-engine id</b></dt>
<dd>
<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>genpkey</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms. If used this option should precede all other options.</p>
</dd>
<dt id="algorithm-alg"><b>-algorithm alg</b></dt>
<dd>
<p>Public key algorithm to use such as RSA, DSA or DH. If used this option must precede any <b>-pkeyopt</b> options. The options <b>-paramfile</b> and <b>-algorithm</b> are mutually exclusive. Engines may add algorithms in addition to the standard built-in ones.</p>
<p>Valid built-in algorithm names for private key generation are RSA, RSA-PSS, EC, X25519, X448, ED25519 and ED448.</p>
<p>Valid built-in algorithm names for parameter generation (see the <b>-genparam</b> option) are DH, DSA and EC.</p>
<p>Note that the algorithm name X9.42 DH may be used as a synonym for the DH algorithm. These are identical and do not indicate the type of parameters that will be generated. Use the <b>dh_paramgen_type</b> option to indicate whether PKCS#3 or X9.42 DH parameters are required. See <a href="#DH-Parameter-Generation-Options">&quot;DH Parameter Generation Options&quot;</a> below for more details.</p>
</dd>
<dt id="pkeyopt-opt:value"><b>-pkeyopt opt:value</b></dt>
<dd>
<p>Set the public key algorithm option <b>opt</b> to <b>value</b>. The precise set of options supported depends on the public key algorithm used and its implementation. See <a href="#KEY-GENERATION-OPTIONS">&quot;KEY GENERATION OPTIONS&quot;</a> and <a href="#PARAMETER-GENERATION-OPTIONS">&quot;PARAMETER GENERATION OPTIONS&quot;</a> below for more details.</p>
</dd>
<dt id="genparam"><b>-genparam</b></dt>
<dd>
<p>Generate a set of parameters instead of a private key. If used this option must precede any <b>-algorithm</b>, <b>-paramfile</b> or <b>-pkeyopt</b> options.</p>
</dd>
<dt id="paramfile-filename"><b>-paramfile filename</b></dt>
<dd>
<p>Some public key algorithms generate a private key based on a set of parameters. They can be supplied using this option. If this option is used the public key algorithm used is determined by the parameters. If used this option must precede any <b>-pkeyopt</b> options. The options <b>-paramfile</b> and <b>-algorithm</b> are mutually exclusive.</p>
</dd>
<dt id="text"><b>-text</b></dt>
<dd>
<p>Print an (unencrypted) text representation of private and public keys and parameters along with the PEM or DER structure.</p>
</dd>
</dl>
<h1 id="KEY-GENERATION-OPTIONS">KEY GENERATION OPTIONS</h1>
<p>The options supported by each algorithm and indeed each implementation of an algorithm can vary. The options for the OpenSSL implementations are detailed below. There are no key generation options defined for the X25519, X448, ED25519 or ED448 algorithms.</p>
<h2 id="RSA-Key-Generation-Options">RSA Key Generation Options</h2>
<dl>
<dt id="rsa_keygen_bits:numbits"><b>rsa_keygen_bits:numbits</b></dt>
<dd>
<p>The number of bits in the generated key. If not specified 2048 is used.</p>
</dd>
<dt id="rsa_keygen_primes:numprimes"><b>rsa_keygen_primes:numprimes</b></dt>
<dd>
<p>The number of primes in the generated key. If not specified 2 is used.</p>
</dd>
<dt id="rsa_keygen_pubexp:value"><b>rsa_keygen_pubexp:value</b></dt>
<dd>
<p>The RSA public exponent value. This can be a large decimal or hexadecimal value if preceded by <b>0x</b>. Default value is 65537.</p>
</dd>
</dl>
<h2 id="RSA-PSS-Key-Generation-Options">RSA-PSS Key Generation Options</h2>
<p>Note: by default an <b>RSA-PSS</b> key has no parameter restrictions.</p>
<dl>
<dt id="rsa_keygen_bits:numbits-rsa_keygen_primes:numprimes-rsa_keygen_pubexp:value"><b>rsa_keygen_bits:numbits</b>, <b>rsa_keygen_primes:numprimes</b>, <b>rsa_keygen_pubexp:value</b></dt>
<dd>
<p>These options have the same meaning as the <b>RSA</b> algorithm.</p>
</dd>
<dt id="rsa_pss_keygen_md:digest"><b>rsa_pss_keygen_md:digest</b></dt>
<dd>
<p>If set the key is restricted and can only use <b>digest</b> for signing.</p>
</dd>
<dt id="rsa_pss_keygen_mgf1_md:digest"><b>rsa_pss_keygen_mgf1_md:digest</b></dt>
<dd>
<p>If set the key is restricted and can only use <b>digest</b> as it&#39;s MGF1 parameter.</p>
</dd>
<dt id="rsa_pss_keygen_saltlen:len"><b>rsa_pss_keygen_saltlen:len</b></dt>
<dd>
<p>If set the key is restricted and <b>len</b> specifies the minimum salt length.</p>
</dd>
</dl>
<h2 id="EC-Key-Generation-Options">EC Key Generation Options</h2>
<p>The EC key generation options can also be used for parameter generation.</p>
<dl>
<dt id="ec_paramgen_curve:curve"><b>ec_paramgen_curve:curve</b></dt>
<dd>
<p>The EC curve to use. OpenSSL supports NIST curve names such as &quot;P-256&quot;.</p>
</dd>
<dt id="ec_param_enc:encoding"><b>ec_param_enc:encoding</b></dt>
<dd>
<p>The encoding to use for parameters. The &quot;encoding&quot; parameter must be either &quot;named_curve&quot; or &quot;explicit&quot;. The default value is &quot;named_curve&quot;.</p>
</dd>
</dl>
<h1 id="PARAMETER-GENERATION-OPTIONS">PARAMETER GENERATION OPTIONS</h1>
