summaryrefslogtreecommitdiffstats
path: root/secure/usr.bin/openssl/man/smime.1
diff options
context:
space:
mode:
Diffstat (limited to 'secure/usr.bin/openssl/man/smime.1')
-rw-r--r--secure/usr.bin/openssl/man/smime.1101
1 files changed, 50 insertions, 51 deletions
diff --git a/secure/usr.bin/openssl/man/smime.1 b/secure/usr.bin/openssl/man/smime.1
index a10fdfe..e6cab4c 100644
--- a/secure/usr.bin/openssl/man/smime.1
+++ b/secure/usr.bin/openssl/man/smime.1
@@ -1,15 +1,7 @@
-.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.37
+.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07)
.\"
.\" Standard preamble:
.\" ========================================================================
-.de Sh \" Subsection heading
-.br
-.if t .Sp
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
@@ -25,11 +17,11 @@
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote. | will give a
-.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
-.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
-.\" expand to `' in nroff, nothing in troff, for use with C<>.
-.tr \(*W-|\(bv\*(Tr
+.\" double quote, and \*(R" will give a right double quote. \*(C+ will
+.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
+.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
+.\" nothing in troff, for use with C<>.
+.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
@@ -48,22 +40,25 @@
. ds R" ''
'br\}
.\"
+.\" Escape single quotes in literal strings from groff's Unicode transform.
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\"
.\" If the F register is turned on, we'll generate index entries on stderr for
-.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
+.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
-.if \nF \{\
+.ie \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. nr % 0
. rr F
.\}
-.\"
-.\" For nroff, turn off justification. Always turn off hyphenation; it makes
-.\" way too many mistakes in technical documents.
-.hy 0
-.if n .na
+.el \{\
+. de IX
+..
+.\}
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
@@ -129,7 +124,11 @@
.\" ========================================================================
.\"
.IX Title "SMIME 1"
-.TH SMIME 1 "2010-03-24" "0.9.8n" "OpenSSL"
+.TH SMIME 1 "2010-11-16" "0.9.8p" "OpenSSL"
+.\" For nroff, turn off justification. Always turn off hyphenation; it makes
+.\" way too many mistakes in technical documents.
+.if n .ad l
+.nh
.SH "NAME"
smime \- S/MIME utility
.SH "SYNOPSIS"
@@ -315,12 +314,12 @@ see the \fB\s-1PASS\s0 \s-1PHRASE\s0 \s-1ARGUMENTS\s0\fR section in \fIopenssl\f
a file or files containing random data used to seed the random number
generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
Multiple files can be specified separated by a OS-dependent character.
-The separator is \fB;\fR for MS\-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
+The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
.IP "\fBcert.pem...\fR" 4
.IX Item "cert.pem..."
one or more certificates of message recipients: used when encrypting
-a message.
+a message.
.IP "\fB\-to, \-from, \-subject\fR" 4
.IX Item "-to, -from, -subject"
the relevant mail headers. These are included outside the signed
@@ -377,54 +376,54 @@ the signers certificates.
