OLD | NEW |
1 =pod | 1 =pod |
2 | 2 |
3 =head1 NAME | 3 =head1 NAME |
4 | 4 |
5 dgst, md5, md4, md2, sha1, sha, mdc2, ripemd160 - message digests | 5 dgst, md5, md4, md2, sha1, sha, mdc2, ripemd160 - message digests |
6 | 6 |
7 =head1 SYNOPSIS | 7 =head1 SYNOPSIS |
8 | 8 |
9 B<openssl> B<dgst> | 9 B<openssl> B<dgst> |
10 [B<-md5|-md4|-md2|-sha1|-sha|-mdc2|-ripemd160|-dss1>] | 10 [B<-md5|-md4|-md2|-sha1|-sha|-mdc2|-ripemd160|-dss1>] |
11 [B<-c>] | 11 [B<-c>] |
12 [B<-d>] | 12 [B<-d>] |
13 [B<-hex>] | 13 [B<-hex>] |
14 [B<-binary>] | 14 [B<-binary>] |
15 [B<-out filename>] | 15 [B<-out filename>] |
16 [B<-sign filename>] | 16 [B<-sign filename>] |
| 17 [B<-keyform arg>] |
17 [B<-passin arg>] | 18 [B<-passin arg>] |
18 [B<-verify filename>] | 19 [B<-verify filename>] |
19 [B<-prverify filename>] | 20 [B<-prverify filename>] |
20 [B<-signature filename>] | 21 [B<-signature filename>] |
21 [B<-hmac key>] | 22 [B<-hmac key>] |
22 [B<file...>] | 23 [B<file...>] |
23 | 24 |
24 [B<md5|md4|md2|sha1|sha|mdc2|ripemd160>] | 25 [B<md5|md4|md2|sha1|sha|mdc2|ripemd160>] |
25 [B<-c>] | 26 [B<-c>] |
26 [B<-d>] | 27 [B<-d>] |
(...skipping 27 matching lines...) Expand all Loading... |
54 output the digest or signature in binary form. | 55 output the digest or signature in binary form. |
55 | 56 |
56 =item B<-out filename> | 57 =item B<-out filename> |
57 | 58 |
58 filename to output to, or standard output by default. | 59 filename to output to, or standard output by default. |
59 | 60 |
60 =item B<-sign filename> | 61 =item B<-sign filename> |
61 | 62 |
62 digitally sign the digest using the private key in "filename". | 63 digitally sign the digest using the private key in "filename". |
63 | 64 |
| 65 =item B<-keyform arg> |
| 66 |
| 67 Specifies the key format to sign digest with. Only PEM and ENGINE |
| 68 formats are supported by the B<dgst> command. |
| 69 |
| 70 =item B<-engine id> |
| 71 |
| 72 Use engine B<id> for operations (including private key storage). |
| 73 This engine is not used as source for digest algorithms, unless it is |
| 74 also specified in the configuration file. |
| 75 |
| 76 =item B<-sigopt nm:v> |
| 77 |
| 78 Pass options to the signature algorithm during sign or verify operations. |
| 79 Names and values of these options are algorithm-specific. |
| 80 |
| 81 |
64 =item B<-passin arg> | 82 =item B<-passin arg> |
65 | 83 |
66 the private key password source. For more information about the format of B<arg> | 84 the private key password source. For more information about the format of B<arg> |
67 see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. | 85 see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. |
68 | 86 |
69 =item B<-verify filename> | 87 =item B<-verify filename> |
70 | 88 |
71 verify the signature using the the public key in "filename". | 89 verify the signature using the the public key in "filename". |
72 The output is either "Verification OK" or "Verification Failure". | 90 The output is either "Verification OK" or "Verification Failure". |
73 | 91 |
74 =item B<-prverify filename> | 92 =item B<-prverify filename> |
75 | 93 |
76 verify the signature using the the private key in "filename". | 94 verify the signature using the the private key in "filename". |
77 | 95 |
78 =item B<-signature filename> | 96 =item B<-signature filename> |
79 | 97 |
80 the actual signature to verify. | 98 the actual signature to verify. |
81 | 99 |
82 =item B<-hmac key> | 100 =item B<-hmac key> |
83 | 101 |
84 create a hashed MAC using "key". | 102 create a hashed MAC using "key". |
85 | 103 |
| 104 =item B<-mac alg> |
| 105 |
| 106 create MAC (keyed Message Authentication Code). The most popular MAC |
| 107 algorithm is HMAC (hash-based MAC), but there are other MAC algorithms |
| 108 which are not based on hash, for instance B<gost-mac> algorithm, |
| 109 supported by B<ccgost> engine. MAC keys and other options should be set |
| 110 via B<-macopt> parameter. |
| 111 |
| 112 =item B<-macopt nm:v> |
| 113 |
| 114 Passes options to MAC algorithm, specified by B<-mac> key. |
| 115 Following options are supported by both by B<HMAC> and B<gost-mac>: |
| 116 |
| 117 =over 8 |
| 118 |
| 119 =item B<key:string> |
| 120 |
| 121 Specifies MAC key as alphnumeric string (use if key contain printable |
| 122 characters only). String length must conform to any restrictions of |
| 123 the MAC algorithm for example exactly 32 chars for gost-mac. |
| 124 |
| 125 =item B<hexkey:string> |
| 126 |
| 127 Specifies MAC key in hexadecimal form (two hex digits per byte). |
| 128 Key length must conform to any restrictions of the MAC algorithm |
| 129 for example exactly 32 chars for gost-mac. |
| 130 |
| 131 =back |
| 132 |
86 =item B<-rand file(s)> | 133 =item B<-rand file(s)> |
87 | 134 |
88 a file or files containing random data used to seed the random number | 135 a file or files containing random data used to seed the random number |
89 generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>). | 136 generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>). |
90 Multiple files can be specified separated by a OS-dependent character. | 137 Multiple files can be specified separated by a OS-dependent character. |
91 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for | 138 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for |
92 all others. | 139 all others. |
93 | 140 |
94 =item B<file...> | 141 =item B<file...> |
95 | 142 |
(...skipping 10 matching lines...) Expand all Loading... |
106 If you wish to sign or verify data using the DSA algorithm then the dss1 | 153 If you wish to sign or verify data using the DSA algorithm then the dss1 |
107 digest must be used. | 154 digest must be used. |
108 | 155 |
109 A source of random numbers is required for certain signing algorithms, in | 156 A source of random numbers is required for certain signing algorithms, in |
110 particular DSA. | 157 particular DSA. |
111 | 158 |
112 The signing and verify options should only be used if a single file is | 159 The signing and verify options should only be used if a single file is |
113 being signed or verified. | 160 being signed or verified. |
114 | 161 |
115 =cut | 162 =cut |
OLD | NEW |