<p>The options supported by each algorithm and indeed each implementation of an algorithm can vary. The options for the OpenSSL implementations are detailed below.</p>
<h2 id="DSA-Parameter-Generation-Options">DSA Parameter Generation Options</h2>
<dl>
<dt id="dsa_paramgen_bits:numbits"><b>dsa_paramgen_bits:numbits</b></dt>
<dd>
<p>The number of bits in the generated prime. If not specified 2048 is used.</p>
</dd>
<dt id="dsa_paramgen_q_bits:numbits"><b>dsa_paramgen_q_bits:numbits</b></dt>
<dd>
<p>The number of bits in the q parameter. Must be one of 160, 224 or 256. If not specified 224 is used.</p>
</dd>
<dt id="dsa_paramgen_md:digest"><b>dsa_paramgen_md:digest</b></dt>
<dd>
<p>The digest to use during parameter generation. Must be one of <b>sha1</b>, <b>sha224</b> or <b>sha256</b>. If set, then the number of bits in <b>q</b> will match the output size of the specified digest and the <b>dsa_paramgen_q_bits</b> parameter will be ignored. If not set, then a digest will be used that gives an output matching the number of bits in <b>q</b>, i.e. <b>sha1</b> if q length is 160, <b>sha224</b> if it 224 or <b>sha256</b> if it is 256.</p>
</dd>
</dl>
<h2 id="DH-Parameter-Generation-Options">DH Parameter Generation Options</h2>
<dl>
<dt id="dh_paramgen_prime_len:numbits"><b>dh_paramgen_prime_len:numbits</b></dt>
<dd>
<p>The number of bits in the prime parameter <b>p</b>. The default is 2048.</p>
</dd>
<dt id="dh_paramgen_subprime_len:numbits"><b>dh_paramgen_subprime_len:numbits</b></dt>
<dd>
<p>The number of bits in the sub prime parameter <b>q</b>. The default is 256 if the prime is at least 2048 bits long or 160 otherwise. Only relevant if used in conjunction with the <b>dh_paramgen_type</b> option to generate X9.42 DH parameters.</p>
</dd>
<dt id="dh_paramgen_generator:value"><b>dh_paramgen_generator:value</b></dt>
<dd>
<p>The value to use for the generator <b>g</b>. The default is 2.</p>
</dd>
<dt id="dh_paramgen_type:value"><b>dh_paramgen_type:value</b></dt>
<dd>
<p>The type of DH parameters to generate. Use 0 for PKCS#3 DH and 1 for X9.42 DH. The default is 0.</p>
</dd>
<dt id="dh_rfc5114:num"><b>dh_rfc5114:num</b></dt>
<dd>
<p>If this option is set, then the appropriate RFC5114 parameters are used instead of generating new parameters. The value <b>num</b> can take the values 1, 2 or 3 corresponding to RFC5114 DH parameters consisting of 1024 bit group with 160 bit subgroup, 2048 bit group with 224 bit subgroup and 2048 bit group with 256 bit subgroup as mentioned in RFC5114 sections 2.1, 2.2 and 2.3 respectively. If present this overrides all other DH parameter options.</p>
</dd>
</dl>
<h2 id="EC-Parameter-Generation-Options">EC Parameter Generation Options</h2>
<p>The EC parameter generation options are the same as for key generation. See <a href="#EC-Key-Generation-Options">&quot;EC Key Generation Options&quot;</a> above.</p>
<h1 id="NOTES">NOTES</h1>
<p>The use of the genpkey program is encouraged over the algorithm specific utilities because additional algorithm options and ENGINE provided algorithms can be used.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Generate an RSA private key using default parameters:</p>
<pre><code>openssl genpkey -algorithm RSA -out key.pem</code></pre>
<p>Encrypt output private key using 128 bit AES and the passphrase &quot;hello&quot;:</p>
<pre><code>openssl genpkey -algorithm RSA -out key.pem -aes-128-cbc -pass pass:hello</code></pre>
<p>Generate a 2048 bit RSA key using 3 as the public exponent:</p>
<pre><code>openssl genpkey -algorithm RSA -out key.pem \
-pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:3</code></pre>
<p>Generate 2048 bit DSA parameters:</p>
<pre><code>openssl genpkey -genparam -algorithm DSA -out dsap.pem \
-pkeyopt dsa_paramgen_bits:2048</code></pre>
<p>Generate DSA key from parameters:</p>
<pre><code>openssl genpkey -paramfile dsap.pem -out dsakey.pem</code></pre>
<p>Generate 2048 bit DH parameters:</p>
<pre><code>openssl genpkey -genparam -algorithm DH -out dhp.pem \
-pkeyopt dh_paramgen_prime_len:2048</code></pre>
<p>Generate 2048 bit X9.42 DH parameters:</p>
<pre><code>openssl genpkey -genparam -algorithm DH -out dhpx.pem \
-pkeyopt dh_paramgen_prime_len:2048 \
-pkeyopt dh_paramgen_type:1</code></pre>
<p>Output RFC5114 2048 bit DH parameters with 224 bit subgroup:</p>
<pre><code>openssl genpkey -genparam -algorithm DH -out dhp.pem -pkeyopt dh_rfc5114:2</code></pre>
<p>Generate DH key from parameters:</p>
<pre><code>openssl genpkey -paramfile dhp.pem -out dhkey.pem</code></pre>
<p>Generate EC parameters:</p>
<pre><code>openssl genpkey -genparam -algorithm EC -out ecp.pem \
-pkeyopt ec_paramgen_curve:secp384r1 \
-pkeyopt ec_param_enc:named_curve</code></pre>
<p>Generate EC key from parameters:</p>
<pre><code>openssl genpkey -paramfile ecp.pem -out eckey.pem</code></pre>
<p>Generate EC key directly:</p>
<pre><code>openssl genpkey -algorithm EC -out eckey.pem \
-pkeyopt ec_paramgen_curve:P-384 \
-pkeyopt ec_param_enc:named_curve</code></pre>
