aboutsummaryrefslogtreecommitdiffstats
path: root/secure/usr.bin/openssl
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2018-09-13 23:14:57 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2018-09-13 23:14:57 +0000
commit54967a4e950cb7b16a26428f9e3872aa8fe83d16 (patch)
tree8ebcd0ceb80e3719deabb8cbd455ab2685cf0c96 /secure/usr.bin/openssl
parent9b21da0ecb8941dc7c6bd721ccfe05cecd7d6432 (diff)
downloadsrc-54967a4e950cb7b16a26428f9e3872aa8fe83d16.tar.gz
src-54967a4e950cb7b16a26428f9e3872aa8fe83d16.zip
Regen manual pages.
Note the manual pages are not automatically generated for now.
Notes
Notes: svn path=/projects/openssl111/; revision=338671
Diffstat (limited to 'secure/usr.bin/openssl')
-rw-r--r--secure/usr.bin/openssl/Makefile.man24
-rw-r--r--secure/usr.bin/openssl/man/CA.pl.1119
-rw-r--r--secure/usr.bin/openssl/man/asn1parse.180
-rw-r--r--secure/usr.bin/openssl/man/ca.1231
-rw-r--r--secure/usr.bin/openssl/man/ciphers.1594
-rw-r--r--secure/usr.bin/openssl/man/cms.1238
-rw-r--r--secure/usr.bin/openssl/man/crl.153
-rw-r--r--secure/usr.bin/openssl/man/crl2pkcs7.133
-rw-r--r--secure/usr.bin/openssl/man/dgst.1129
-rw-r--r--secure/usr.bin/openssl/man/dhparam.161
-rw-r--r--secure/usr.bin/openssl/man/dsa.148
-rw-r--r--secure/usr.bin/openssl/man/dsaparam.152
-rw-r--r--secure/usr.bin/openssl/man/ec.167
-rw-r--r--secure/usr.bin/openssl/man/ecparam.158
-rw-r--r--secure/usr.bin/openssl/man/enc.1183
-rw-r--r--secure/usr.bin/openssl/man/engine.1236
-rw-r--r--secure/usr.bin/openssl/man/errstr.123
-rw-r--r--secure/usr.bin/openssl/man/gendsa.147
-rw-r--r--secure/usr.bin/openssl/man/genpkey.1117
-rw-r--r--secure/usr.bin/openssl/man/genrsa.163
-rw-r--r--secure/usr.bin/openssl/man/list.1207
-rw-r--r--secure/usr.bin/openssl/man/nseq.127
-rw-r--r--secure/usr.bin/openssl/man/ocsp.1249
-rw-r--r--secure/usr.bin/openssl/man/openssl.1337
-rw-r--r--secure/usr.bin/openssl/man/passwd.162
-rw-r--r--secure/usr.bin/openssl/man/pkcs12.1150
-rw-r--r--secure/usr.bin/openssl/man/pkcs7.137
-rw-r--r--secure/usr.bin/openssl/man/pkcs8.1209
-rw-r--r--secure/usr.bin/openssl/man/pkey.163
-rw-r--r--secure/usr.bin/openssl/man/pkeyparam.135
-rw-r--r--secure/usr.bin/openssl/man/pkeyutl.1212
-rw-r--r--secure/usr.bin/openssl/man/prime.1185
-rw-r--r--secure/usr.bin/openssl/man/rand.136
-rw-r--r--secure/usr.bin/openssl/man/req.1213
-rw-r--r--secure/usr.bin/openssl/man/rsa.160
-rw-r--r--secure/usr.bin/openssl/man/rsautl.190
-rw-r--r--secure/usr.bin/openssl/man/s_client.1547
-rw-r--r--secure/usr.bin/openssl/man/s_server.1830
-rw-r--r--secure/usr.bin/openssl/man/s_time.183
-rw-r--r--secure/usr.bin/openssl/man/sess_id.169
-rw-r--r--secure/usr.bin/openssl/man/smime.1188
-rw-r--r--secure/usr.bin/openssl/man/speed.195
-rw-r--r--secure/usr.bin/openssl/man/spkac.159
-rw-r--r--secure/usr.bin/openssl/man/srp.1194
-rw-r--r--secure/usr.bin/openssl/man/storeutl.1242
-rw-r--r--secure/usr.bin/openssl/man/ts.1209
-rw-r--r--secure/usr.bin/openssl/man/tsget.120
-rw-r--r--secure/usr.bin/openssl/man/verify.1725
-rw-r--r--secure/usr.bin/openssl/man/version.136
-rw-r--r--secure/usr.bin/openssl/man/x509.1320
-rw-r--r--secure/usr.bin/openssl/man/x509v3_config.1679
51 files changed, 5822 insertions, 3102 deletions
diff --git a/secure/usr.bin/openssl/Makefile.man b/secure/usr.bin/openssl/Makefile.man
index 02267c37387e..34951d63abb1 100644
--- a/secure/usr.bin/openssl/Makefile.man
+++ b/secure/usr.bin/openssl/Makefile.man
@@ -1,5 +1,4 @@
# $FreeBSD$
-# DO NOT EDIT: generated from man-makefile-update target
MAN+= CA.pl.1
MAN+= asn1parse.1
MAN+= ca.1
@@ -14,10 +13,12 @@ MAN+= dsaparam.1
MAN+= ec.1
MAN+= ecparam.1
MAN+= enc.1
+MAN+= engine.1
MAN+= errstr.1
MAN+= gendsa.1
MAN+= genpkey.1
MAN+= genrsa.1
+MAN+= list.1
MAN+= nseq.1
MAN+= ocsp.1
MAN+= openssl.1
@@ -28,6 +29,7 @@ MAN+= pkcs8.1
MAN+= pkey.1
MAN+= pkeyparam.1
MAN+= pkeyutl.1
+MAN+= prime.1
MAN+= rand.1
MAN+= req.1
MAN+= rsa.1
@@ -39,41 +41,32 @@ MAN+= sess_id.1
MAN+= smime.1
MAN+= speed.1
MAN+= spkac.1
+MAN+= srp.1
+MAN+= storeutl.1
MAN+= ts.1
MAN+= tsget.1
MAN+= verify.1
MAN+= version.1
MAN+= x509.1
-MAN+= x509v3_config.1
MLINKS+= asn1parse.1 openssl-asn1parse.1
MLINKS+= ca.1 openssl-ca.1
MLINKS+= ciphers.1 openssl-ciphers.1
MLINKS+= cms.1 openssl-cms.1
MLINKS+= crl.1 openssl-crl.1
MLINKS+= crl2pkcs7.1 openssl-crl2pkcs7.1
-MLINKS+= dgst.1 dss1.1
-MLINKS+= dgst.1 md2.1
-MLINKS+= dgst.1 md4.1
-MLINKS+= dgst.1 md5.1
-MLINKS+= dgst.1 mdc2.1
MLINKS+= dgst.1 openssl-dgst.1
-MLINKS+= dgst.1 ripemd160.1
-MLINKS+= dgst.1 sha.1
-MLINKS+= dgst.1 sha1.1
-MLINKS+= dgst.1 sha224.1
-MLINKS+= dgst.1 sha256.1
-MLINKS+= dgst.1 sha384.1
-MLINKS+= dgst.1 sha512.1
MLINKS+= dhparam.1 openssl-dhparam.1
MLINKS+= dsa.1 openssl-dsa.1
MLINKS+= dsaparam.1 openssl-dsaparam.1
MLINKS+= ec.1 openssl-ec.1
MLINKS+= ecparam.1 openssl-ecparam.1
MLINKS+= enc.1 openssl-enc.1
+MLINKS+= engine.1 openssl-engine.1
MLINKS+= errstr.1 openssl-errstr.1
MLINKS+= gendsa.1 openssl-gendsa.1
MLINKS+= genpkey.1 openssl-genpkey.1
MLINKS+= genrsa.1 openssl-genrsa.1
+MLINKS+= list.1 openssl-list.1
MLINKS+= nseq.1 openssl-nseq.1
MLINKS+= ocsp.1 openssl-ocsp.1
MLINKS+= passwd.1 openssl-passwd.1
@@ -83,6 +76,7 @@ MLINKS+= pkcs8.1 openssl-pkcs8.1
MLINKS+= pkey.1 openssl-pkey.1
MLINKS+= pkeyparam.1 openssl-pkeyparam.1
MLINKS+= pkeyutl.1 openssl-pkeyutl.1
+MLINKS+= prime.1 openssl-prime.1
MLINKS+= rand.1 openssl-rand.1
MLINKS+= req.1 openssl-req.1
MLINKS+= rsa.1 openssl-rsa.1
@@ -94,6 +88,8 @@ MLINKS+= sess_id.1 openssl-sess_id.1
MLINKS+= smime.1 openssl-smime.1
MLINKS+= speed.1 openssl-speed.1
MLINKS+= spkac.1 openssl-spkac.1
+MLINKS+= srp.1 openssl-srp.1
+MLINKS+= storeutl.1 openssl-storeutl.1
MLINKS+= ts.1 openssl-ts.1
MLINKS+= tsget.1 openssl-tsget.1
MLINKS+= verify.1 openssl-verify.1
diff --git a/secure/usr.bin/openssl/man/CA.pl.1 b/secure/usr.bin/openssl/man/CA.pl.1
index 348189f76080..0eecd9ac0b5e 100644
--- a/secure/usr.bin/openssl/man/CA.pl.1
+++ b/secure/usr.bin/openssl/man/CA.pl.1
@@ -129,7 +129,7 @@
.\" ========================================================================
.\"
.IX Title "CA.PL 1"
-.TH CA.PL 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH CA.PL 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -139,51 +139,63 @@ CA.pl \- friendlier interface for OpenSSL certificate programs
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fB\s-1CA\s0.pl\fR
-[\fB\-?\fR]
-[\fB\-h\fR]
-[\fB\-help\fR]
-[\fB\-newcert\fR]
-[\fB\-newreq\fR]
-[\fB\-newreq\-nodes\fR]
-[\fB\-newca\fR]
-[\fB\-xsign\fR]
-[\fB\-sign\fR]
-[\fB\-signreq\fR]
-[\fB\-signcert\fR]
-[\fB\-verify\fR]
-[\fBfiles\fR]
+\&\fB\-?\fR |
+\&\fB\-h\fR |
+\&\fB\-help\fR
+.PP
+\&\fB\s-1CA\s0.pl\fR
+\&\fB\-newcert\fR |
+\&\fB\-newreq\fR |
+\&\fB\-newreq\-nodes\fR |
+\&\fB\-xsign\fR |
+\&\fB\-sign\fR |
+\&\fB\-signCA\fR |
+\&\fB\-signcert\fR |
+\&\fB\-crl\fR |
+\&\fB\-newca\fR
+[\fB\-extra\-cmd\fR extra\-params]
+.PP
+\&\fB\s-1CA\s0.pl\fR \fB\-pkcs12\fR [\fB\-extra\-pkcs12\fR extra\-params] [\fBcertname\fR]
+.PP
+\&\fB\s-1CA\s0.pl\fR \fB\-verify\fR [\fB\-extra\-verify\fR extra\-params] \fBcertfile\fR...
+.PP
+\&\fB\s-1CA\s0.pl\fR \fB\-revoke\fR [\fB\-extra\-ca\fR extra\-params] \fBcertfile\fR [\fBreason\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fB\s-1CA\s0.pl\fR script is a perl script that supplies the relevant command line
arguments to the \fBopenssl\fR command for some common certificate operations.
It is intended to simplify the process of certificate creation and management
by the use of some simple options.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
.IP "\fB?\fR, \fB\-h\fR, \fB\-help\fR" 4
.IX Item "?, -h, -help"
-prints a usage message.
+Prints a usage message.
.IP "\fB\-newcert\fR" 4
.IX Item "-newcert"
-creates a new self signed certificate. The private key is written to the file
+Creates a new self signed certificate. The private key is written to the file
\&\*(L"newkey.pem\*(R" and the request written to the file \*(L"newreq.pem\*(R".
+This argument invokes \fBopenssl req\fR command.
.IP "\fB\-newreq\fR" 4
.IX Item "-newreq"
-creates a new certificate request. The private key is written to the file
+Creates a new certificate request. The private key is written to the file
\&\*(L"newkey.pem\*(R" and the request written to the file \*(L"newreq.pem\*(R".
+Executes \fBopenssl req\fR command below the hood.
.IP "\fB\-newreq\-nodes\fR" 4
.IX Item "-newreq-nodes"
-is like \fB\-newreq\fR except that the private key will not be encrypted.
+Is like \fB\-newreq\fR except that the private key will not be encrypted.
+Uses \fBopenssl req\fR command.
.IP "\fB\-newca\fR" 4
.IX Item "-newca"
-creates a new \s-1CA\s0 hierarchy for use with the \fBca\fR program (or the \fB\-signcert\fR
+Creates a new \s-1CA\s0 hierarchy for use with the \fBca\fR program (or the \fB\-signcert\fR
and \fB\-xsign\fR options). The user is prompted to enter the filename of the \s-1CA\s0
certificates (which should also contain the private key) or by hitting \s-1ENTER\s0
details of the \s-1CA\s0 will be prompted for. The relevant files and directories
are created in a directory called \*(L"demoCA\*(R" in the current directory.
+\&\fBopenssl req\fR and \fBopenssl ca\fR commands are get invoked.
.IP "\fB\-pkcs12\fR" 4
.IX Item "-pkcs12"
-create a PKCS#12 file containing the user certificate, private key and \s-1CA\s0
+Create a PKCS#12 file containing the user certificate, private key and \s-1CA\s0
certificate. It expects the user certificate and private key to be in the
file \*(L"newcert.pem\*(R" and the \s-1CA\s0 certificate to be in the file demoCA/cacert.pem,
it creates a file \*(L"newcert.p12\*(R". This command can thus be called after the
@@ -191,28 +203,48 @@ it creates a file \*(L"newcert.p12\*(R". This command can thus be called after t
If there is an additional argument on the command line it will be used as the
\&\*(L"friendly name\*(R" for the certificate (which is typically displayed in the browser
list box), otherwise the name \*(L"My Certificate\*(R" is used.
