Commit 48b53522 authored by Rich Salz's avatar Rich Salz
Browse files

-inkey can be an identifier, not just a file 



update pkcs12, smime, ts apps.

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3507)
parent c80bbcbf

apps/pkcs12.c

+1 −1
Original line number Diff line number Diff line
@@ -91,7 +91,7 @@ const OPTIONS pkcs12_options[] = { 
    {"keypbe", OPT_KEYPBE, 's', "Private key PBE algorithm (default 3DES)"},

    {"rand", OPT_RAND, 's',

     "Load the file(s) into the random number generator"},

    {"inkey", OPT_INKEY, '<', "Private key if not infile"},

    {"inkey", OPT_INKEY, 's', "Private key if not infile"},

    {"certfile", OPT_CERTFILE, '<', "Load certs from file"},

    {"name", OPT_NAME, 's', "Use name as friendly name"},

    {"CSP", OPT_CSP, 's', "Microsoft CSP name"},

apps/smime.c

+1 −1
Original line number Diff line number Diff line
@@ -70,7 +70,7 @@ const OPTIONS smime_options[] = { 
    {"recip", OPT_RECIP, '<', "Recipient certificate file for decryption"},

    {"in", OPT_IN, '<', "Input file"},

    {"inform", OPT_INFORM, 'c', "Input format SMIME (default), PEM or DER"},

    {"inkey", OPT_INKEY, '<',

    {"inkey", OPT_INKEY, 's',

     "Input private key (if not signer or recipient)"},

    {"keyform", OPT_KEYFORM, 'f', "Input private key format (PEM or ENGINE)"},

    {"out", OPT_OUT, '>', "Output file"},

apps/ts.c

+1 −1
Original line number Diff line number Diff line
@@ -106,7 +106,7 @@ const OPTIONS ts_options[] = { 
    {"reply", OPT_REPLY, '-', "Generate a TS reply"},

    {"queryfile", OPT_QUERYFILE, '<', "File containing a TS query"},

    {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},

    {"inkey", OPT_INKEY, '<', "File with private key for reply"},

    {"inkey", OPT_INKEY, 's', "File with private key for reply"},

    {"signer", OPT_SIGNER, 's', "Signer certificate file"},

    {"chain", OPT_CHAIN, '<', "File with signer CA chain"},

    {"verify", OPT_VERIFY, '-', "Verify a TS response"},

doc/man1/pkcs12.pod

+4 −2
Original line number Diff line number Diff line
@@ -10,7 +10,7 @@ B<openssl> B<pkcs12> 
[B<-help>]

[B<-export>]

[B<-chain>]

[B<-inkey filename>]

[B<-inkey file_or_id>]

[B<-certfile filename>]

[B<-name name>]

[B<-caname name>]
@@ -177,10 +177,12 @@ default. They must all be in PEM format. The order doesn't matter but one 
private key and its corresponding certificate should be present. If additional

certificates are present they will also be included in the PKCS#12 file.



=item B<-inkey filename>

=item B<-inkey file_or_id>



File to read private key from. If not present then a private key must be present

in the input file.

If no engine is used, the argument is taken as a file; if an engine is

specified, the argument is given to the engine as a key identifier.



=item B<-name friendlyname>

doc/man1/smime.pod

+4 −2
Original line number Diff line number Diff line
@@ -54,7 +54,7 @@ B<openssl> B<smime> 
[B<-recip  file>]

[B<-inform SMIME|PEM|DER>]

[B<-passin arg>]

[B<-inkey file>]

[B<-inkey file_or_id>]

[B<-out file>]

[B<-outform SMIME|PEM|DER>]

[B<-content file>]
@@ -280,13 +280,15 @@ verification was successful. 
The recipients certificate when decrypting a message. This certificate

must match one of the recipients of the message or an error occurs.



=item B<-inkey file>

=item B<-inkey file_or_id>



The private key to use when signing or decrypting. This must match the

corresponding certificate. If this option is not specified then the

private key must be included in the certificate file specified with

the B<-recip> or B<-signer> file. When signing this option can be used

multiple times to specify successive keys.

If no engine is used, the argument is taken as a file; if an engine is

specified, the argument is given to the engine as a key identifier.



=item B<-passin arg>