<p>Generate an X25519 private key:</p>
<pre><code>openssl genpkey -algorithm X25519 -out xkey.pem</code></pre>
<p>Generate an ED448 private key:</p>
<pre><code>openssl genpkey -algorithm ED448 -out xkey.pem</code></pre>
<h1 id="HISTORY">HISTORY</h1>
<p>The ability to use NIST curve names, and to generate an EC key directly, were added in OpenSSL 1.0.2. The ability to generate X25519 keys was added in OpenSSL 1.1.0. The ability to generate X448, ED25519 and ED448 keys was added in OpenSSL 1.1.1.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,123 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>genrsa</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-genrsa, genrsa - generate an RSA private key</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl</b> <b>genrsa</b> [<b>-help</b>] [<b>-out filename</b>] [<b>-passout arg</b>] [<b>-aes128</b>] [<b>-aes192</b>] [<b>-aes256</b>] [<b>-aria128</b>] [<b>-aria192</b>] [<b>-aria256</b>] [<b>-camellia128</b>] [<b>-camellia192</b>] [<b>-camellia256</b>] [<b>-des</b>] [<b>-des3</b>] [<b>-idea</b>] [<b>-f4</b>] [<b>-3</b>] [<b>-rand file...</b>] [<b>-writerand file</b>] [<b>-engine id</b>] [<b>-primes num</b>] [<b>numbits</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>genrsa</b> command generates an RSA private key.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>Output the key to the specified file. If this argument is not specified then standard output is used.</p>
</dd>
<dt id="passout-arg"><b>-passout arg</b></dt>
<dd>
<p>The output file password source. For more information about the format of <b>arg</b> see <a href="../man1/openssl.html">&quot;Pass Phrase Options&quot; in openssl(1)</a>.</p>
</dd>
<dt id="aes128--aes192--aes256--aria128--aria192--aria256--camellia128--camellia192--camellia256--des--des3--idea"><b>-aes128</b>, <b>-aes192</b>, <b>-aes256</b>, <b>-aria128</b>, <b>-aria192</b>, <b>-aria256</b>, <b>-camellia128</b>, <b>-camellia192</b>, <b>-camellia256</b>, <b>-des</b>, <b>-des3</b>, <b>-idea</b></dt>
<dd>
<p>These options encrypt the private key with specified cipher before outputting it. If none of these options is specified no encryption is used. If encryption is used a pass phrase is prompted for if it is not supplied via the <b>-passout</b> argument.</p>
</dd>
<dt id="F4--3"><b>-F4|-3</b></dt>
<dd>
<p>The public exponent to use, either 65537 or 3. The default is 65537.</p>
</dd>
<dt id="rand-file"><b>-rand file...</b></dt>
<dd>
<p>A file or files containing random data used to seed the random number generator. Multiple files can be specified separated by an OS-dependent character. The separator is <b>;</b> for MS-Windows, <b>,</b> for OpenVMS, and <b>:</b> for all others.</p>
</dd>
<dt id="writerand-file">[<b>-writerand file</b>]</dt>
<dd>
<p>Writes random data to the specified <i>file</i> upon exit. This can be used with a subsequent <b>-rand</b> flag.</p>
</dd>
<dt id="engine-id"><b>-engine id</b></dt>
<dd>
<p>Specifying an engine (by its unique <b>id</b> string) will cause <b>genrsa</b> to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.</p>
</dd>
<dt id="primes-num"><b>-primes num</b></dt>
<dd>
<p>Specify the number of primes to use while generating the RSA key. The <b>num</b> parameter must be a positive integer that is greater than 1 and less than 16. If <b>num</b> is greater than 2, then the generated key is called a &#39;multi-prime&#39; RSA key, which is defined in RFC 8017.</p>
</dd>
<dt id="numbits"><b>numbits</b></dt>
<dd>
<p>The size of the private key to generate in bits. This must be the last option specified. The default is 2048 and values less than 512 are not allowed.</p>
</dd>
</dl>
<h1 id="NOTES">NOTES</h1>
<p>RSA private key generation essentially involves the generation of two or more prime numbers. When generating a private key various symbols will be output to indicate the progress of the generation. A <b>.</b> represents each number which has passed an initial sieve test, <b>+</b> means a number has passed a single round of the Miller-Rabin primality test, <b>*</b> means the current prime starts a regenerating progress due to some failed tests. A newline means that the number has passed all the prime tests (the actual number depends on the key size).</p>
<p>Because key generation is a random process the time taken to generate a key may vary somewhat. But in general, more primes lead to less generation time of a key.</p>
<h1 id="SEE-ALSO">SEE ALSO</h1>
<p><a href="../man1/gendsa.html">gendsa(1)</a></p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,111 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>list</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-list, list - list algorithms and features</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl list</b> [<b>-help</b>] [<b>-1</b>] [<b>-commands</b>] [<b>-digest-commands</b>] [<b>-digest-algorithms</b>] [<b>-cipher-commands</b>] [<b>-cipher-algorithms</b>] [<b>-public-key-algorithms</b>] [<b>-public-key-methods</b>] [<b>-disabled</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>This command is used to generate list of algorithms or disabled features.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Display a usage message.</p>