-.IP "\fB\-sign\fR, \fB\-signreq\fR, \fB\-xsign\fR" 4
-.IX Item "-sign, -signreq, -xsign"
-calls the \fBca\fR program to sign a certificate request. It expects the request
+Delegates work to \fBopenssl pkcs12\fR command.
+.IP "\fB\-sign\fR, \fB\-signcert\fR, \fB\-xsign\fR" 4
+.IX Item "-sign, -signcert, -xsign"
+Calls the \fBca\fR program to sign a certificate request. It expects the request
to be in the file \*(L"newreq.pem\*(R". The new certificate is written to the file
\&\*(L"newcert.pem\*(R" except in the case of the \fB\-xsign\fR option when it is written
-to standard output.
+to standard output. Leverages \fBopenssl ca\fR command.
.IP "\fB\-signCA\fR" 4
.IX Item "-signCA"
-this option is the same as the \fB\-signreq\fR option except it uses the configuration
-file section \fBv3_ca\fR and so makes the signed request a valid \s-1CA\s0 certificate. This
-is useful when creating intermediate \s-1CA\s0 from a root \s-1CA.\s0
+This option is the same as the \fB\-signreq\fR option except it uses the
+configuration file section \fBv3_ca\fR and so makes the signed request a
+valid \s-1CA\s0 certificate. This is useful when creating intermediate \s-1CA\s0 from
+a root \s-1CA.\s0 Extra params are passed on to \fBopenssl ca\fR command.
.IP "\fB\-signcert\fR" 4
.IX Item "-signcert"
-this option is the same as \fB\-sign\fR except it expects a self signed certificate
+This option is the same as \fB\-sign\fR except it expects a self signed certificate
to be present in the file \*(L"newreq.pem\*(R".
+Extra params are passed on to \fBopenssl x509\fR and \fBopenssl ca\fR commands.
+.IP "\fB\-crl\fR" 4
+.IX Item "-crl"
+Generate a \s-1CRL.\s0 Executes \fBopenssl ca\fR command.
+.IP "\fB\-revoke certfile [reason]\fR" 4
+.IX Item "-revoke certfile [reason]"
+Revoke the certificate contained in the specified \fBcertfile\fR. An optional
+reason may be specified, and must be one of: \fBunspecified\fR,
+\&\fBkeyCompromise\fR, \fBCACompromise\fR, \fBaffiliationChanged\fR, \fBsuperseded\fR,
+\&\fBcessationOfOperation\fR, \fBcertificateHold\fR, or \fBremoveFromCRL\fR.
+Leverages \fBopenssl ca\fR command.
.IP "\fB\-verify\fR" 4
.IX Item "-verify"
-verifies certificates against the \s-1CA\s0 certificate for \*(L"demoCA\*(R". If no certificates
-are specified on the command line it tries to verify the file \*(L"newcert.pem\*(R".
-.IP "\fBfiles\fR" 4
-.IX Item "files"
-one or more optional certificate file names for use with the \fB\-verify\fR command.
+Verifies certificates against the \s-1CA\s0 certificate for \*(L"demoCA\*(R". If no
+certificates are specified on the command line it tries to verify the file
+\&\*(L"newcert.pem\*(R". Invokes \fBopenssl verify\fR command.
+.IP "\fB\-extra\-req\fR | \fB\-extra\-ca\fR | \fB\-extra\-pkcs12\fR | \fB\-extra\-x509\fR | \fB\-extra\-verify\fR <extra\-params>" 4
+.IX Item "-extra-req | -extra-ca | -extra-pkcs12 | -extra-x509 | -extra-verify <extra-params>"
+The purpose of these parameters is to allow optional parameters to be supplied
+to \fBopenssl\fR that this command executes. The \fB\-extra\-cmd\fR are specific to the
+option being used and the \fBopenssl\fR command getting invoked. For example
+when this command invokes \fBopenssl req\fR extra parameters can be passed on
+with the \fB\-extra\-req\fR parameter. The
+\&\fBopenssl\fR commands being invoked per option are documented below.
+Users should consult \fBopenssl\fR command documentation for more information.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
Create a \s-1CA\s0 hierarchy:
@@ -285,18 +317,21 @@ be wrong. In this case the command:
\& perl \-S CA.pl
.Ve
.PP
-can be used and the \fB\s-1OPENSSL_CONF\s0\fR environment variable changed to point to
-the correct path of the configuration file \*(L"openssl.cnf\*(R".
+can be used and the \fB\s-1OPENSSL_CONF\s0\fR environment variable changed to point to
+the correct path of the configuration file.
.PP
The script is intended as a simple front end for the \fBopenssl\fR program for use
by a beginner. Its behaviour isn't always what is wanted. For more control over the
behaviour of the certificate commands call the \fBopenssl\fR command directly.
-.SH "ENVIRONMENT VARIABLES"
-.IX Header "ENVIRONMENT VARIABLES"
-The variable \fB\s-1OPENSSL_CONF\s0\fR if defined allows an alternative configuration
-file location to be specified, it should contain the full path to the
-configuration file, not just its directory.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIx509\fR\|(1), \fIca\fR\|(1), \fIreq\fR\|(1), \fIpkcs12\fR\|(1),
\&\fIconfig\fR\|(5)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/asn1parse.1 b/secure/usr.bin/openssl/man/asn1parse.1
index 4641fc96bd87..a62ec132cf5a 100644
--- a/secure/usr.bin/openssl/man/asn1parse.1
+++ b/secure/usr.bin/openssl/man/asn1parse.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "ASN1PARSE 1"
-.TH ASN1PARSE 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH ASN1PARSE 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-asn1parse,
-asn1parse \- ASN.1 parsing tool
+openssl\-asn1parse, asn1parse \- ASN.1 parsing tool
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBasn1parse\fR
+[\fB\-help\fR]
[\fB\-inform PEM|DER\fR]
[\fB\-in filename\fR]
[\fB\-out filename\fR]
@@ -153,60 +153,76 @@ asn1parse \- ASN.1 parsing tool
[\fB\-strparse offset\fR]
[\fB\-genstr string\fR]
[\fB\-genconf file\fR]
+[\fB\-strictpem\fR]
+[\fB\-item name\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBasn1parse\fR command is a diagnostic utility that can parse \s-1ASN.1\s0
structures. It can also be used to extract data from \s-1ASN.1\s0 formatted data.
.SH "OPTIONS"
.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform\fR \fBDER|PEM\fR" 4
.IX Item "-inform DER|PEM"
-the input format. \fB\s-1DER\s0\fR is binary format and \fB\s-1PEM\s0\fR (the default) is base64
+The input format. \fB\s-1DER\s0\fR is binary format and \fB\s-1PEM\s0\fR (the default) is base64
encoded.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
-the input file, default is standard input
+The input file, default is standard input.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-output file to place the \s-1DER\s0 encoded data into. If this
+Output file to place the \s-1DER\s0 encoded data into. If this
option is not present then no data will be output. This is most useful when
combined with the \fB\-strparse\fR option.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-don't output the parsed version of the input file.
+Don't output the parsed version of the input file.
.IP "\fB\-offset number\fR" 4
.IX Item "-offset number"
-starting offset to begin parsing, default is start of file.
+Starting offset to begin parsing, default is start of file.
.IP "\fB\-length number\fR" 4
.IX Item "-length number"
-number of bytes to parse, default is until end of file.
+Number of bytes to parse, default is until end of file.
.IP "\fB\-i\fR" 4
.IX Item "-i"
-indents the output according to the \*(L"depth\*(R" of the structures.
+Indents the output according to the \*(L"depth\*(R" of the structures.
.IP "\fB\-oid filename\fR" 4
.IX Item "-oid filename"
-a file containing additional \s-1OBJECT\s0 IDENTIFIERs (OIDs). The format of this
+A file containing additional \s-1OBJECT\s0 IDENTIFIERs (OIDs). The format of this
file is described in the \s-1NOTES\s0 section below.
.IP "\fB\-dump\fR" 4
.IX Item "-dump"
-dump unknown data in hex format.
+Dump unknown data in hex format.
.IP "\fB\-dlimit num\fR" 4
.IX Item "-dlimit num"
-like \fB\-dump\fR, but only the first \fBnum\fR bytes are output.
+Like \fB\-dump\fR, but only the first \fBnum\fR bytes are output.
.IP "\fB\-strparse offset\fR" 4
.IX Item "-strparse offset"
-parse the contents octets of the \s-1ASN.1\s0 object starting at \fBoffset\fR. This
+Parse the contents octets of the \s-1ASN.1\s0 object starting at \fBoffset\fR. This
option can be used multiple times to \*(L"drill down\*(R" into a nested structure.
.IP "\fB\-genstr string\fR, \fB\-genconf file\fR" 4
.IX Item "-genstr string, -genconf file"
-generate encoded data based on \fBstring\fR, \fBfile\fR or both using
+Generate encoded data based on \fBstring\fR, \fBfile\fR or both using
\&\fIASN1_generate_nconf\fR\|(3) format. If \fBfile\fR only is
present then the string is obtained from the default section using the name
\&\fBasn1\fR. The encoded data is passed through the \s-1ASN1\s0 parser and printed out as
though it came from a file, the contents can thus be examined and written to a
file using the \fBout\fR option.
-.SS "\s-1OUTPUT\s0"
-.IX Subsection "OUTPUT"
+.IP "\fB\-strictpem\fR" 4
+.IX Item "-strictpem"
+If this option is used then \fB\-inform\fR will be ignored. Without this option any
+data in a \s-1PEM\s0 format input file will be treated as being base64 encoded and
+processed whether it has the normal \s-1PEM BEGIN\s0 and \s-1END\s0 markers or not. This
+option will ignore any data prior to the start of the \s-1BEGIN\s0 marker, or after an
+\&\s-1END\s0 marker in a \s-1PEM\s0 file.
+.IP "\fB\-item name\fR" 4
+.IX Item "-item name"
+Attempt to decode and print the data as \fB\s-1ASN1_ITEM\s0 name\fR. This can be used to
+print out the fields of any supported \s-1ASN.1\s0 structure if the type is known.
+.SS "Output"
+.IX Subsection "Output"
The output will typically contain lines like this:
.PP
.Vb 1
@@ -216,21 +232,21 @@ The output will typically contain lines like this:
\&.....
.PP
.Vb 10
-\& 229:d=3 hl=3 l= 141 prim: BIT STRING
-\& 373:d=2 hl=3 l= 162 cons: cont [ 3 ]
-\& 376:d=3 hl=3 l= 159 cons: SEQUENCE
-\& 379:d=4 hl=2 l= 29 cons: SEQUENCE
+\& 229:d=3 hl=3 l= 141 prim: BIT STRING
+\& 373:d=2 hl=3 l= 162 cons: cont [ 3 ]
+\& 376:d=3 hl=3 l= 159 cons: SEQUENCE
+\& 379:d=4 hl=2 l= 29 cons: SEQUENCE
\& 381:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Subject Key Identifier
-\& 386:d=5 hl=2 l= 22 prim: OCTET STRING
-\& 410:d=4 hl=2 l= 112 cons: SEQUENCE
+\& 386:d=5 hl=2 l= 22 prim: OCTET STRING
+\& 410:d=4 hl=2 l= 112 cons: SEQUENCE
\& 412:d=5 hl=2 l= 3 prim: OBJECT :X509v3 Authority Key Identifier
-\& 417:d=5 hl=2 l= 105 prim: OCTET STRING
+\& 417:d=5 hl=2 l= 105 prim: OCTET STRING
\& 524:d=4 hl=2 l= 12 cons: SEQUENCE
.Ve
.PP
\&.....
.PP
-This example is part of a self signed certificate. Each line starts with the
+This example is part of a self-signed certificate. Each line starts with the
offset in decimal. \fBd=XX\fR specifies the current depth. The depth is increased
within the scope of any \s-1SET\s0 or \s-1SEQUENCE.\s0 \fBhl=XX\fR gives the header length
(tag and length octets) of the current type. \fBl=XX\fR gives the length of
@@ -245,21 +261,21 @@ The contents octets of this will contain the public key information. This can
be examined using the option \fB\-strparse 229\fR to yield:
.PP
.Vb 3
-\& 0:d=0 hl=3 l= 137 cons: SEQUENCE
+\& 0:d=0 hl=3 l= 137 cons: SEQUENCE
\& 3:d=1 hl=3 l= 129 prim: INTEGER :E5D21E1F5C8D208EA7A2166C7FAF9F6BDF2059669C60876DDB70840F1A5AAFA59699FE471F379F1DD6A487E7D5409AB6A88D4A9746E24B91D8CF55DB3521015460C8EDE44EE8A4189F7A7BE77D6CD3A9AF2696F486855CF58BF0EDF2B4068058C7A947F52548DDF7E15E96B385F86422BEA9064A3EE9E1158A56E4A6F47E5897
\& 135:d=1 hl=2 l= 3 prim: INTEGER :010001
.Ve
.SH "NOTES"
.IX Header "NOTES"
If an \s-1OID\s0 is not part of OpenSSL's internal table it will be represented in
-numerical form (for example 1.2.3.4). The file passed to the \fB\-oid\fR option
+numerical form (for example 1.2.3.4). The file passed to the \fB\-oid\fR option
allows additional OIDs to be included. Each line consists of three columns,
the first column is the \s-1OID\s0 in numerical format and should be followed by white
space. The second column is the \*(L"short name\*(R" which is a single word followed
by white space. The final column is the rest of the line and is the
\&\*(L"long name\*(R". \fBasn1parse\fR displays the long name. Example:
.PP
-\&\f(CW\*(C`1.2.3.4 shortName A long name\*(C'\fR
+\&\f(CW\*(C`1.2.3.4 shortName A long name\*(C'\fR
.SH "EXAMPLES"
.IX Header "EXAMPLES"
Parse a file:
@@ -309,3 +325,11 @@ There should be options to change the format of output lines. The output of some
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIASN1_generate_nconf\fR\|(3)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/ca.1 b/secure/usr.bin/openssl/man/ca.1
index dd25df487f63..110d21a109e9 100644
--- a/secure/usr.bin/openssl/man/ca.1
+++ b/secure/usr.bin/openssl/man/ca.1
@@ -129,22 +129,23 @@
.\" ========================================================================
.\"
.IX Title "CA 1"
-.TH CA 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH CA 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-ca,
-ca \- sample minimal CA application
+openssl\-ca, ca \- sample minimal CA application
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBca\fR
+[\fB\-help\fR]
[\fB\-verbose\fR]
[\fB\-config filename\fR]
[\fB\-name section\fR]
[\fB\-gencrl\fR]
[\fB\-revoke file\fR]
+[\fB\-valid file\fR]
[\fB\-status serial\fR]
[\fB\-updatedb\fR]
[\fB\-crl_reason reason\fR]
@@ -181,7 +182,11 @@ ca \- sample minimal CA application
[\fB\-engine id\fR]
[\fB\-subj arg\fR]
[\fB\-utf8\fR]
+[\fB\-create_serial\fR]
+[\fB\-rand_serial\fR]
[\fB\-multivalue\-rdn\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBca\fR command is a minimal \s-1CA\s0 application. It can be used
@@ -190,61 +195,69 @@ CRLs it also maintains a text database of issued certificates
and their status.
