update pkcs12 help message + manpage (ec1edeb5) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

apps/pkcs12.c

+4 −0

Original line number	Diff line number	Diff line
		@@ -303,11 +303,14 @@ int MAIN(int argc, char **argv)
		#endif
		BIO_printf (bio_err, "-nodes don't encrypt private keys\n");
		BIO_printf (bio_err, "-noiter don't use encryption iteration\n");
		BIO_printf (bio_err, "-nomaciter don't use MAC iteration\n");
		BIO_printf (bio_err, "-maciter use MAC iteration\n");
		BIO_printf (bio_err, "-nomac don't generate MAC\n");
		BIO_printf (bio_err, "-twopass separate MAC, encryption passwords\n");
		BIO_printf (bio_err, "-descert encrypt PKCS#12 certificates with triple DES (default RC2-40)\n");
		BIO_printf (bio_err, "-certpbe alg specify certificate PBE algorithm (default RC2-40)\n");
		BIO_printf (bio_err, "-keypbe alg specify private key PBE algorithm (default 3DES)\n");
		BIO_printf (bio_err, "-macalg alg digest algorithm used in MAC (default SHA1)\n");
		BIO_printf (bio_err, "-keyex set MS key exchange type\n");
		BIO_printf (bio_err, "-keysig set MS key signature type\n");
		BIO_printf (bio_err, "-password p set import/export password source\n");
		@@ -319,6 +322,7 @@ int MAIN(int argc, char **argv)
		BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
		BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
		BIO_printf(bio_err, " the random number generator\n");
		BIO_printf(bio_err, "-CSP name Microsoft CSP name\n");
		goto end;
		}

doc/apps/pkcs12.pod

+34 −7

Original line number	Diff line number	Diff line
		@@ -23,22 +23,23 @@ B<openssl> B<pkcs12>
		[B<-cacerts>]
		[B<-nokeys>]
		[B<-info>]
		[B<-des>]
		[B<-des3>]
		[B<-idea>]
		[B<-nodes>]
		[B<-des \| -des3 \| -idea \| -aes128 \| -aes192 \| -aes256 \| -camellia128 \| -camellia192 \| -camellia256 \| -nodes>]
		[B<-noiter>]
		[B<-maciter>]
		[B<-maciter \| -nomaciter \| -nomac>]
		[B<-twopass>]
		[B<-descert>]
		[B<-certpbe>]
		[B<-keypbe>]
		[B<-certpbe cipher>]
		[B<-keypbe cipher>]
		[B<-macalg digest>]
		[B<-keyex>]
		[B<-keysig>]
		[B<-password arg>]
		[B<-passin arg>]
		[B<-passout arg>]
		[B<-rand file(s)>]
		[B<-CAfile file>]
		[B<-CApath dir>]
		[B<-CSP name>]

		=head1 DESCRIPTION

		@@ -116,6 +117,14 @@ use triple DES to encrypt private keys before outputting, this is the default.

		use IDEA to encrypt private keys before outputting.

		=item B<-aes128>, B<-aes192>, B<-aes256>

		use AES to encrypt private keys before outputting.

		=item B<-camellia128>, B<-camellia192>, B<-camellia256>

		use Camellia to encrypt private keys before outputting.

		=item B<-nodes>

		don't encrypt the private keys at all.
		@@ -245,6 +254,10 @@ option.
		This option is included for compatibility with previous versions, it used
		to be needed to use MAC iterations counts but they are now used by default.

		=item B<-nomac>

		don't attempt to provide the MAC integrity.

		=item B<-rand file(s)>

		a file or files containing random data used to seed the random number
		@@ -253,6 +266,20 @@ Multiple files can be specified separated by a OS-dependent character.
		The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
		all others.

		=item B<-CAfile file>

		CA storage as a file.

		=item B<-CApath dir>

		CA storage as a directory. This directory must be a standard certificate
		directory: that is a hash of each subject name (using B<x509 -hash>) should be
		linked to each certificate.

		=item B<-CSP name>

		write B<name> as a Microsoft CSP name.

		=back

		=head1 NOTES