</dd>
<dt id="pod-1"><b>-1</b></dt>
<dd>
<p>List the commands, digest-commands, or cipher-commands in a single column. If used, this option must be given first.</p>
</dd>
<dt id="commands"><b>-commands</b></dt>
<dd>
<p>Display a list of standard commands.</p>
</dd>
<dt id="digest-commands"><b>-digest-commands</b></dt>
<dd>
<p>Display a list of message digest commands, which are typically used as input to the <a href="../man1/dgst.html">dgst(1)</a> or <a href="../man1/speed.html">speed(1)</a> commands.</p>
</dd>
<dt id="digest-algorithms"><b>-digest-algorithms</b></dt>
<dd>
<p>Display a list of message digest algorithms. If a line is of the form foo =&gt; bar then <b>foo</b> is an alias for the official algorithm name, <b>bar</b>.</p>
</dd>
<dt id="cipher-commands"><b>-cipher-commands</b></dt>
<dd>
<p>Display a list of cipher commands, which are typically used as input to the <a href="../man1/dgst.html">dgst(1)</a> or <a href="../man1/speed.html">speed(1)</a> commands.</p>
</dd>
<dt id="cipher-algorithms"><b>-cipher-algorithms</b></dt>
<dd>
<p>Display a list of cipher algorithms. If a line is of the form foo =&gt; bar then <b>foo</b> is an alias for the official algorithm name, <b>bar</b>.</p>
</dd>
<dt id="public-key-algorithms"><b>-public-key-algorithms</b></dt>
<dd>
<p>Display a list of public key algorithms, with each algorithm as a block of multiple lines, all but the first are indented.</p>
</dd>
<dt id="public-key-methods"><b>-public-key-methods</b></dt>
<dd>
<p>Display a list of public key method OIDs: this also includes public key methods without an associated ASN.1 method, for example, KDF algorithms.</p>
</dd>
<dt id="disabled"><b>-disabled</b></dt>
<dd>
<p>Display a list of disabled features, those that were compiled out of the installation.</p>
</dd>
</dl>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,101 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>nseq</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#BUGS">BUGS</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-nseq, nseq - create or examine a Netscape certificate sequence</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl</b> <b>nseq</b> [<b>-help</b>] [<b>-in filename</b>] [<b>-out filename</b>] [<b>-toseq</b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The <b>nseq</b> command takes a file containing a Netscape certificate sequence and prints out the certificates contained in it or takes a file of certificates and converts it into a Netscape certificate sequence.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="in-filename"><b>-in filename</b></dt>
<dd>
<p>This specifies the input filename to read or standard input if this option is not specified.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>Specifies the output filename or standard output by default.</p>
</dd>
<dt id="toseq"><b>-toseq</b></dt>
<dd>
<p>Normally a Netscape certificate sequence will be input and the output is the certificates contained in it. With the <b>-toseq</b> option the situation is reversed: a Netscape certificate sequence is created from a file of certificates.</p>
</dd>
</dl>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Output the certificates in a Netscape certificate sequence</p>
<pre><code>openssl nseq -in nseq.pem -out certs.pem</code></pre>
<p>Create a Netscape certificate sequence</p>
<pre><code>openssl nseq -in certs.pem -toseq -out nseq.pem</code></pre>
<h1 id="NOTES">NOTES</h1>
<p>The <b>PEM</b> encoded form uses the same headers and footers as a certificate:</p>
<pre><code>-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----</code></pre>
<p>A Netscape certificate sequence is a Netscape specific format that can be sent to browsers as an alternative to the standard PKCS#7 format when several certificates are sent to the browser: for example during certificate enrollment. It is used by Netscape certificate server for example.</p>
<h1 id="BUGS">BUGS</h1>
<p>This program needs a few more options: like allowing DER or PEM input and output files and allowing multiple certificate files to be used.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

View File

@ -1,415 +0,0 @@
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>ocsp</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@localhost" />
</head>
<body>
<ul id="index">
<li><a href="#NAME">NAME</a></li>
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
<li><a href="#OPTIONS">OPTIONS</a>
<ul>
<li><a href="#OCSP-Client-Options">OCSP Client Options</a></li>
<li><a href="#OCSP-Server-Options">OCSP Server Options</a></li>
</ul>
</li>
<li><a href="#OCSP-Response-verification">OCSP Response verification.</a></li>
<li><a href="#NOTES">NOTES</a></li>
<li><a href="#EXAMPLES">EXAMPLES</a></li>