.PP
The options descriptions will be divided into each purpose.
-.SH "CA OPTIONS"
-.IX Header "CA OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
+.IP "\fB\-verbose\fR" 4
+.IX Item "-verbose"
+This prints extra details about the operations being performed.
.IP "\fB\-config filename\fR" 4
.IX Item "-config filename"
-specifies the configuration file to use.
+Specifies the configuration file to use.
+Optional; for a description of the default value,
+see \*(L"\s-1COMMAND SUMMARY\*(R"\s0 in \fIopenssl\fR\|(1).
.IP "\fB\-name section\fR" 4
.IX Item "-name section"
-specifies the configuration file section to use (overrides
+Specifies the configuration file section to use (overrides
\&\fBdefault_ca\fR in the \fBca\fR section).
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
-an input filename containing a single certificate request to be
+An input filename containing a single certificate request to be
signed by the \s-1CA.\s0
.IP "\fB\-ss_cert filename\fR" 4
.IX Item "-ss_cert filename"
-a single self signed certificate to be signed by the \s-1CA.\s0
+A single self-signed certificate to be signed by the \s-1CA.\s0
.IP "\fB\-spkac filename\fR" 4
.IX Item "-spkac filename"
-a file containing a single Netscape signed public key and challenge
+A file containing a single Netscape signed public key and challenge
and additional field values to be signed by the \s-1CA.\s0 See the \fB\s-1SPKAC FORMAT\s0\fR
section for information on the required input and output format.
.IP "\fB\-infiles\fR" 4
.IX Item "-infiles"
-if present this should be the last option, all subsequent arguments
-are assumed to be the names of files containing certificate requests.
+If present this should be the last option, all subsequent arguments
+are taken as the names of files containing certificate requests.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-the output file to output certificates to. The default is standard
+The output file to output certificates to. The default is standard
output. The certificate details will also be printed out to this
file in \s-1PEM\s0 format (except that \fB\-spkac\fR outputs \s-1DER\s0 format).
.IP "\fB\-outdir directory\fR" 4
.IX Item "-outdir directory"
-the directory to output certificates to. The certificate will be
+The directory to output certificates to. The certificate will be
written to a filename consisting of the serial number in hex with
\&\*(L".pem\*(R" appended.
.IP "\fB\-cert\fR" 4
.IX Item "-cert"
-the \s-1CA\s0 certificate file.
+The \s-1CA\s0 certificate file.
.IP "\fB\-keyfile filename\fR" 4
.IX Item "-keyfile filename"
-the private key to sign requests with.
+The private key to sign requests with.
.IP "\fB\-keyform PEM|DER\fR" 4
.IX Item "-keyform PEM|DER"
-the format of the data in the private key file.
+The format of the data in the private key file.
The default is \s-1PEM.\s0
.IP "\fB\-key password\fR" 4
.IX Item "-key password"
-the password used to encrypt the private key. Since on some
+The password used to encrypt the private key. Since on some
systems the command line arguments are visible (e.g. Unix with
the 'ps' utility) this option should be used with caution.
.IP "\fB\-selfsign\fR" 4
.IX Item "-selfsign"
-indicates the issued certificates are to be signed with the key
+Indicates the issued certificates are to be signed with the key
the certificate requests were signed with (given with \fB\-keyfile\fR).
-Cerificate requests signed with a different key are ignored. If
+Certificate requests signed with a different key are ignored. If
\&\fB\-spkac\fR, \fB\-ss_cert\fR or \fB\-gencrl\fR are given, \fB\-selfsign\fR is
ignored.
.Sp
@@ -255,46 +268,48 @@ serial number counter as all other certificates sign with the
self-signed certificate.
.IP "\fB\-passin arg\fR" 4
.IX Item "-passin arg"
-the key password source. For more information about the format of \fBarg\fR
+The key password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
-.IP "\fB\-verbose\fR" 4
-.IX Item "-verbose"
-this prints extra details about the operations being performed.
.IP "\fB\-notext\fR" 4
.IX Item "-notext"
-don't output the text form of a certificate to the output file.
+Don't output the text form of a certificate to the output file.
.IP "\fB\-startdate date\fR" 4
.IX Item "-startdate date"
-this allows the start date to be explicitly set. The format of the
-date is \s-1YYMMDDHHMMSSZ\s0 (the same as an \s-1ASN1\s0 UTCTime structure).
+This allows the start date to be explicitly set. The format of the
+date is \s-1YYMMDDHHMMSSZ\s0 (the same as an \s-1ASN1\s0 UTCTime structure), or
+\&\s-1YYYYMMDDHHMMSSZ\s0 (the same as an \s-1ASN1\s0 GeneralizedTime structure). In
+both formats, seconds \s-1SS\s0 and timezone Z must be present.
.IP "\fB\-enddate date\fR" 4
.IX Item "-enddate date"
-this allows the expiry date to be explicitly set. The format of the
-date is \s-1YYMMDDHHMMSSZ\s0 (the same as an \s-1ASN1\s0 UTCTime structure).
+This allows the expiry date to be explicitly set. The format of the
+date is \s-1YYMMDDHHMMSSZ\s0 (the same as an \s-1ASN1\s0 UTCTime structure), or
+\&\s-1YYYYMMDDHHMMSSZ\s0 (the same as an \s-1ASN1\s0 GeneralizedTime structure). In
+both formats, seconds \s-1SS\s0 and timezone Z must be present.
.IP "\fB\-days arg\fR" 4
.IX Item "-days arg"
-the number of days to certify the certificate for.
+The number of days to certify the certificate for.
.IP "\fB\-md alg\fR" 4
.IX Item "-md alg"
-the message digest to use. Possible values include md5, sha1 and mdc2.
-This option also applies to CRLs.
+The message digest to use.
+Any digest supported by the OpenSSL \fBdgst\fR command can be used. For signing
+algorithms that do not support a digest (i.e. Ed25519 and Ed448) any message
+digest that is set is ignored. This option also applies to CRLs.
.IP "\fB\-policy arg\fR" 4
.IX Item "-policy arg"
-this option defines the \s-1CA\s0 \*(L"policy\*(R" to use. This is a section in
+This option defines the \s-1CA\s0 \*(L"policy\*(R" to use. This is a section in
the configuration file which decides which fields should be mandatory
or match the \s-1CA\s0 certificate. Check out the \fB\s-1POLICY FORMAT\s0\fR section
for more information.
.IP "\fB\-msie_hack\fR" 4
.IX Item "-msie_hack"
-this is a legacy option to make \fBca\fR work with very old versions of
+This is a deprecated option to make \fBca\fR work with very old versions of
the \s-1IE\s0 certificate enrollment control \*(L"certenr3\*(R". It used UniversalStrings
for almost everything. Since the old control has various security bugs
-its use is strongly discouraged. The newer control \*(L"Xenroll\*(R" does not
-need this option.
+its use is strongly discouraged.
.IP "\fB\-preserveDN\fR" 4
.IX Item "-preserveDN"
Normally the \s-1DN\s0 order of a certificate is the same as the order of the
-fields in the relevant policy section. When this option is set the order
+fields in the relevant policy section. When this option is set the order
is the same as the request. This is largely for compatibility with the
older \s-1IE\s0 enrollment control which would only accept certificates if their
DNs match the order of the request. This is not needed for Xenroll.
@@ -308,11 +323,11 @@ the, eventually present, extensions. The \fBemail_in_dn\fR keyword can be
used in the configuration file to enable this behaviour.
.IP "\fB\-batch\fR" 4
.IX Item "-batch"
-this sets the batch mode. In this mode no questions will be asked
+This sets the batch mode. In this mode no questions will be asked
and all certificates will be certified automatically.
.IP "\fB\-extensions section\fR" 4
.IX Item "-extensions section"
-the section of the configuration file containing certificate extensions
+The section of the configuration file containing certificate extensions
to be added when a certificate is issued (defaults to \fBx509_extensions\fR
unless the \fB\-extfile\fR option is used). If no extension section is
present then, a V1 certificate is created. If the extension section
@@ -321,64 +336,89 @@ is present (even if it is empty), then a V3 certificate is created. See the:w
extension section format.
.IP "\fB\-extfile file\fR" 4
.IX Item "-extfile file"
-an additional configuration file to read certificate extensions from
+An additional configuration file to read certificate extensions from
(using the default section unless the \fB\-extensions\fR option is also
used).
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBca\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBca\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
.IP "\fB\-subj arg\fR" 4
.IX Item "-subj arg"
-supersedes subject name given in the request.
+Supersedes subject name given in the request.
The arg must be formatted as \fI/type0=value0/type1=value1/type2=...\fR,
characters may be escaped by \e (backslash), no spaces are skipped.
.IP "\fB\-utf8\fR" 4
.IX Item "-utf8"
-this option causes field values to be interpreted as \s-1UTF8\s0 strings, by
+This option causes field values to be interpreted as \s-1UTF8\s0 strings, by
default they are interpreted as \s-1ASCII.\s0 This means that the field
values, whether prompted from a terminal or obtained from a
configuration file, must be valid \s-1UTF8\s0 strings.
+.IP "\fB\-create_serial\fR" 4
+.IX Item "-create_serial"
+If reading serial from the text file as specified in the configuration
+fails, specifying this option creates a new random serial to be used as next
+serial number.
+To get random serial numbers, use the \fB\-rand_serial\fR flag instead; this
+should only be used for simple error-recovery.
+.IP "\fB\-rand_serial\fR" 4
+.IX Item "-rand_serial"
+Generate a large random number to use as the serial number.
+This overrides any option or configuration to use a serial number file.
.IP "\fB\-multivalue\-rdn\fR" 4
.IX Item "-multivalue-rdn"
-this option causes the \-subj argument to be interpretedt with full
+This option causes the \-subj argument to be interpreted with full
support for multivalued RDNs. Example:
.Sp
\&\fI/DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe\fR
.Sp
If \-multi\-rdn is not used then the \s-1UID\s0 value is \fI123456+CN=John Doe\fR.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
+The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
+all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.SH "CRL OPTIONS"
.IX Header "CRL OPTIONS"
.IP "\fB\-gencrl\fR" 4
.IX Item "-gencrl"
-this option generates a \s-1CRL\s0 based on information in the index file.
+This option generates a \s-1CRL\s0 based on information in the index file.
.IP "\fB\-crldays num\fR" 4
.IX Item "-crldays num"
-the number of days before the next \s-1CRL\s0 is due. That is the days from
+The number of days before the next \s-1CRL\s0 is due. That is the days from
now to place in the \s-1CRL\s0 nextUpdate field.
.IP "\fB\-crlhours num\fR" 4
.IX Item "-crlhours num"
-the number of hours before the next \s-1CRL\s0 is due.
+The number of hours before the next \s-1CRL\s0 is due.
.IP "\fB\-revoke filename\fR" 4
.IX Item "-revoke filename"
-a filename containing a certificate to revoke.
+A filename containing a certificate to revoke.
+.IP "\fB\-valid filename\fR" 4
+.IX Item "-valid filename"
+A filename containing a certificate to add a Valid certificate entry.
.IP "\fB\-status serial\fR" 4
.IX Item "-status serial"
-displays the revocation status of the certificate with the specified
+Displays the revocation status of the certificate with the specified
serial number and exits.
.IP "\fB\-updatedb\fR" 4
.IX Item "-updatedb"
Updates the database index to purge expired certificates.
.IP "\fB\-crl_reason reason\fR" 4
.IX Item "-crl_reason reason"
-revocation reason, where \fBreason\fR is one of: \fBunspecified\fR, \fBkeyCompromise\fR,
+Revocation reason, where \fBreason\fR is one of: \fBunspecified\fR, \fBkeyCompromise\fR,
\&\fBCACompromise\fR, \fBaffiliationChanged\fR, \fBsuperseded\fR, \fBcessationOfOperation\fR,
\&\fBcertificateHold\fR or \fBremoveFromCRL\fR. The matching of \fBreason\fR is case
insensitive. Setting any revocation reason will make the \s-1CRL\s0 v2.
.Sp
-In practive \fBremoveFromCRL\fR is not particularly useful because it is only used
+In practice \fBremoveFromCRL\fR is not particularly useful because it is only used
in delta CRLs which are not currently implemented.
.IP "\fB\-crl_hold instruction\fR" 4
.IX Item "-crl_hold instruction"
@@ -396,7 +436,7 @@ This is the same as \fBcrl_compromise\fR except the revocation reason is set to
\&\fBCACompromise\fR.