Create a cleartext signed message:
.PP
.Vb 2
-\& openssl smime -sign -in message.txt -text -out mail.msg \e
-\& -signer mycert.pem
+\& openssl smime \-sign \-in message.txt \-text \-out mail.msg \e
+\& \-signer mycert.pem
.Ve
.PP
-Create and opaque signed message
+Create and opaque signed message:
.PP
.Vb 2
-\& openssl smime -sign -in message.txt -text -out mail.msg -nodetach \e
-\& -signer mycert.pem
+\& openssl smime \-sign \-in message.txt \-text \-out mail.msg \-nodetach \e
+\& \-signer mycert.pem
.Ve
.PP
Create a signed message, include some additional certificates and
read the private key from another file:
.PP
.Vb 2
-\& openssl smime -sign -in in.txt -text -out mail.msg \e
-\& -signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
+\& openssl smime \-sign \-in in.txt \-text \-out mail.msg \e
+\& \-signer mycert.pem \-inkey mykey.pem \-certfile mycerts.pem
.Ve
.PP
Send a signed message under Unix directly to sendmail, including headers:
.PP
.Vb 3
-\& openssl smime -sign -in in.txt -text -signer mycert.pem \e
-\& -from steve@openssl.org -to someone@somewhere \e
-\& -subject "Signed message" | sendmail someone@somewhere
+\& openssl smime \-sign \-in in.txt \-text \-signer mycert.pem \e
+\& \-from steve@openssl.org \-to someone@somewhere \e
+\& \-subject "Signed message" | sendmail someone@somewhere
.Ve
.PP
Verify a message and extract the signer's certificate if successful:
.PP
.Vb 1
-\& openssl smime -verify -in mail.msg -signer user.pem -out signedtext.txt
+\& openssl smime \-verify \-in mail.msg \-signer user.pem \-out signedtext.txt
.Ve
.PP
Send encrypted mail using triple \s-1DES:\s0
.PP
.Vb 3
-\& openssl smime -encrypt -in in.txt -from steve@openssl.org \e
-\& -to someone@somewhere -subject "Encrypted message" \e
-\& -des3 user.pem -out mail.msg
+\& openssl smime \-encrypt \-in in.txt \-from steve@openssl.org \e
+\& \-to someone@somewhere \-subject "Encrypted message" \e
+\& \-des3 user.pem \-out mail.msg
.Ve
.PP
Sign and encrypt mail:
.PP
.Vb 4
-\& openssl smime -sign -in ml.txt -signer my.pem -text \e
-\& | openssl smime -encrypt -out mail.msg \e
-\& -from steve@openssl.org -to someone@somewhere \e
-\& -subject "Signed and Encrypted message" -des3 user.pem
+\& openssl smime \-sign \-in ml.txt \-signer my.pem \-text \e
+\& | openssl smime \-encrypt \-out mail.msg \e
+\& \-from steve@openssl.org \-to someone@somewhere \e
+\& \-subject "Signed and Encrypted message" \-des3 user.pem
.Ve
.PP
Note: the encryption command does not include the \fB\-text\fR option because the message
@@ -433,7 +432,7 @@ being encrypted already has \s-1MIME\s0 headers.
Decrypt mail:
.PP
.Vb 1
-\& openssl smime -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
+\& openssl smime \-decrypt \-in mail.msg \-recip mycert.pem \-inkey key.pem
.Ve
.PP
The output from Netscape form signing is a PKCS#7 structure with the
@@ -442,26 +441,26 @@ signature by line wrapping the base64 encoded structure and surrounding
it with:
.PP
.Vb 2
-\& -----BEGIN PKCS7-----
-\& -----END PKCS7-----
+\& \-\-\-\-\-BEGIN PKCS7\-\-\-\-\-
+\& \-\-\-\-\-END PKCS7\-\-\-\-\-
.Ve
.PP
-and using the command,
+and using the command:
.PP
.Vb 1
-\& openssl smime -verify -inform PEM -in signature.pem -content content.txt
+\& openssl smime \-verify \-inform PEM \-in signature.pem \-content content.txt
.Ve
.PP
-alternatively you can base64 decode the signature and use
+Alternatively you can base64 decode the signature and use:
.PP
.Vb 1
-\& openssl smime -verify -inform DER -in signature.der -content content.txt
+\& openssl smime \-verify \-inform DER \-in signature.der \-content content.txt
.Ve
.PP
Create an encrypted message using 128 bit Camellia:
.PP
.Vb 1
-\& openssl smime -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
+\& openssl smime \-encrypt \-in plain.txt \-camellia128 \-out mail.msg cert.pem
.Ve
.SH "BUGS"
.IX Header "BUGS"
@@ -475,7 +474,7 @@ should be some heuristic that determines the correct encryption certificate.
Ideally a database should be maintained of a certificates for each email address.
.PP
The code doesn't currently take note of the permitted symmetric encryption
-algorithms as supplied in the SMIMECapabilities signed attribute. this means the
+algorithms as supplied in the SMIMECapabilities signed attribute. This means the
user has to manually include the correct encryption algorithm. It should store
the list of permitted ciphers in a database and only use those.
.PP
OpenPOWER on IntegriCloud