<li><a href="#HISTORY">HISTORY</a></li>
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
</ul>
<h1 id="NAME">NAME</h1>
<p>openssl-ocsp, ocsp - Online Certificate Status Protocol utility</p>
<h1 id="SYNOPSIS">SYNOPSIS</h1>
<p><b>openssl</b> <b>ocsp</b> [<b>-help</b>] [<b>-out file</b>] [<b>-issuer file</b>] [<b>-cert file</b>] [<b>-serial n</b>] [<b>-signer file</b>] [<b>-signkey file</b>] [<b>-sign_other file</b>] [<b>-no_certs</b>] [<b>-req_text</b>] [<b>-resp_text</b>] [<b>-text</b>] [<b>-reqout file</b>] [<b>-respout file</b>] [<b>-reqin file</b>] [<b>-respin file</b>] [<b>-nonce</b>] [<b>-no_nonce</b>] [<b>-url URL</b>] [<b>-host host:port</b>] [<b>-multi process-count</b>] [<b>-header</b>] [<b>-path</b>] [<b>-CApath dir</b>] [<b>-CAfile file</b>] [<b>-no-CAfile</b>] [<b>-no-CApath</b>] [<b>-attime timestamp</b>] [<b>-check_ss_sig</b>] [<b>-crl_check</b>] [<b>-crl_check_all</b>] [<b>-explicit_policy</b>] [<b>-extended_crl</b>] [<b>-ignore_critical</b>] [<b>-inhibit_any</b>] [<b>-inhibit_map</b>] [<b>-no_check_time</b>] [<b>-partial_chain</b>] [<b>-policy arg</b>] [<b>-policy_check</b>] [<b>-policy_print</b>] [<b>-purpose purpose</b>] [<b>-suiteB_128</b>] [<b>-suiteB_128_only</b>] [<b>-suiteB_192</b>] [<b>-trusted_first</b>] [<b>-no_alt_chains</b>] [<b>-use_deltas</b>] [<b>-auth_level num</b>] [<b>-verify_depth num</b>] [<b>-verify_email email</b>] [<b>-verify_hostname hostname</b>] [<b>-verify_ip ip</b>] [<b>-verify_name name</b>] [<b>-x509_strict</b>] [<b>-VAfile file</b>] [<b>-validity_period n</b>] [<b>-status_age n</b>] [<b>-noverify</b>] [<b>-verify_other file</b>] [<b>-trust_other</b>] [<b>-no_intern</b>] [<b>-no_signature_verify</b>] [<b>-no_cert_verify</b>] [<b>-no_chain</b>] [<b>-no_cert_checks</b>] [<b>-no_explicit</b>] [<b>-port num</b>] [<b>-ignore_err</b>] [<b>-index file</b>] [<b>-CA file</b>] [<b>-rsigner file</b>] [<b>-rkey file</b>] [<b>-rother file</b>] [<b>-rsigopt nm:v</b>] [<b>-resp_no_certs</b>] [<b>-nmin n</b>] [<b>-ndays n</b>] [<b>-resp_key_id</b>] [<b>-nrequest n</b>] [<b>-<i>digest</i></b>]</p>
<h1 id="DESCRIPTION">DESCRIPTION</h1>
<p>The Online Certificate Status Protocol (OCSP) enables applications to determine the (revocation) state of an identified certificate (RFC 2560).</p>
<p>The <b>ocsp</b> command performs many common OCSP tasks. It can be used to print out requests and responses, create requests and send queries to an OCSP responder and behave like a mini OCSP server itself.</p>
<h1 id="OPTIONS">OPTIONS</h1>
<p>This command operates as either a client or a server. The options are described below, divided into those two modes.</p>
<h2 id="OCSP-Client-Options">OCSP Client Options</h2>
<dl>
<dt id="help"><b>-help</b></dt>
<dd>
<p>Print out a usage message.</p>
</dd>
<dt id="out-filename"><b>-out filename</b></dt>
<dd>
<p>specify output filename, default is standard output.</p>
</dd>
<dt id="issuer-filename"><b>-issuer filename</b></dt>
<dd>
<p>This specifies the current issuer certificate. This option can be used multiple times. The certificate specified in <b>filename</b> must be in PEM format. This option <b>MUST</b> come before any <b>-cert</b> options.</p>
</dd>
<dt id="cert-filename"><b>-cert filename</b></dt>
<dd>
<p>Add the certificate <b>filename</b> to the request. The issuer certificate is taken from the previous <b>issuer</b> option, or an error occurs if no issuer certificate is specified.</p>
</dd>
<dt id="serial-num"><b>-serial num</b></dt>
<dd>
<p>Same as the <b>cert</b> option except the certificate with serial number <b>num</b> is added to the request. The serial number is interpreted as a decimal integer unless preceded by <b>0x</b>. Negative integers can also be specified by preceding the value by a <b>-</b> sign.</p>
</dd>
<dt id="signer-filename--signkey-filename"><b>-signer filename</b>, <b>-signkey filename</b></dt>
<dd>
<p>Sign the OCSP request using the certificate specified in the <b>signer</b> option and the private key specified by the <b>signkey</b> option. If the <b>signkey</b> option is not present then the private key is read from the same file as the certificate. If neither option is specified then the OCSP request is not signed.</p>
</dd>
<dt id="sign_other-filename"><b>-sign_other filename</b></dt>
<dd>
<p>Additional certificates to include in the signed request.</p>
</dd>
<dt id="nonce--no_nonce"><b>-nonce</b>, <b>-no_nonce</b></dt>
<dd>
<p>Add an OCSP nonce extension to a request or disable OCSP nonce addition. Normally if an OCSP request is input using the <b>reqin</b> option no nonce is added: using the <b>nonce</b> option will force addition of a nonce. If an OCSP request is being created (using <b>cert</b> and <b>serial</b> options) a nonce is automatically added specifying <b>no_nonce</b> overrides this.</p>
</dd>
<dt id="req_text--resp_text--text"><b>-req_text</b>, <b>-resp_text</b>, <b>-text</b></dt>
<dd>
<p>Print out the text form of the OCSP request, response or both respectively.</p>
</dd>