.IP "\fB\-crlexts section\fR" 4
.IX Item "-crlexts section"
-the section of the configuration file containing \s-1CRL\s0 extensions to
+The section of the configuration file containing \s-1CRL\s0 extensions to
include. If no \s-1CRL\s0 extension section is present then a V1 \s-1CRL\s0 is
created, if the \s-1CRL\s0 extension section is present (even if it is
empty) then a V2 \s-1CRL\s0 is created. The \s-1CRL\s0 extensions specified are
@@ -439,48 +479,49 @@ object identifier followed by \fB=\fR and the numerical form. The short
and long names are the same when this option is used.
.IP "\fBnew_certs_dir\fR" 4
.IX Item "new_certs_dir"
-the same as the \fB\-outdir\fR command line option. It specifies
+The same as the \fB\-outdir\fR command line option. It specifies
the directory where new certificates will be placed. Mandatory.
.IP "\fBcertificate\fR" 4
.IX Item "certificate"
-the same as \fB\-cert\fR. It gives the file containing the \s-1CA\s0
+The same as \fB\-cert\fR. It gives the file containing the \s-1CA\s0
certificate. Mandatory.
.IP "\fBprivate_key\fR" 4
.IX Item "private_key"
-same as the \fB\-keyfile\fR option. The file containing the
+Same as the \fB\-keyfile\fR option. The file containing the
\&\s-1CA\s0 private key. Mandatory.
.IP "\fB\s-1RANDFILE\s0\fR" 4
.IX Item "RANDFILE"
-a file used to read and write random number seed information, or
-an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
+At startup the specified file is loaded into the random number generator,
+and at exit 256 bytes will be written to it.
.IP "\fBdefault_days\fR" 4
.IX Item "default_days"
-the same as the \fB\-days\fR option. The number of days to certify
+The same as the \fB\-days\fR option. The number of days to certify
a certificate for.
.IP "\fBdefault_startdate\fR" 4
.IX Item "default_startdate"
-the same as the \fB\-startdate\fR option. The start date to certify
+The same as the \fB\-startdate\fR option. The start date to certify
a certificate for. If not set the current time is used.
.IP "\fBdefault_enddate\fR" 4
.IX Item "default_enddate"
-the same as the \fB\-enddate\fR option. Either this option or
+The same as the \fB\-enddate\fR option. Either this option or
\&\fBdefault_days\fR (or the command line equivalents) must be
present.
.IP "\fBdefault_crl_hours default_crl_days\fR" 4
.IX Item "default_crl_hours default_crl_days"
-the same as the \fB\-crlhours\fR and the \fB\-crldays\fR options. These
+The same as the \fB\-crlhours\fR and the \fB\-crldays\fR options. These
will only be used if neither command line option is present. At
least one of these must be present to generate a \s-1CRL.\s0
.IP "\fBdefault_md\fR" 4
.IX Item "default_md"
-the same as the \fB\-md\fR option. The message digest to use. Mandatory.
+The same as the \fB\-md\fR option. Mandatory except where the signing algorithm does
+not require a digest (i.e. Ed25519 and Ed448).
.IP "\fBdatabase\fR" 4
.IX Item "database"
-the text database file to use. Mandatory. This file must be present
+The text database file to use. Mandatory. This file must be present
though initially it will be empty.
.IP "\fBunique_subject\fR" 4
.IX Item "unique_subject"
-if the value \fByes\fR is given, the valid certificate entries in the
+If the value \fByes\fR is given, the valid certificate entries in the
database must have unique subjects. if the value \fBno\fR is given,
several valid certificate entries may have the exact same subject.
The default value is \fByes\fR, to be compatible with older (pre 0.9.8)
@@ -493,37 +534,37 @@ without any subject. In the case where there are multiple certificates without
subjects this does not count as a duplicate.
.IP "\fBserial\fR" 4
.IX Item "serial"
-a text file containing the next serial number to use in hex. Mandatory.
+A text file containing the next serial number to use in hex. Mandatory.
This file must be present and contain a valid serial number.
.IP "\fBcrlnumber\fR" 4
.IX Item "crlnumber"
-a text file containing the next \s-1CRL\s0 number to use in hex. The crl number
+A text file containing the next \s-1CRL\s0 number to use in hex. The crl number
will be inserted in the CRLs only if this file exists. If this file is
present, it must contain a valid \s-1CRL\s0 number.
.IP "\fBx509_extensions\fR" 4
.IX Item "x509_extensions"
-the same as \fB\-extensions\fR.
+The same as \fB\-extensions\fR.
.IP "\fBcrl_extensions\fR" 4
.IX Item "crl_extensions"
-the same as \fB\-crlexts\fR.
+The same as \fB\-crlexts\fR.
.IP "\fBpreserve\fR" 4
.IX Item "preserve"
-the same as \fB\-preserveDN\fR
+The same as \fB\-preserveDN\fR
.IP "\fBemail_in_dn\fR" 4
.IX Item "email_in_dn"
-the same as \fB\-noemailDN\fR. If you want the \s-1EMAIL\s0 field to be removed
+The same as \fB\-noemailDN\fR. If you want the \s-1EMAIL\s0 field to be removed
from the \s-1DN\s0 of the certificate simply set this to 'no'. If not present
the default is to allow for the \s-1EMAIL\s0 filed in the certificate's \s-1DN.\s0
.IP "\fBmsie_hack\fR" 4
.IX Item "msie_hack"
-the same as \fB\-msie_hack\fR
+The same as \fB\-msie_hack\fR
.IP "\fBpolicy\fR" 4
.IX Item "policy"
-the same as \fB\-policy\fR. Mandatory. See the \fB\s-1POLICY FORMAT\s0\fR section
+The same as \fB\-policy\fR. Mandatory. See the \fB\s-1POLICY FORMAT\s0\fR section
for more information.
.IP "\fBname_opt\fR, \fBcert_opt\fR" 4
.IX Item "name_opt, cert_opt"
-these options allow the format used to display the certificate details
+These options allow the format used to display the certificate details
when asking the user to confirm signing. All the options supported by
the \fBx509\fR utilities \fB\-nameopt\fR and \fB\-certopt\fR switches can be used
here, except the \fBno_signame\fR and \fBno_sigdump\fR are permanently set
@@ -539,7 +580,7 @@ it only displays fields mentioned in the \fBpolicy\fR section, mishandles
multicharacter string types and does not display extensions.
.IP "\fBcopy_extensions\fR" 4
.IX Item "copy_extensions"
-determines how extensions in certificate requests should be handled.
+Determines how extensions in certificate requests should be handled.
If set to \fBnone\fR or this option is not present then extensions are
ignored and not copied to the certificate. If set to \fBcopy\fR then any
extensions present in the request that are not already present are copied
@@ -563,7 +604,7 @@ this can be regarded more of a quirk than intended behaviour.
.IX Header "SPKAC FORMAT"
The input to the \fB\-spkac\fR command line option is a Netscape
signed public key and challenge. This will usually come from
-the \fB\s-1KEYGEN\s0\fR tag in an \s-1HTML\s0 form to create a new private key.
+the \fB\s-1KEYGEN\s0\fR tag in an \s-1HTML\s0 form to create a new private key.
It is however possible to create SPKACs using the \fBspkac\fR utility.
.PP
The file should contain the variable \s-1SPKAC\s0 set to the value of
@@ -634,18 +675,19 @@ A sample configuration file with the relevant sections for \fBca\fR:
.Vb 2
\& [ ca ]
\& default_ca = CA_default # The default ca section
-\&
+\&
\& [ CA_default ]
\&
\& dir = ./demoCA # top dir
\& database = $dir/index.txt # index file.
\& new_certs_dir = $dir/newcerts # new certs dir
-\&
+\&
\& certificate = $dir/cacert.pem # The CA cert
\& serial = $dir/serial # serial no file
+\& #rand_serial = yes # for random serial#\*(Aqs
\& private_key = $dir/private/cakey.pem# CA private key
\& RANDFILE = $dir/private/.rand # random number file
-\&
+\&
\& default_days = 365 # how long to certify for
\& default_crl_days= 30 # how long before next CRL
\& default_md = md5 # md to use
@@ -683,13 +725,9 @@ The values below reflect the default values.
\& ./demoCA/certs \- certificate output file
\& ./demoCA/.rnd \- CA random seed information
.Ve
-.SH "ENVIRONMENT VARIABLES"
-.IX Header "ENVIRONMENT VARIABLES"
-\&\fB\s-1OPENSSL_CONF\s0\fR reflects the location of master configuration file it can
-be overridden by the \fB\-config\fR command line option.
.SH "RESTRICTIONS"
.IX Header "RESTRICTIONS"
-The text database index file is a critical part of the process and
+The text database index file is a critical part of the process and
if corrupted it can be difficult to fix. It is theoretically possible
to rebuild the index file from all the issued certificates and a current
\&\s-1CRL:\s0 however there is no option to do this.
@@ -697,17 +735,17 @@ to rebuild the index file from all the issued certificates and a current
V2 \s-1CRL\s0 features like delta CRLs are not currently supported.
.PP
Although several requests can be input and handled at once it is only
-possible to include one \s-1SPKAC\s0 or self signed certificate.
+possible to include one \s-1SPKAC\s0 or self-signed certificate.
.SH "BUGS"
.IX Header "BUGS"
-The use of an in memory text database can cause problems when large
+The use of an in-memory text database can cause problems when large
numbers of certificates are present because, as the name implies
the database has to be kept in memory.
.PP
The \fBca\fR command really needs rewriting or the required functionality
exposed at either a command or interface level so a more friendly utility
-(perl script or \s-1GUI\s0) can handle things properly. The scripts \fB\s-1CA\s0.sh\fR and
-\&\fB\s-1CA\s0.pl\fR help a little but not very much.
+(perl script or \s-1GUI\s0) can handle things properly. The script
+\&\fB\s-1CA\s0.pl\fR helps a little but not very much.
.PP
Any fields in a request that are not present in a policy are silently
deleted. This does not happen if the \fB\-preserveDN\fR option is used. To
@@ -716,7 +754,7 @@ RFCs, regardless the contents of the request' subject the \fB\-noemailDN\fR
option can be used. The behaviour should be more friendly and
configurable.
.PP
-Cancelling some commands by refusing to certify a certificate can
+Canceling some commands by refusing to certify a certificate can
create an empty file.
.SH "WARNINGS"
.IX Header "WARNINGS"
@@ -734,7 +772,7 @@ The \fBcopy_extensions\fR option should be used with caution. If care is
not taken then it can be a security risk. For example if a certificate
request contains a basicConstraints extension with \s-1CA:TRUE\s0 and the
\&\fBcopy_extensions\fR value is set to \fBcopyall\fR and the user does not spot
-this when the certificate is displayed then this will hand the requestor
+this when the certificate is displayed then this will hand the requester
a valid \s-1CA\s0 certificate.
.PP
This situation can be avoided by setting \fBcopy_extensions\fR to \fBcopy\fR
@@ -753,7 +791,22 @@ For example if the \s-1CA\s0 certificate has:
.Ve
.PP
then even if a certificate is issued with \s-1CA:TRUE\s0 it will not be valid.
+.SH "HISTORY"
+.IX Header "HISTORY"
+Since OpenSSL 1.1.1, the program follows \s-1RFC5280.\s0 Specifically,
+certificate validity period (specified by any of \fB\-startdate\fR,
+\&\fB\-enddate\fR and \fB\-days\fR) will be encoded as UTCTime if the dates are
+earlier than year 2049 (included), and as GeneralizedTime if the dates
+are in year 2050 or later.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIreq\fR\|(1), \fIspkac\fR\|(1), \fIx509\fR\|(1), \s-1\fICA\s0.pl\fR\|(1),
\&\fIconfig\fR\|(5), \fIx509v3_config\fR\|(5)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/ciphers.1 b/secure/usr.bin/openssl/man/ciphers.1
index 322381635569..f9b56e902ce0 100644
--- a/secure/usr.bin/openssl/man/ciphers.1
+++ b/secure/usr.bin/openssl/man/ciphers.1
@@ -129,55 +129,99 @@
.\" ========================================================================
.\"
.IX Title "CIPHERS 1"
-.TH CIPHERS 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH CIPHERS 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-ciphers,
-ciphers \- SSL cipher display and cipher list tool.
+openssl\-ciphers, ciphers \- SSL cipher display and cipher list tool
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBciphers\fR
+[\fB\-help\fR]
+[\fB\-s\fR]
[\fB\-v\fR]
[\fB\-V\fR]
-[\fB\-ssl2\fR]
[\fB\-ssl3\fR]
[\fB\-tls1\fR]
+[\fB\-tls1_1\fR]
+[\fB\-tls1_2\fR]
+[\fB\-tls1_3\fR]
+[\fB\-s\fR]
+[\fB\-psk\fR]
+[\fB\-srp\fR]
+[\fB\-stdname\fR]
+[\fB\-convert name\fR]
+[\fB\-ciphersuites val\fR]
[\fBcipherlist\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBciphers\fR command converts textual OpenSSL cipher lists into ordered
\&\s-1SSL\s0 cipher preference lists. It can be used as a test tool to determine
the appropriate cipherlist.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print a usage message.
+.IP "\fB\-s\fR" 4
+.IX Item "-s"
+Only list supported ciphers: those consistent with the security level, and
+minimum and maximum protocol version. This is closer to the actual cipher list
+an application will support.
+.Sp
+\&\s-1PSK\s0 and \s-1SRP\s0 ciphers are not enabled by default: they require \fB\-psk\fR or \fB\-srp\fR
+to enable them.
+.Sp
+It also does not change the default list of supported signature algorithms.
+.Sp
+On a server the list of supported ciphers might also exclude other ciphers
+depending on the configured certificates and presence of \s-1DH\s0 parameters.
+.Sp
+If this option is not used then all ciphers that match the cipherlist will be
+listed.