<dt id="reqout-file--respout-file"><b>-reqout file</b>, <b>-respout file</b></dt>
<dd>
<p>Write out the DER encoded certificate request or response to <b>file</b>.</p>
</dd>
<dt id="reqin-file--respin-file"><b>-reqin file</b>, <b>-respin file</b></dt>
<dd>
<p>Read OCSP request or response file from <b>file</b>. These option are ignored if OCSP request or response creation is implied by other options (for example with <b>serial</b>, <b>cert</b> and <b>host</b> options).</p>
</dd>
<dt id="url-responder_url"><b>-url responder_url</b></dt>
<dd>
<p>Specify the responder URL. Both HTTP and HTTPS (SSL/TLS) URLs can be specified.</p>
</dd>
<dt id="host-hostname:port--path-pathname"><b>-host hostname:port</b>, <b>-path pathname</b></dt>
<dd>
<p>If the <b>host</b> option is present then the OCSP request is sent to the host <b>hostname</b> on port <b>port</b>. <b>path</b> specifies the HTTP pathname to use or &quot;/&quot; by default. This is equivalent to specifying <b>-url</b> with scheme http:// and the given hostname, port, and pathname.</p>
</dd>
<dt id="header-name-value"><b>-header name=value</b></dt>
<dd>
<p>Adds the header <b>name</b> with the specified <b>value</b> to the OCSP request that is sent to the responder. This may be repeated.</p>
</dd>
<dt id="timeout-seconds"><b>-timeout seconds</b></dt>
<dd>
<p>Connection timeout to the OCSP responder in seconds. On POSIX systems, when running as an OCSP responder, this option also limits the time that the responder is willing to wait for the client request. This time is measured from the time the responder accepts the connection until the complete request is received.</p>
</dd>
<dt id="multi-process-count"><b>-multi process-count</b></dt>
<dd>
<p>Run the specified number of OCSP responder child processes, with the parent process respawning child processes as needed. Child processes will detect changes in the CA index file and automatically reload it. When running as a responder <b>-timeout</b> option is recommended to limit the time each child is willing to wait for the client&#39;s OCSP response. This option is available on POSIX systems (that support the fork() and other required unix system-calls).</p>
</dd>
<dt id="CAfile-file--CApath-pathname"><b>-CAfile file</b>, <b>-CApath pathname</b></dt>
<dd>
<p>File or pathname containing trusted CA certificates. These are used to verify the signature on the OCSP response.</p>
</dd>
<dt id="no-CAfile"><b>-no-CAfile</b></dt>
<dd>
<p>Do not load the trusted CA certificates from the default file location</p>
</dd>
<dt id="no-CApath"><b>-no-CApath</b></dt>
<dd>
<p>Do not load the trusted CA certificates from the default directory location</p>
</dd>
<dt id="attime--check_ss_sig--crl_check--crl_check_all--explicit_policy--extended_crl--ignore_critical--inhibit_any--inhibit_map--no_alt_chains--no_check_time--partial_chain--policy--policy_check--policy_print--purpose--suiteB_128--suiteB_128_only--suiteB_192--trusted_first--use_deltas--auth_level--verify_depth--verify_email--verify_hostname--verify_ip--verify_name--x509_strict"><b>-attime</b>, <b>-check_ss_sig</b>, <b>-crl_check</b>, <b>-crl_check_all</b>, <b>-explicit_policy</b>, <b>-extended_crl</b>, <b>-ignore_critical</b>, <b>-inhibit_any</b>, <b>-inhibit_map</b>, <b>-no_alt_chains</b>, <b>-no_check_time</b>, <b>-partial_chain</b>, <b>-policy</b>, <b>-policy_check</b>, <b>-policy_print</b>, <b>-purpose</b>, <b>-suiteB_128</b>, <b>-suiteB_128_only</b>, <b>-suiteB_192</b>, <b>-trusted_first</b>, <b>-use_deltas</b>, <b>-auth_level</b>, <b>-verify_depth</b>, <b>-verify_email</b>, <b>-verify_hostname</b>, <b>-verify_ip</b>, <b>-verify_name</b>, <b>-x509_strict</b></dt>
<dd>
<p>Set different certificate verification options. See <a href="../man1/verify.html">verify(1)</a> manual page for details.</p>
</dd>
<dt id="verify_other-file"><b>-verify_other file</b></dt>
<dd>
<p>File containing additional certificates to search when attempting to locate the OCSP response signing certificate. Some responders omit the actual signer&#39;s certificate from the response: this option can be used to supply the necessary certificate in such cases.</p>
</dd>
<dt id="trust_other"><b>-trust_other</b></dt>
<dd>
<p>The certificates specified by the <b>-verify_other</b> option should be explicitly trusted and no additional checks will be performed on them. This is useful when the complete responder certificate chain is not available or trusting a root CA is not appropriate.</p>
</dd>
<dt id="VAfile-file"><b>-VAfile file</b></dt>
<dd>
<p>File containing explicitly trusted responder certificates. Equivalent to the <b>-verify_other</b> and <b>-trust_other</b> options.</p>
</dd>
<dt id="noverify"><b>-noverify</b></dt>
<dd>
<p>Don&#39;t attempt to verify the OCSP response signature or the nonce values. This option will normally only be used for debugging since it disables all verification of the responders certificate.</p>
</dd>
<dt id="no_intern"><b>-no_intern</b></dt>
<dd>