+.IP "\fB\-psk\fR" 4
+.IX Item "-psk"
+When combined with \fB\-s\fR includes cipher suites which require \s-1PSK.\s0
+.IP "\fB\-srp\fR" 4
+.IX Item "-srp"
+When combined with \fB\-s\fR includes cipher suites which require \s-1SRP.\s0
.IP "\fB\-v\fR" 4
.IX Item "-v"
-Verbose option. List ciphers with a complete description of
-protocol version (SSLv2 or SSLv3; the latter includes \s-1TLS\s0), key exchange,
-authentication, encryption and mac algorithms used along with any key size
-restrictions and whether the algorithm is classed as an \*(L"export\*(R" cipher.
-Note that without the \fB\-v\fR option, ciphers may seem to appear twice
-in a cipher list; this is when similar ciphers are available for
-\&\s-1SSL\s0 v2 and for \s-1SSL\s0 v3/TLS v1.
+Verbose output: For each cipher suite, list details as provided by
+\&\fISSL_CIPHER_description\fR\|(3).
.IP "\fB\-V\fR" 4
.IX Item "-V"
-Like \fB\-v\fR, but include cipher suite codes in output (hex format).
-.IP "\fB\-ssl3\fR, \fB\-tls1\fR" 4
-.IX Item "-ssl3, -tls1"
-This lists ciphers compatible with any of SSLv3, TLSv1, TLSv1.1 or TLSv1.2.
-.IP "\fB\-ssl2\fR" 4
-.IX Item "-ssl2"
-Only include SSLv2 ciphers.
-.IP "\fB\-h\fR, \fB\-?\fR" 4
-.IX Item "-h, -?"
-Print a brief usage message.
+Like \fB\-v\fR, but include the official cipher suite values in hex.
+.IP "\fB\-tls1_3\fR, \fB\-tls1_2\fR, \fB\-tls1_1\fR, \fB\-tls1\fR, \fB\-ssl3\fR" 4
+.IX Item "-tls1_3, -tls1_2, -tls1_1, -tls1, -ssl3"
+In combination with the \fB\-s\fR option, list the ciphers which could be used if
+the specified protocol were negotiated.
+Note that not all protocols and flags may be available, depending on how
+OpenSSL was built.
+.IP "\fB\-stdname\fR" 4
+.IX Item "-stdname"
+Precede each cipher suite by its standard name.
+.IP "\fB\-convert name\fR" 4
+.IX Item "-convert name"
+Convert a standard cipher \fBname\fR to its OpenSSL name.
+.IP "\fB\-ciphersuites val\fR" 4
+.IX Item "-ciphersuites val"
+Sets the list of TLSv1.3 ciphersuites. This list will be combined with any
+TLSv1.2 and below ciphersuites that have been configured. The format for this
+list is a simple colon (\*(L":\*(R") separated list of TLSv1.3 ciphersuite names. By
+default this value is:
+.Sp
+.Vb 1
+\& TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
+.Ve
.IP "\fBcipherlist\fR" 4
.IX Item "cipherlist"
-A cipher list to convert to a cipher preference list. If it is not included
-then the default cipher list will be used. The format is described below.
+A cipher list of TLSv1.2 and below ciphersuites to convert to a cipher
+preference list. This list will be combined with any TLSv1.3 ciphersuites that
+have been configured. If it is not included then the default cipher list will be
+used. The format is described below.
.SH "CIPHER LIST FORMAT"
.IX Header "CIPHER LIST FORMAT"
The cipher list consists of one or more \fIcipher strings\fR separated by colons.
@@ -215,287 +259,261 @@ as a list of ciphers to be appended to the current preference list. If the
list includes any ciphers already present they will be ignored: that is they
will not moved to the end of the list.
.PP
-Additionally the cipher string \fB\f(CB@STRENGTH\fB\fR can be used at any point to sort
-the current cipher list in order of encryption algorithm key length.
+The cipher string \fB\f(CB@STRENGTH\fB\fR can be used at any point to sort the current
+cipher list in order of encryption algorithm key length.
+.PP
+The cipher string \fB\f(CB@SECLEVEL\fB=n\fR can be used at any point to set the security
+level to \fBn\fR, which should be a number between zero and five, inclusive.
+See SSL_CTX_set_security_level for a description of what each level means.
+.PP
+The cipher list can be prefixed with the \fB\s-1DEFAULT\s0\fR keyword, which enables
+the default cipher list as defined below. Unlike cipher strings,
+this prefix may not be combined with other strings using \fB+\fR character.
+For example, \fB\s-1DEFAULT+DES\s0\fR is not valid.
+.PP
+The content of the default list is determined at compile time and normally
+corresponds to \fB\s-1ALL:\s0!COMPLEMENTOFDEFAULT:!eNULL\fR.
.SH "CIPHER STRINGS"
.IX Header "CIPHER STRINGS"
The following is a list of all permitted cipher strings and their meanings.
-.IP "\fB\s-1DEFAULT\s0\fR" 4
-.IX Item "DEFAULT"
-The default cipher list.
-This is determined at compile time and is normally
-\&\fB\s-1ALL:\s0!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2\fR.
-When used, this must be the first cipherstring specified.
.IP "\fB\s-1COMPLEMENTOFDEFAULT\s0\fR" 4
.IX Item "COMPLEMENTOFDEFAULT"
-the ciphers included in \fB\s-1ALL\s0\fR, but not enabled by default. Currently
-this is \fB\s-1ADH\s0\fR and \fB\s-1AECDH\s0\fR. Note that this rule does not cover \fBeNULL\fR,
-which is not included by \fB\s-1ALL\s0\fR (use \fB\s-1COMPLEMENTOFALL\s0\fR if necessary).
+The ciphers included in \fB\s-1ALL\s0\fR, but not enabled by default. Currently
+this includes all \s-1RC4\s0 and anonymous ciphers. Note that this rule does
+not cover \fBeNULL\fR, which is not included by \fB\s-1ALL\s0\fR (use \fB\s-1COMPLEMENTOFALL\s0\fR if
+necessary). Note that \s-1RC4\s0 based cipher suites are not built into OpenSSL by
+default (see the enable-weak-ssl-ciphers option to Configure).
.IP "\fB\s-1ALL\s0\fR" 4
.IX Item "ALL"
-all cipher suites except the \fBeNULL\fR ciphers which must be explicitly enabled;
-as of OpenSSL, the \fB\s-1ALL\s0\fR cipher suites are reasonably ordered by default
+All cipher suites except the \fBeNULL\fR ciphers (which must be explicitly enabled
+if needed).
+As of OpenSSL 1.0.0, the \fB\s-1ALL\s0\fR cipher suites are sensibly ordered by default.
.IP "\fB\s-1COMPLEMENTOFALL\s0\fR" 4
.IX Item "COMPLEMENTOFALL"
-the cipher suites not enabled by \fB\s-1ALL\s0\fR, currently being \fBeNULL\fR.
+The cipher suites not enabled by \fB\s-1ALL\s0\fR, currently \fBeNULL\fR.
.IP "\fB\s-1HIGH\s0\fR" 4
.IX Item "HIGH"
-\&\*(L"high\*(R" encryption cipher suites. This currently means those with key lengths larger
-than 128 bits, and some cipher suites with 128\-bit keys.
+\&\*(L"High\*(R" encryption cipher suites. This currently means those with key lengths
+larger than 128 bits, and some cipher suites with 128\-bit keys.
.IP "\fB\s-1MEDIUM\s0\fR" 4
.IX Item "MEDIUM"
-\&\*(L"medium\*(R" encryption cipher suites, currently some of those using 128 bit encryption.
+\&\*(L"Medium\*(R" encryption cipher suites, currently some of those using 128 bit
+encryption.
.IP "\fB\s-1LOW\s0\fR" 4
.IX Item "LOW"
-Low strength encryption cipher suites, currently those using 64 or 56 bit
-encryption algorithms but excluding export cipher suites.
-As of OpenSSL 1.0.2g, these are disabled in default builds.
-.IP "\fB\s-1EXP\s0\fR, \fB\s-1EXPORT\s0\fR" 4
-.IX Item "EXP, EXPORT"
-Export strength encryption algorithms. Including 40 and 56 bits algorithms.
-As of OpenSSL 1.0.2g, these are disabled in default builds.
-.IP "\fB\s-1EXPORT40\s0\fR" 4
-.IX Item "EXPORT40"
-40\-bit export encryption algorithms
-As of OpenSSL 1.0.2g, these are disabled in default builds.
-.IP "\fB\s-1EXPORT56\s0\fR" 4
-.IX Item "EXPORT56"
-56\-bit export encryption algorithms. In OpenSSL 0.9.8c and later the set of
-56 bit export ciphers is empty unless OpenSSL has been explicitly configured
-with support for experimental ciphers.
-As of OpenSSL 1.0.2g, these are disabled in default builds.
+\&\*(L"Low\*(R" encryption cipher suites, currently those using 64 or 56 bit
+encryption algorithms but excluding export cipher suites. All these
+cipher suites have been removed as of OpenSSL 1.1.0.
.IP "\fBeNULL\fR, \fB\s-1NULL\s0\fR" 4
.IX Item "eNULL, NULL"
The \*(L"\s-1NULL\*(R"\s0 ciphers that is those offering no encryption. Because these offer no
encryption at all and are a security risk they are not enabled via either the
\&\fB\s-1DEFAULT\s0\fR or \fB\s-1ALL\s0\fR cipher strings.
Be careful when building cipherlists out of lower-level primitives such as
-\&\fBkRSA\fR or \fBaECDSA\fR as these do overlap with the \fBeNULL\fR ciphers.
-When in doubt, include \fB!eNULL\fR in your cipherlist.
+\&\fBkRSA\fR or \fBaECDSA\fR as these do overlap with the \fBeNULL\fR ciphers. When in
+doubt, include \fB!eNULL\fR in your cipherlist.
.IP "\fBaNULL\fR" 4
.IX Item "aNULL"
The cipher suites offering no authentication. This is currently the anonymous
\&\s-1DH\s0 algorithms and anonymous \s-1ECDH\s0 algorithms. These cipher suites are vulnerable
-to a \*(L"man in the middle\*(R" attack and so their use is normally discouraged.
+to \*(L"man in the middle\*(R" attacks and so their use is discouraged.
These are excluded from the \fB\s-1DEFAULT\s0\fR ciphers, but included in the \fB\s-1ALL\s0\fR
ciphers.
Be careful when building cipherlists out of lower-level primitives such as
\&\fBkDHE\fR or \fB\s-1AES\s0\fR as these do overlap with the \fBaNULL\fR ciphers.
When in doubt, include \fB!aNULL\fR in your cipherlist.
-.IP "\fBkRSA\fR, \fB\s-1RSA\s0\fR" 4
-.IX Item "kRSA, RSA"
-cipher suites using \s-1RSA\s0 key exchange or authentication. \fB\s-1RSA\s0\fR is an alias for
+.IP "\fBkRSA\fR, \fBaRSA\fR, \fB\s-1RSA\s0\fR" 4
+.IX Item "kRSA, aRSA, RSA"
+Cipher suites using \s-1RSA\s0 key exchange or authentication. \fB\s-1RSA\s0\fR is an alias for
\&\fBkRSA\fR.
.IP "\fBkDHr\fR, \fBkDHd\fR, \fBkDH\fR" 4
.IX Item "kDHr, kDHd, kDH"
-cipher suites using \s-1DH\s0 key agreement and \s-1DH\s0 certificates signed by CAs with \s-1RSA\s0
-and \s-1DSS\s0 keys or either respectively.
-.IP "\fBkDHE\fR, \fBkEDH\fR" 4
-.IX Item "kDHE, kEDH"
-cipher suites using ephemeral \s-1DH\s0 key agreement, including anonymous cipher
+Cipher suites using static \s-1DH\s0 key agreement and \s-1DH\s0 certificates signed by CAs
+with \s-1RSA\s0 and \s-1DSS\s0 keys or either respectively.
+All these cipher suites have been removed in OpenSSL 1.1.0.
+.IP "\fBkDHE\fR, \fBkEDH\fR, \fB\s-1DH\s0\fR" 4
+.IX Item "kDHE, kEDH, DH"
+Cipher suites using ephemeral \s-1DH\s0 key agreement, including anonymous cipher
suites.
.IP "\fB\s-1DHE\s0\fR, \fB\s-1EDH\s0\fR" 4
.IX Item "DHE, EDH"
-cipher suites using authenticated ephemeral \s-1DH\s0 key agreement.
+Cipher suites using authenticated ephemeral \s-1DH\s0 key agreement.
.IP "\fB\s-1ADH\s0\fR" 4
.IX Item "ADH"
-anonymous \s-1DH\s0 cipher suites, note that this does not include anonymous Elliptic
+Anonymous \s-1DH\s0 cipher suites, note that this does not include anonymous Elliptic
Curve \s-1DH\s0 (\s-1ECDH\s0) cipher suites.
-.IP "\fB\s-1DH\s0\fR" 4
-.IX Item "DH"
-cipher suites using \s-1DH,\s0 including anonymous \s-1DH,\s0 ephemeral \s-1DH\s0 and fixed \s-1DH.\s0
-.IP "\fBkECDHr\fR, \fBkECDHe\fR, \fBkECDH\fR" 4
-.IX Item "kECDHr, kECDHe, kECDH"
-cipher suites using fixed \s-1ECDH\s0 key agreement signed by CAs with \s-1RSA\s0 and \s-1ECDSA\s0
-keys or either respectively.
-.IP "\fBkECDHE\fR, \fBkEECDH\fR" 4
-.IX Item "kECDHE, kEECDH"
-cipher suites using ephemeral \s-1ECDH\s0 key agreement, including anonymous
+.IP "\fBkEECDH\fR, \fBkECDHE\fR, \fB\s-1ECDH\s0\fR" 4
+.IX Item "kEECDH, kECDHE, ECDH"
+Cipher suites using ephemeral \s-1ECDH\s0 key agreement, including anonymous
cipher suites.
.IP "\fB\s-1ECDHE\s0\fR, \fB\s-1EECDH\s0\fR" 4
.IX Item "ECDHE, EECDH"
-cipher suites using authenticated ephemeral \s-1ECDH\s0 key agreement.
+Cipher suites using authenticated ephemeral \s-1ECDH\s0 key agreement.
.IP "\fB\s-1AECDH\s0\fR" 4
.IX Item "AECDH"
-anonymous Elliptic Curve Diffie Hellman cipher suites.
-.IP "\fB\s-1ECDH\s0\fR" 4
-.IX Item "ECDH"
-cipher suites using \s-1ECDH\s0 key exchange, including anonymous, ephemeral and
-fixed \s-1ECDH.\s0
-.IP "\fBaRSA\fR" 4
-.IX Item "aRSA"
-cipher suites using \s-1RSA\s0 authentication, i.e. the certificates carry \s-1RSA\s0 keys.
+Anonymous Elliptic Curve Diffie-Hellman cipher suites.
.IP "\fBaDSS\fR, \fB\s-1DSS\s0\fR" 4
.IX Item "aDSS, DSS"
-cipher suites using \s-1DSS\s0 authentication, i.e. the certificates carry \s-1DSS\s0 keys.
+Cipher suites using \s-1DSS\s0 authentication, i.e. the certificates carry \s-1DSS\s0 keys.
.IP "\fBaDH\fR" 4
.IX Item "aDH"
-cipher suites effectively using \s-1DH\s0 authentication, i.e. the certificates carry
+Cipher suites effectively using \s-1DH\s0 authentication, i.e. the certificates carry
\&\s-1DH\s0 keys.
-.IP "\fBaECDH\fR" 4
-.IX Item "aECDH"
-cipher suites effectively using \s-1ECDH\s0 authentication, i.e. the certificates
-carry \s-1ECDH\s0 keys.
+All these cipher suites have been removed in OpenSSL 1.1.0.
.IP "\fBaECDSA\fR, \fB\s-1ECDSA\s0\fR" 4
.IX Item "aECDSA, ECDSA"
-cipher suites using \s-1ECDSA\s0 authentication, i.e. the certificates carry \s-1ECDSA\s0
+Cipher suites using \s-1ECDSA\s0 authentication, i.e. the certificates carry \s-1ECDSA\s0
keys.
-.IP "\fBkFZA\fR, \fBaFZA\fR, \fBeFZA\fR, \fB\s-1FZA\s0\fR" 4
-.IX Item "kFZA, aFZA, eFZA, FZA"
-ciphers suites using \s-1FORTEZZA\s0 key exchange, authentication, encryption or all
-\&\s-1FORTEZZA\s0 algorithms. Not implemented.
-.IP "\fBTLSv1.2\fR, \fBTLSv1\fR, \fBSSLv3\fR, \fBSSLv2\fR" 4
-.IX Item "TLSv1.2, TLSv1, SSLv3, SSLv2"
-\&\s-1TLS\s0 v1.2, \s-1TLS\s0 v1.0, \s-1SSL\s0 v3.0 or \s-1SSL\s0 v2.0 cipher suites respectively. Note:
-there are no ciphersuites specific to \s-1TLS\s0 v1.1.
+.IP "\fBTLSv1.2\fR, \fBTLSv1.0\fR, \fBSSLv3\fR" 4
+.IX Item "TLSv1.2, TLSv1.0, SSLv3"
+Lists cipher suites which are only supported in at least \s-1TLS\s0 v1.2, \s-1TLS\s0 v1.0 or
+\&\s-1SSL\s0 v3.0 respectively.
+Note: there are no cipher suites specific to \s-1TLS\s0 v1.1.
+Since this is only the minimum version, if, for example, TLSv1.0 is negotiated
+then both TLSv1.0 and SSLv3.0 cipher suites are available.
+.Sp
+Note: these cipher strings \fBdo not\fR change the negotiated version of \s-1SSL\s0 or
+\&\s-1TLS,\s0 they only affect the list of available cipher suites.
.IP "\fB\s-1AES128\s0\fR, \fB\s-1AES256\s0\fR, \fB\s-1AES\s0\fR" 4
.IX Item "AES128, AES256, AES"
cipher suites using 128 bit \s-1AES, 256\s0 bit \s-1AES\s0 or either 128 or 256 bit \s-1AES.\s0
.IP "\fB\s-1AESGCM\s0\fR" 4
.IX Item "AESGCM"
-\&\s-1AES\s0 in Galois Counter Mode (\s-1GCM\s0): these ciphersuites are only supported
+\&\s-1AES\s0 in Galois Counter Mode (\s-1GCM\s0): these cipher suites are only supported
in \s-1TLS\s0 v1.2.
+.IP "\fB\s-1AESCCM\s0\fR, \fB\s-1AESCCM8\s0\fR" 4
+.IX Item "AESCCM, AESCCM8"
+\&\s-1AES\s0 in Cipher Block Chaining \- Message Authentication Mode (\s-1CCM\s0): these
+cipher suites are only supported in \s-1TLS\s0 v1.2. \fB\s-1AESCCM\s0\fR references \s-1CCM\s0
+cipher suites using both 16 and 8 octet Integrity Check Value (\s-1ICV\s0)
+while \fB\s-1AESCCM8\s0\fR only references 8 octet \s-1ICV.\s0
+.IP "\fB\s-1ARIA128\s0\fR, \fB\s-1ARIA256\s0\fR, \fB\s-1ARIA\s0\fR" 4
+.IX Item "ARIA128, ARIA256, ARIA"
+Cipher suites using 128 bit \s-1ARIA, 256\s0 bit \s-1ARIA\s0 or either 128 or 256 bit
+\&\s-1ARIA.\s0
.IP "\fB\s-1CAMELLIA128\s0\fR, \fB\s-1CAMELLIA256\s0\fR, \fB\s-1CAMELLIA\s0\fR" 4
.IX Item "CAMELLIA128, CAMELLIA256, CAMELLIA"
-cipher suites using 128 bit \s-1CAMELLIA, 256\s0 bit \s-1CAMELLIA\s0 or either 128 or 256 bit
+Cipher suites using 128 bit \s-1CAMELLIA, 256\s0 bit \s-1CAMELLIA\s0 or either 128 or 256 bit
\&\s-1CAMELLIA.\s0
+.IP "\fB\s-1CHACHA20\s0\fR" 4
+.IX Item "CHACHA20"
+Cipher suites using ChaCha20.
.IP "\fB3DES\fR" 4
.IX Item "3DES"
-cipher suites using triple \s-1DES.\s0
+Cipher suites using triple \s-1DES.\s0
.IP "\fB\s-1DES\s0\fR" 4
.IX Item "DES"
-cipher suites using \s-1DES\s0 (not triple \s-1DES\s0).
+Cipher suites using \s-1DES\s0 (not triple \s-1DES\s0).
+All these cipher suites have been removed in OpenSSL 1.1.0.
.IP "\fB\s-1RC4\s0\fR" 4
.IX Item "RC4"
-cipher suites using \s-1RC4.\s0
+Cipher suites using \s-1RC4.\s0
.IP "\fB\s-1RC2\s0\fR" 4
.IX Item "RC2"
-cipher suites using \s-1RC2.\s0
+Cipher suites using \s-1RC2.\s0
.IP "\fB\s-1IDEA\s0\fR" 4
.IX Item "IDEA"
-cipher suites using \s-1IDEA.\s0
+Cipher suites using \s-1IDEA.\s0
.IP "\fB\s-1SEED\s0\fR" 4
.IX Item "SEED"
-cipher suites using \s-1SEED.\s0
+Cipher suites using \s-1SEED.\s0
.IP "\fB\s-1MD5\s0\fR" 4
.IX Item "MD5"
-cipher suites using \s-1MD5.\s0
+Cipher suites using \s-1MD5.\s0
.IP "\fB\s-1SHA1\s0\fR, \fB\s-1SHA\s0\fR" 4
.IX Item "SHA1, SHA"
-cipher suites using \s-1SHA1.\s0
+Cipher suites using \s-1SHA1.\s0
.IP "\fB\s-1SHA256\s0\fR, \fB\s-1SHA384\s0\fR" 4
.IX Item "SHA256, SHA384"
-ciphersuites using \s-1SHA256\s0 or \s-1SHA384.\s0
+Cipher suites using \s-1SHA256\s0 or \s-1SHA384.\s0
.IP "\fBaGOST\fR" 4
.IX Item "aGOST"
-cipher suites using \s-1GOST R 34.10\s0 (either 2001 or 94) for authenticaction
+Cipher suites using \s-1GOST R 34.10\s0 (either 2001 or 94) for authentication
(needs an engine supporting \s-1GOST\s0 algorithms).
.IP "\fBaGOST01\fR" 4
.IX Item "aGOST01"
-cipher suites using \s-1GOST R 34.10\-2001\s0 authentication.
-.IP "\fBaGOST94\fR" 4
-.IX Item "aGOST94"
-cipher suites using \s-1GOST R 34.10\-94\s0 authentication (note that R 34.10\-94
-standard has been expired so use \s-1GOST R 34.10\-2001\s0)
+Cipher suites using \s-1GOST R 34.10\-2001\s0 authentication.
.IP "\fBkGOST\fR" 4
.IX Item "kGOST"
-cipher suites, using \s-1VKO 34.10\s0 key exchange, specified in the \s-1RFC 4357.\s0
+Cipher suites, using \s-1VKO 34.10\s0 key exchange, specified in the \s-1RFC 4357.\s0
.IP "\fB\s-1GOST94\s0\fR" 4
.IX Item "GOST94"
-cipher suites, using \s-1HMAC\s0 based on \s-1GOST R 34.11\-94.\s0
+Cipher suites, using \s-1HMAC\s0 based on \s-1GOST R 34.11\-94.\s0
.IP "\fB\s-1GOST89MAC\s0\fR" 4
.IX Item "GOST89MAC"
-cipher suites using \s-1GOST 28147\-89 MAC\s0 \fBinstead of\fR \s-1HMAC.\s0
+Cipher suites using \s-1GOST 28147\-89 MAC\s0 \fBinstead of\fR \s-1HMAC.\s0
.IP "\fB\s-1PSK\s0\fR" 4
.IX Item "PSK"
-cipher suites using pre-shared keys (\s-1PSK\s0).
+All cipher suites using pre-shared keys (\s-1PSK\s0).
+.IP "\fBkPSK\fR, \fBkECDHEPSK\fR, \fBkDHEPSK\fR, \fBkRSAPSK\fR" 4
+.IX Item "kPSK, kECDHEPSK, kDHEPSK, kRSAPSK"
+Cipher suites using \s-1PSK\s0 key exchange, \s-1ECDHE_PSK, DHE_PSK\s0 or \s-1RSA_PSK.\s0
+.IP "\fBaPSK\fR" 4
+.IX Item "aPSK"
+Cipher suites using \s-1PSK\s0 authentication (currently all \s-1PSK\s0 modes apart from
+\&\s-1RSA_PSK\s0).
.IP "\fB\s-1SUITEB128\s0\fR, \fB\s-1SUITEB128ONLY\s0\fR, \fB\s-1SUITEB192\s0\fR" 4
.IX Item "SUITEB128, SUITEB128ONLY, SUITEB192"
-enables suite B mode operation using 128 (permitting 192 bit mode by peer)
+Enables suite B mode of operation using 128 (permitting 192 bit mode by peer)
128 bit (not permitting 192 bit by peer) or 192 bit level of security
-respectively. If used these cipherstrings should appear first in the cipher
-list and anything after them is ignored. Setting Suite B mode has additional
-consequences required to comply with \s-1RFC6460.\s0 In particular the supported
-signature algorithms is reduced to support only \s-1ECDSA\s0 and \s-1SHA256\s0 or \s-1SHA384,\s0
-only the elliptic curves P\-256 and P\-384 can be used and only the two suite B
-compliant ciphersuites (\s-1ECDHE\-ECDSA\-AES128\-GCM\-SHA256\s0 and
-\&\s-1ECDHE\-ECDSA\-AES256\-GCM\-SHA384\s0) are permissible.
+respectively.
+If used these cipherstrings should appear first in the cipher
+list and anything after them is ignored.
+Setting Suite B mode has additional consequences required to comply with
+\&\s-1RFC6460.\s0
+In particular the supported signature algorithms is reduced to support only
+\&\s-1ECDSA\s0 and \s-1SHA256\s0 or \s-1SHA384,\s0 only the elliptic curves P\-256 and P\-384 can be
+used and only the two suite B compliant cipher suites
+(\s-1ECDHE\-ECDSA\-AES128\-GCM\-SHA256\s0 and \s-1ECDHE\-ECDSA\-AES256\-GCM\-SHA384\s0) are
+permissible.
.SH "CIPHER SUITE NAMES"
.IX Header "CIPHER SUITE NAMES"
The following lists give the \s-1SSL\s0 or \s-1TLS\s0 cipher suites names from the
relevant specification and their OpenSSL equivalents. It should be noted,
that several cipher suite names do not include the authentication used,
e.g. \s-1DES\-CBC3\-SHA.\s0 In these cases, \s-1RSA\s0 authentication is used.
-.SS "\s-1SSL\s0 v3.0 cipher suites."
-.IX Subsection "SSL v3.0 cipher suites."