<p>Ignore certificates contained in the OCSP response when searching for the signers certificate. With this option the signers certificate must be specified with either the <b>-verify_other</b> or <b>-VAfile</b> options.</p>
</dd>
<dt id="no_signature_verify"><b>-no_signature_verify</b></dt>
<dd>
<p>Don&#39;t check the signature on the OCSP response. Since this option tolerates invalid signatures on OCSP responses it will normally only be used for testing purposes.</p>
</dd>
<dt id="no_cert_verify"><b>-no_cert_verify</b></dt>
<dd>
<p>Don&#39;t verify the OCSP response signers certificate at all. Since this option allows the OCSP response to be signed by any certificate it should only be used for testing purposes.</p>
</dd>
<dt id="no_chain"><b>-no_chain</b></dt>
<dd>
<p>Do not use certificates in the response as additional untrusted CA certificates.</p>
</dd>
<dt id="no_explicit"><b>-no_explicit</b></dt>
<dd>
<p>Do not explicitly trust the root CA if it is set to be trusted for OCSP signing.</p>
</dd>
<dt id="no_cert_checks"><b>-no_cert_checks</b></dt>
<dd>
<p>Don&#39;t perform any additional checks on the OCSP response signers certificate. That is do not make any checks to see if the signers certificate is authorised to provide the necessary status information: as a result this option should only be used for testing purposes.</p>
</dd>
<dt id="validity_period-nsec--status_age-age"><b>-validity_period nsec</b>, <b>-status_age age</b></dt>
<dd>
<p>These options specify the range of times, in seconds, which will be tolerated in an OCSP response. Each certificate status response includes a <b>notBefore</b> time and an optional <b>notAfter</b> time. The current time should fall between these two values, but the interval between the two times may be only a few seconds. In practice the OCSP responder and clients clocks may not be precisely synchronised and so such a check may fail. To avoid this the <b>-validity_period</b> option can be used to specify an acceptable error range in seconds, the default value is 5 minutes.</p>
<p>If the <b>notAfter</b> time is omitted from a response then this means that new status information is immediately available. In this case the age of the <b>notBefore</b> field is checked to see it is not older than <b>age</b> seconds old. By default this additional check is not performed.</p>
</dd>
<dt id="digest"><b>-<i>digest</i></b></dt>
<dd>
<p>This option sets digest algorithm to use for certificate identification in the OCSP request. Any digest supported by the OpenSSL <b>dgst</b> command can be used. The default is SHA-1. This option may be used multiple times to specify the digest used by subsequent certificate identifiers.</p>
</dd>
</dl>
<h2 id="OCSP-Server-Options">OCSP Server Options</h2>
<dl>
<dt id="index-indexfile"><b>-index indexfile</b></dt>
<dd>
<p>The <b>indexfile</b> parameter is the name of a text index file in <b>ca</b> format containing certificate revocation information.</p>
<p>If the <b>index</b> option is specified the <b>ocsp</b> utility is in responder mode, otherwise it is in client mode. The request(s) the responder processes can be either specified on the command line (using <b>issuer</b> and <b>serial</b> options), supplied in a file (using the <b>reqin</b> option) or via external OCSP clients (if <b>port</b> or <b>url</b> is specified).</p>
<p>If the <b>index</b> option is present then the <b>CA</b> and <b>rsigner</b> options must also be present.</p>
</dd>
<dt id="CA-file"><b>-CA file</b></dt>
<dd>
<p>CA certificate corresponding to the revocation information in <b>indexfile</b>.</p>
</dd>
<dt id="rsigner-file"><b>-rsigner file</b></dt>
<dd>
<p>The certificate to sign OCSP responses with.</p>
</dd>
<dt id="rother-file"><b>-rother file</b></dt>
<dd>
<p>Additional certificates to include in the OCSP response.</p>
</dd>
<dt id="resp_no_certs"><b>-resp_no_certs</b></dt>
<dd>
<p>Don&#39;t include any certificates in the OCSP response.</p>
</dd>
<dt id="resp_key_id"><b>-resp_key_id</b></dt>
<dd>
<p>Identify the signer certificate using the key ID, default is to use the subject name.</p>
</dd>
<dt id="rkey-file"><b>-rkey file</b></dt>
<dd>
<p>The private key to sign OCSP responses with: if not present the file specified in the <b>rsigner</b> option is used.</p>
</dd>
<dt id="rsigopt-nm:v"><b>-rsigopt nm:v</b></dt>
<dd>
<p>Pass options to the signature algorithm when signing OCSP responses. Names and values of these options are algorithm-specific.</p>
</dd>
<dt id="port-portnum"><b>-port portnum</b></dt>
<dd>
<p>Port to listen for OCSP requests on. The port may also be specified using the <b>url</b> option.</p>
</dd>
<dt id="ignore_err"><b>-ignore_err</b></dt>
<dd>
<p>Ignore malformed requests or responses: When acting as an OCSP client, retry if a malformed response is received. When acting as an OCSP responder, continue running instead of terminating upon receiving a malformed request.</p>
</dd>
<dt id="nrequest-number"><b>-nrequest number</b></dt>
<dd>