-.Vb 10
+.SS "\s-1SSL\s0 v3.0 cipher suites"
+.IX Subsection "SSL v3.0 cipher suites"
+.Vb 6
\& SSL_RSA_WITH_NULL_MD5 NULL\-MD5
\& SSL_RSA_WITH_NULL_SHA NULL\-SHA
-\& SSL_RSA_EXPORT_WITH_RC4_40_MD5 EXP\-RC4\-MD5
\& SSL_RSA_WITH_RC4_128_MD5 RC4\-MD5
\& SSL_RSA_WITH_RC4_128_SHA RC4\-SHA
-\& SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 EXP\-RC2\-CBC\-MD5
\& SSL_RSA_WITH_IDEA_CBC_SHA IDEA\-CBC\-SHA
-\& SSL_RSA_EXPORT_WITH_DES40_CBC_SHA EXP\-DES\-CBC\-SHA
-\& SSL_RSA_WITH_DES_CBC_SHA DES\-CBC\-SHA
\& SSL_RSA_WITH_3DES_EDE_CBC_SHA DES\-CBC3\-SHA
\&
-\& SSL_DH_DSS_WITH_DES_CBC_SHA DH\-DSS\-DES\-CBC\-SHA
\& SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA DH\-DSS\-DES\-CBC3\-SHA
-\& SSL_DH_RSA_WITH_DES_CBC_SHA DH\-RSA\-DES\-CBC\-SHA
\& SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA DH\-RSA\-DES\-CBC3\-SHA
-\& SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP\-EDH\-DSS\-DES\-CBC\-SHA
-\& SSL_DHE_DSS_WITH_DES_CBC_SHA EDH\-DSS\-CBC\-SHA
-\& SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA EDH\-DSS\-DES\-CBC3\-SHA
-\& SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA EXP\-EDH\-RSA\-DES\-CBC\-SHA
-\& SSL_DHE_RSA_WITH_DES_CBC_SHA EDH\-RSA\-DES\-CBC\-SHA
-\& SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA EDH\-RSA\-DES\-CBC3\-SHA
-\&
-\& SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 EXP\-ADH\-RC4\-MD5
+\& SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA DHE\-DSS\-DES\-CBC3\-SHA
+\& SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA DHE\-RSA\-DES\-CBC3\-SHA
+\&
\& SSL_DH_anon_WITH_RC4_128_MD5 ADH\-RC4\-MD5
-\& SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA EXP\-ADH\-DES\-CBC\-SHA
-\& SSL_DH_anon_WITH_DES_CBC_SHA ADH\-DES\-CBC\-SHA
\& SSL_DH_anon_WITH_3DES_EDE_CBC_SHA ADH\-DES\-CBC3\-SHA
\&
\& SSL_FORTEZZA_KEA_WITH_NULL_SHA Not implemented.
\& SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA Not implemented.
\& SSL_FORTEZZA_KEA_WITH_RC4_128_SHA Not implemented.
.Ve
-.SS "\s-1TLS\s0 v1.0 cipher suites."
-.IX Subsection "TLS v1.0 cipher suites."
-.Vb 10
+.SS "\s-1TLS\s0 v1.0 cipher suites"
+.IX Subsection "TLS v1.0 cipher suites"
+.Vb 6
\& TLS_RSA_WITH_NULL_MD5 NULL\-MD5
\& TLS_RSA_WITH_NULL_SHA NULL\-SHA
-\& TLS_RSA_EXPORT_WITH_RC4_40_MD5 EXP\-RC4\-MD5
\& TLS_RSA_WITH_RC4_128_MD5 RC4\-MD5
\& TLS_RSA_WITH_RC4_128_SHA RC4\-SHA
-\& TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 EXP\-RC2\-CBC\-MD5
\& TLS_RSA_WITH_IDEA_CBC_SHA IDEA\-CBC\-SHA
-\& TLS_RSA_EXPORT_WITH_DES40_CBC_SHA EXP\-DES\-CBC\-SHA
-\& TLS_RSA_WITH_DES_CBC_SHA DES\-CBC\-SHA
\& TLS_RSA_WITH_3DES_EDE_CBC_SHA DES\-CBC3\-SHA
\&
-\& TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA Not implemented.
-\& TLS_DH_DSS_WITH_DES_CBC_SHA Not implemented.
\& TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA Not implemented.
-\& TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA Not implemented.
-\& TLS_DH_RSA_WITH_DES_CBC_SHA Not implemented.
\& TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA Not implemented.
-\& TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP\-EDH\-DSS\-DES\-CBC\-SHA
-\& TLS_DHE_DSS_WITH_DES_CBC_SHA EDH\-DSS\-CBC\-SHA
-\& TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA EDH\-DSS\-DES\-CBC3\-SHA
-\& TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA EXP\-EDH\-RSA\-DES\-CBC\-SHA
-\& TLS_DHE_RSA_WITH_DES_CBC_SHA EDH\-RSA\-DES\-CBC\-SHA
-\& TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA EDH\-RSA\-DES\-CBC3\-SHA
-\&
-\& TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 EXP\-ADH\-RC4\-MD5
+\& TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA DHE\-DSS\-DES\-CBC3\-SHA
+\& TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DHE\-RSA\-DES\-CBC3\-SHA
+\&
\& TLS_DH_anon_WITH_RC4_128_MD5 ADH\-RC4\-MD5
-\& TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA EXP\-ADH\-DES\-CBC\-SHA
-\& TLS_DH_anon_WITH_DES_CBC_SHA ADH\-DES\-CBC\-SHA
\& TLS_DH_anon_WITH_3DES_EDE_CBC_SHA ADH\-DES\-CBC3\-SHA
.Ve
-.SS "\s-1AES\s0 ciphersuites from \s-1RFC3268,\s0 extending \s-1TLS\s0 v1.0"
-.IX Subsection "AES ciphersuites from RFC3268, extending TLS v1.0"
+.SS "\s-1AES\s0 cipher suites from \s-1RFC3268,\s0 extending \s-1TLS\s0 v1.0"
+.IX Subsection "AES cipher suites from RFC3268, extending TLS v1.0"
.Vb 2
\& TLS_RSA_WITH_AES_128_CBC_SHA AES128\-SHA
\& TLS_RSA_WITH_AES_256_CBC_SHA AES256\-SHA
@@ -513,8 +531,8 @@ e.g. \s-1DES\-CBC3\-SHA.\s0 In these cases, \s-1RSA\s0 authentication is used.
\& TLS_DH_anon_WITH_AES_128_CBC_SHA ADH\-AES128\-SHA
\& TLS_DH_anon_WITH_AES_256_CBC_SHA ADH\-AES256\-SHA
.Ve
-.SS "Camellia ciphersuites from \s-1RFC4132,\s0 extending \s-1TLS\s0 v1.0"
-.IX Subsection "Camellia ciphersuites from RFC4132, extending TLS v1.0"
+.SS "Camellia cipher suites from \s-1RFC4132,\s0 extending \s-1TLS\s0 v1.0"
+.IX Subsection "Camellia cipher suites from RFC4132, extending TLS v1.0"
.Vb 2
\& TLS_RSA_WITH_CAMELLIA_128_CBC_SHA CAMELLIA128\-SHA
\& TLS_RSA_WITH_CAMELLIA_256_CBC_SHA CAMELLIA256\-SHA
@@ -532,8 +550,8 @@ e.g. \s-1DES\-CBC3\-SHA.\s0 In these cases, \s-1RSA\s0 authentication is used.
\& TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA ADH\-CAMELLIA128\-SHA
\& TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA ADH\-CAMELLIA256\-SHA
.Ve
-.SS "\s-1SEED\s0 ciphersuites from \s-1RFC4162,\s0 extending \s-1TLS\s0 v1.0"
-.IX Subsection "SEED ciphersuites from RFC4162, extending TLS v1.0"
+.SS "\s-1SEED\s0 cipher suites from \s-1RFC4162,\s0 extending \s-1TLS\s0 v1.0"
+.IX Subsection "SEED cipher suites from RFC4162, extending TLS v1.0"
.Vb 1
\& TLS_RSA_WITH_SEED_CBC_SHA SEED\-SHA
\&
@@ -545,8 +563,8 @@ e.g. \s-1DES\-CBC3\-SHA.\s0 In these cases, \s-1RSA\s0 authentication is used.
\&
\& TLS_DH_anon_WITH_SEED_CBC_SHA ADH\-SEED\-SHA
.Ve
-.SS "\s-1GOST\s0 ciphersuites from draft-chudov-cryptopro-cptls, extending \s-1TLS\s0 v1.0"
-.IX Subsection "GOST ciphersuites from draft-chudov-cryptopro-cptls, extending TLS v1.0"
+.SS "\s-1GOST\s0 cipher suites from draft-chudov-cryptopro-cptls, extending \s-1TLS\s0 v1.0"
+.IX Subsection "GOST cipher suites from draft-chudov-cryptopro-cptls, extending TLS v1.0"
Note: these ciphers require an engine which including \s-1GOST\s0 cryptographic
algorithms, such as the \fBccgost\fR engine, included in the OpenSSL distribution.
.PP
@@ -560,28 +578,12 @@ algorithms, such as the \fBccgost\fR engine, included in the OpenSSL distributio
.IX Subsection "Additional Export 1024 and other cipher suites"
Note: these ciphers can also be used in \s-1SSL\s0 v3.
.PP
-.Vb 5
-\& TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA EXP1024\-DES\-CBC\-SHA
-\& TLS_RSA_EXPORT1024_WITH_RC4_56_SHA EXP1024\-RC4\-SHA
-\& TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA EXP1024\-DHE\-DSS\-DES\-CBC\-SHA
-\& TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA EXP1024\-DHE\-DSS\-RC4\-SHA
+.Vb 1
\& TLS_DHE_DSS_WITH_RC4_128_SHA DHE\-DSS\-RC4\-SHA
.Ve
.SS "Elliptic curve cipher suites."
.IX Subsection "Elliptic curve cipher suites."
.Vb 5
-\& TLS_ECDH_RSA_WITH_NULL_SHA ECDH\-RSA\-NULL\-SHA
-\& TLS_ECDH_RSA_WITH_RC4_128_SHA ECDH\-RSA\-RC4\-SHA
-\& TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA ECDH\-RSA\-DES\-CBC3\-SHA
-\& TLS_ECDH_RSA_WITH_AES_128_CBC_SHA ECDH\-RSA\-AES128\-SHA
-\& TLS_ECDH_RSA_WITH_AES_256_CBC_SHA ECDH\-RSA\-AES256\-SHA
-\&
-\& TLS_ECDH_ECDSA_WITH_NULL_SHA ECDH\-ECDSA\-NULL\-SHA
-\& TLS_ECDH_ECDSA_WITH_RC4_128_SHA ECDH\-ECDSA\-RC4\-SHA
-\& TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA ECDH\-ECDSA\-DES\-CBC3\-SHA
-\& TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA ECDH\-ECDSA\-AES128\-SHA
-\& TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA ECDH\-ECDSA\-AES256\-SHA
-\&
\& TLS_ECDHE_RSA_WITH_NULL_SHA ECDHE\-RSA\-NULL\-SHA
\& TLS_ECDHE_RSA_WITH_RC4_128_SHA ECDHE\-RSA\-RC4\-SHA
\& TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA ECDHE\-RSA\-DES\-CBC3\-SHA
@@ -630,16 +632,6 @@ Note: these ciphers can also be used in \s-1SSL\s0 v3.
\& TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 DHE\-DSS\-AES128\-GCM\-SHA256
\& TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 DHE\-DSS\-AES256\-GCM\-SHA384
\&
-\& TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 ECDH\-RSA\-AES128\-SHA256
-\& TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 ECDH\-RSA\-AES256\-SHA384
-\& TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 ECDH\-RSA\-AES128\-GCM\-SHA256
-\& TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 ECDH\-RSA\-AES256\-GCM\-SHA384
-\&
-\& TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 ECDH\-ECDSA\-AES128\-SHA256
-\& TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 ECDH\-ECDSA\-AES256\-SHA384
-\& TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 ECDH\-ECDSA\-AES128\-GCM\-SHA256
-\& TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 ECDH\-ECDSA\-AES256\-GCM\-SHA384
-\&
\& TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDHE\-RSA\-AES128\-SHA256
\& TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDHE\-RSA\-AES256\-SHA384
\& TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDHE\-RSA\-AES128\-GCM\-SHA256
@@ -654,25 +646,152 @@ Note: these ciphers can also be used in \s-1SSL\s0 v3.
\& TLS_DH_anon_WITH_AES_256_CBC_SHA256 ADH\-AES256\-SHA256
\& TLS_DH_anon_WITH_AES_128_GCM_SHA256 ADH\-AES128\-GCM\-SHA256
\& TLS_DH_anon_WITH_AES_256_GCM_SHA384 ADH\-AES256\-GCM\-SHA384
+\&
+\& RSA_WITH_AES_128_CCM AES128\-CCM
+\& RSA_WITH_AES_256_CCM AES256\-CCM
+\& DHE_RSA_WITH_AES_128_CCM DHE\-RSA\-AES128\-CCM
+\& DHE_RSA_WITH_AES_256_CCM DHE\-RSA\-AES256\-CCM
+\& RSA_WITH_AES_128_CCM_8 AES128\-CCM8
+\& RSA_WITH_AES_256_CCM_8 AES256\-CCM8
+\& DHE_RSA_WITH_AES_128_CCM_8 DHE\-RSA\-AES128\-CCM8
+\& DHE_RSA_WITH_AES_256_CCM_8 DHE\-RSA\-AES256\-CCM8
+\& ECDHE_ECDSA_WITH_AES_128_CCM ECDHE\-ECDSA\-AES128\-CCM
+\& ECDHE_ECDSA_WITH_AES_256_CCM ECDHE\-ECDSA\-AES256\-CCM
+\& ECDHE_ECDSA_WITH_AES_128_CCM_8 ECDHE\-ECDSA\-AES128\-CCM8
+\& ECDHE_ECDSA_WITH_AES_256_CCM_8 ECDHE\-ECDSA\-AES256\-CCM8
.Ve
-.SS "Pre shared keying (\s-1PSK\s0) cipheruites"
-.IX Subsection "Pre shared keying (PSK) cipheruites"
+.SS "\s-1ARIA\s0 cipher suites from \s-1RFC6209,\s0 extending \s-1TLS\s0 v1.2"
+.IX Subsection "ARIA cipher suites from RFC6209, extending TLS v1.2"
+Note: the \s-1CBC\s0 modes mentioned in this \s-1RFC\s0 are not supported.