<p>The OCSP server will exit after receiving <b>number</b> requests, default unlimited.</p>
</dd>
<dt id="nmin-minutes--ndays-days"><b>-nmin minutes</b>, <b>-ndays days</b></dt>
<dd>
<p>Number of minutes or days when fresh revocation information is available: used in the <b>nextUpdate</b> field. If neither option is present then the <b>nextUpdate</b> field is omitted meaning fresh revocation information is immediately available.</p>
</dd>
</dl>
<h1 id="OCSP-Response-verification">OCSP Response verification.</h1>
<p>OCSP Response follows the rules specified in RFC2560.</p>
<p>Initially the OCSP responder certificate is located and the signature on the OCSP request checked using the responder certificate&#39;s public key.</p>
<p>Then a normal certificate verify is performed on the OCSP responder certificate building up a certificate chain in the process. The locations of the trusted certificates used to build the chain can be specified by the <b>CAfile</b> and <b>CApath</b> options or they will be looked for in the standard OpenSSL certificates directory.</p>
<p>If the initial verify fails then the OCSP verify process halts with an error.</p>
<p>Otherwise the issuing CA certificate in the request is compared to the OCSP responder certificate: if there is a match then the OCSP verify succeeds.</p>
<p>Otherwise the OCSP responder certificate&#39;s CA is checked against the issuing CA certificate in the request. If there is a match and the OCSPSigning extended key usage is present in the OCSP responder certificate then the OCSP verify succeeds.</p>
<p>Otherwise, if <b>-no_explicit</b> is <b>not</b> set the root CA of the OCSP responders CA is checked to see if it is trusted for OCSP signing. If it is the OCSP verify succeeds.</p>
<p>If none of these checks is successful then the OCSP verify fails.</p>
<p>What this effectively means if that if the OCSP responder certificate is authorised directly by the CA it is issuing revocation information about (and it is correctly configured) then verification will succeed.</p>
<p>If the OCSP responder is a &quot;global responder&quot; which can give details about multiple CAs and has its own separate certificate chain then its root CA can be trusted for OCSP signing. For example:</p>
<pre><code>openssl x509 -in ocspCA.pem -addtrust OCSPSigning -out trustedCA.pem</code></pre>
<p>Alternatively the responder certificate itself can be explicitly trusted with the <b>-VAfile</b> option.</p>
<h1 id="NOTES">NOTES</h1>
<p>As noted, most of the verify options are for testing or debugging purposes. Normally only the <b>-CApath</b>, <b>-CAfile</b> and (if the responder is a &#39;global VA&#39;) <b>-VAfile</b> options need to be used.</p>
<p>The OCSP server is only useful for test and demonstration purposes: it is not really usable as a full OCSP responder. It contains only a very simple HTTP request handling and can only handle the POST form of OCSP queries. It also handles requests serially meaning it cannot respond to new requests until it has processed the current one. The text index file format of revocation is also inefficient for large quantities of revocation data.</p>
<p>It is possible to run the <b>ocsp</b> application in responder mode via a CGI script using the <b>reqin</b> and <b>respout</b> options.</p>
<h1 id="EXAMPLES">EXAMPLES</h1>
<p>Create an OCSP request and write it to a file:</p>
<pre><code>openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem -reqout req.der</code></pre>
<p>Send a query to an OCSP responder with URL http://ocsp.myhost.com/ save the response to a file, print it out in text form, and verify the response:</p>
<pre><code>openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem \
-url http://ocsp.myhost.com/ -resp_text -respout resp.der</code></pre>
<p>Read in an OCSP response and print out text form:</p>
<pre><code>openssl ocsp -respin resp.der -text -noverify</code></pre>
<p>OCSP server on port 8888 using a standard <b>ca</b> configuration, and a separate responder certificate. All requests and responses are printed to a file.</p>
<pre><code>openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem
-text -out log.txt</code></pre>
<p>As above but exit after processing one request:</p>
<pre><code>openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem
-nrequest 1</code></pre>
<p>Query status information using an internally generated request:</p>
<pre><code>openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
-issuer demoCA/cacert.pem -serial 1</code></pre>
<p>Query status information using request read from a file, and write the response to a second file.</p>
<pre><code>openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
-reqin req.der -respout resp.der</code></pre>
<h1 id="HISTORY">HISTORY</h1>
<p>The -no_alt_chains option was added in OpenSSL 1.1.0.</p>
<h1 id="COPYRIGHT">COPYRIGHT</h1>
<p>Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>

Some files were not shown because too many files have changed in this diff Show More