+.PP
+.Vb 10
+\& TLS_RSA_WITH_ARIA_128_GCM_SHA256 ARIA128\-GCM\-SHA256
+\& TLS_RSA_WITH_ARIA_256_GCM_SHA384 ARIA256\-GCM\-SHA384
+\& TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 DHE\-RSA\-ARIA128\-GCM\-SHA256
+\& TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 DHE\-RSA\-ARIA256\-GCM\-SHA384
+\& TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 DHE\-DSS\-ARIA128\-GCM\-SHA256
+\& TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 DHE\-DSS\-ARIA256\-GCM\-SHA384
+\& TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 ECDHE\-ECDSA\-ARIA128\-GCM\-SHA256
+\& TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 ECDHE\-ECDSA\-ARIA256\-GCM\-SHA384
+\& TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 ECDHE\-ARIA128\-GCM\-SHA256
+\& TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 ECDHE\-ARIA256\-GCM\-SHA384
+\& TLS_PSK_WITH_ARIA_128_GCM_SHA256 PSK\-ARIA128\-GCM\-SHA256
+\& TLS_PSK_WITH_ARIA_256_GCM_SHA384 PSK\-ARIA256\-GCM\-SHA384
+\& TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 DHE\-PSK\-ARIA128\-GCM\-SHA256
+\& TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 DHE\-PSK\-ARIA256\-GCM\-SHA384
+\& TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 RSA\-PSK\-ARIA128\-GCM\-SHA256
+\& TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 RSA\-PSK\-ARIA256\-GCM\-SHA384
+.Ve
+.SS "Camellia HMAC-Based cipher suites from \s-1RFC6367,\s0 extending \s-1TLS\s0 v1.2"
+.IX Subsection "Camellia HMAC-Based cipher suites from RFC6367, extending TLS v1.2"
.Vb 4
-\& TLS_PSK_WITH_RC4_128_SHA PSK\-RC4\-SHA
-\& TLS_PSK_WITH_3DES_EDE_CBC_SHA PSK\-3DES\-EDE\-CBC\-SHA
-\& TLS_PSK_WITH_AES_128_CBC_SHA PSK\-AES128\-CBC\-SHA
-\& TLS_PSK_WITH_AES_256_CBC_SHA PSK\-AES256\-CBC\-SHA
+\& TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 ECDHE\-ECDSA\-CAMELLIA128\-SHA256
+\& TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 ECDHE\-ECDSA\-CAMELLIA256\-SHA384
+\& TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 ECDHE\-RSA\-CAMELLIA128\-SHA256
+\& TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 ECDHE\-RSA\-CAMELLIA256\-SHA384
.Ve
-.SS "Deprecated \s-1SSL\s0 v2.0 cipher suites."
-.IX Subsection "Deprecated SSL v2.0 cipher suites."
+.SS "Pre-shared keying (\s-1PSK\s0) cipher suites"
+.IX Subsection "Pre-shared keying (PSK) cipher suites"
+.Vb 3
+\& PSK_WITH_NULL_SHA PSK\-NULL\-SHA
+\& DHE_PSK_WITH_NULL_SHA DHE\-PSK\-NULL\-SHA
+\& RSA_PSK_WITH_NULL_SHA RSA\-PSK\-NULL\-SHA
+\&
+\& PSK_WITH_RC4_128_SHA PSK\-RC4\-SHA
+\& PSK_WITH_3DES_EDE_CBC_SHA PSK\-3DES\-EDE\-CBC\-SHA
+\& PSK_WITH_AES_128_CBC_SHA PSK\-AES128\-CBC\-SHA
+\& PSK_WITH_AES_256_CBC_SHA PSK\-AES256\-CBC\-SHA
+\&
+\& DHE_PSK_WITH_RC4_128_SHA DHE\-PSK\-RC4\-SHA
+\& DHE_PSK_WITH_3DES_EDE_CBC_SHA DHE\-PSK\-3DES\-EDE\-CBC\-SHA
+\& DHE_PSK_WITH_AES_128_CBC_SHA DHE\-PSK\-AES128\-CBC\-SHA
+\& DHE_PSK_WITH_AES_256_CBC_SHA DHE\-PSK\-AES256\-CBC\-SHA
+\&
+\& RSA_PSK_WITH_RC4_128_SHA RSA\-PSK\-RC4\-SHA
+\& RSA_PSK_WITH_3DES_EDE_CBC_SHA RSA\-PSK\-3DES\-EDE\-CBC\-SHA
+\& RSA_PSK_WITH_AES_128_CBC_SHA RSA\-PSK\-AES128\-CBC\-SHA
+\& RSA_PSK_WITH_AES_256_CBC_SHA RSA\-PSK\-AES256\-CBC\-SHA
+\&
+\& PSK_WITH_AES_128_GCM_SHA256 PSK\-AES128\-GCM\-SHA256
+\& PSK_WITH_AES_256_GCM_SHA384 PSK\-AES256\-GCM\-SHA384
+\& DHE_PSK_WITH_AES_128_GCM_SHA256 DHE\-PSK\-AES128\-GCM\-SHA256
+\& DHE_PSK_WITH_AES_256_GCM_SHA384 DHE\-PSK\-AES256\-GCM\-SHA384
+\& RSA_PSK_WITH_AES_128_GCM_SHA256 RSA\-PSK\-AES128\-GCM\-SHA256
+\& RSA_PSK_WITH_AES_256_GCM_SHA384 RSA\-PSK\-AES256\-GCM\-SHA384
+\&
+\& PSK_WITH_AES_128_CBC_SHA256 PSK\-AES128\-CBC\-SHA256
+\& PSK_WITH_AES_256_CBC_SHA384 PSK\-AES256\-CBC\-SHA384
+\& PSK_WITH_NULL_SHA256 PSK\-NULL\-SHA256
+\& PSK_WITH_NULL_SHA384 PSK\-NULL\-SHA384
+\& DHE_PSK_WITH_AES_128_CBC_SHA256 DHE\-PSK\-AES128\-CBC\-SHA256
+\& DHE_PSK_WITH_AES_256_CBC_SHA384 DHE\-PSK\-AES256\-CBC\-SHA384
+\& DHE_PSK_WITH_NULL_SHA256 DHE\-PSK\-NULL\-SHA256
+\& DHE_PSK_WITH_NULL_SHA384 DHE\-PSK\-NULL\-SHA384
+\& RSA_PSK_WITH_AES_128_CBC_SHA256 RSA\-PSK\-AES128\-CBC\-SHA256
+\& RSA_PSK_WITH_AES_256_CBC_SHA384 RSA\-PSK\-AES256\-CBC\-SHA384
+\& RSA_PSK_WITH_NULL_SHA256 RSA\-PSK\-NULL\-SHA256
+\& RSA_PSK_WITH_NULL_SHA384 RSA\-PSK\-NULL\-SHA384
+\& PSK_WITH_AES_128_GCM_SHA256 PSK\-AES128\-GCM\-SHA256
+\& PSK_WITH_AES_256_GCM_SHA384 PSK\-AES256\-GCM\-SHA384
+\&
+\& ECDHE_PSK_WITH_RC4_128_SHA ECDHE\-PSK\-RC4\-SHA
+\& ECDHE_PSK_WITH_3DES_EDE_CBC_SHA ECDHE\-PSK\-3DES\-EDE\-CBC\-SHA
+\& ECDHE_PSK_WITH_AES_128_CBC_SHA ECDHE\-PSK\-AES128\-CBC\-SHA
+\& ECDHE_PSK_WITH_AES_256_CBC_SHA ECDHE\-PSK\-AES256\-CBC\-SHA
+\& ECDHE_PSK_WITH_AES_128_CBC_SHA256 ECDHE\-PSK\-AES128\-CBC\-SHA256
+\& ECDHE_PSK_WITH_AES_256_CBC_SHA384 ECDHE\-PSK\-AES256\-CBC\-SHA384
+\& ECDHE_PSK_WITH_NULL_SHA ECDHE\-PSK\-NULL\-SHA
+\& ECDHE_PSK_WITH_NULL_SHA256 ECDHE\-PSK\-NULL\-SHA256
+\& ECDHE_PSK_WITH_NULL_SHA384 ECDHE\-PSK\-NULL\-SHA384
+\&
+\& PSK_WITH_CAMELLIA_128_CBC_SHA256 PSK\-CAMELLIA128\-SHA256
+\& PSK_WITH_CAMELLIA_256_CBC_SHA384 PSK\-CAMELLIA256\-SHA384
+\&
+\& DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 DHE\-PSK\-CAMELLIA128\-SHA256
+\& DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 DHE\-PSK\-CAMELLIA256\-SHA384
+\&
+\& RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 RSA\-PSK\-CAMELLIA128\-SHA256
+\& RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 RSA\-PSK\-CAMELLIA256\-SHA384
+\&
+\& ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 ECDHE\-PSK\-CAMELLIA128\-SHA256
+\& ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 ECDHE\-PSK\-CAMELLIA256\-SHA384
+\&
+\& PSK_WITH_AES_128_CCM PSK\-AES128\-CCM
+\& PSK_WITH_AES_256_CCM PSK\-AES256\-CCM
+\& DHE_PSK_WITH_AES_128_CCM DHE\-PSK\-AES128\-CCM
+\& DHE_PSK_WITH_AES_256_CCM DHE\-PSK\-AES256\-CCM
+\& PSK_WITH_AES_128_CCM_8 PSK\-AES128\-CCM8
+\& PSK_WITH_AES_256_CCM_8 PSK\-AES256\-CCM8
+\& DHE_PSK_WITH_AES_128_CCM_8 DHE\-PSK\-AES128\-CCM8
+\& DHE_PSK_WITH_AES_256_CCM_8 DHE\-PSK\-AES256\-CCM8
+.Ve
+.SS "ChaCha20\-Poly1305 cipher suites, extending \s-1TLS\s0 v1.2"
+.IX Subsection "ChaCha20-Poly1305 cipher suites, extending TLS v1.2"
.Vb 7
-\& SSL_CK_RC4_128_WITH_MD5 RC4\-MD5
-\& SSL_CK_RC4_128_EXPORT40_WITH_MD5 Not implemented.
-\& SSL_CK_RC2_128_CBC_WITH_MD5 RC2\-CBC\-MD5
-\& SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 Not implemented.
-\& SSL_CK_IDEA_128_CBC_WITH_MD5 IDEA\-CBC\-MD5
-\& SSL_CK_DES_64_CBC_WITH_MD5 Not implemented.
-\& SSL_CK_DES_192_EDE3_CBC_WITH_MD5 DES\-CBC3\-MD5
+\& TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ECDHE\-RSA\-CHACHA20\-POLY1305
+\& TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 ECDHE\-ECDSA\-CHACHA20\-POLY1305
+\& TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 DHE\-RSA\-CHACHA20\-POLY1305
+\& TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 PSK\-CHACHA20\-POLY1305
+\& TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 ECDHE\-PSK\-CHACHA20\-POLY1305
+\& TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 DHE\-PSK\-CHACHA20\-POLY1305
+\& TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 RSA\-PSK\-CHACHA20\-POLY1305
+.Ve
+.SS "\s-1TLS\s0 v1.3 cipher suites"
+.IX Subsection "TLS v1.3 cipher suites"
+.Vb 5
+\& TLS_AES_128_GCM_SHA256 TLS_AES_128_GCM_SHA256
+\& TLS_AES_256_GCM_SHA384 TLS_AES_256_GCM_SHA384
+\& TLS_CHACHA20_POLY1305_SHA256 TLS_CHACHA20_POLY1305_SHA256
+\& TLS_AES_128_CCM_SHA256 TLS_AES_128_CCM_SHA256
+\& TLS_AES_128_CCM_8_SHA256 TLS_AES_128_CCM_8_SHA256
+.Ve
+.SS "Older names used by OpenSSL"
+.IX Subsection "Older names used by OpenSSL"
+The following names are accepted by older releases:
+.PP
+.Vb 2
+\& SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA EDH\-RSA\-DES\-CBC3\-SHA (DHE\-RSA\-DES\-CBC3\-SHA)
+\& SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA EDH\-DSS\-DES\-CBC3\-SHA (DHE\-DSS\-DES\-CBC3\-SHA)
.Ve
.SH "NOTES"
.IX Header "NOTES"
@@ -712,17 +831,34 @@ Include all \s-1RC4\s0 ciphers but leave out those without authentication:
\& openssl ciphers \-v \*(AqRC4:!COMPLEMENTOFDEFAULT\*(Aq
.Ve
.PP
-Include all chiphers with \s-1RSA\s0 authentication but leave out ciphers without
+Include all ciphers with \s-1RSA\s0 authentication but leave out ciphers without
encryption.
.PP
.Vb 1
\& openssl ciphers \-v \*(AqRSA:!COMPLEMENTOFALL\*(Aq
.Ve
+.PP
+Set security level to 2 and display all ciphers consistent with level 2:
+.PP
+.Vb 1
+\& openssl ciphers \-s \-v \*(AqALL:@SECLEVEL=2\*(Aq
+.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
-\&\fIs_client\fR\|(1), \fIs_server\fR\|(1), \fIssl\fR\|(3)
+\&\fIs_client\fR\|(1), \fIs_server\fR\|(1), \fIssl\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
-The \fB\s-1COMPLENTOFALL\s0\fR and \fB\s-1COMPLEMENTOFDEFAULT\s0\fR selection options
-for cipherlist strings were added in OpenSSL 0.9.7.
The \fB\-V\fR option for the \fBciphers\fR command was added in OpenSSL 1.0.0.
+.PP
+The \fB\-stdname\fR is only available if OpenSSL is built with tracing enabled
+(\fBenable-ssl-trace\fR argument to Configure) before OpenSSL 1.1.1.
+.PP
+The \fB\-convert\fR was added in OpenSSL 1.1.1.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/cms.1 b/secure/usr.bin/openssl/man/cms.1
index fe2bb714a92c..7f29de61d0ea 100644
--- a/secure/usr.bin/openssl/man/cms.1
+++ b/secure/usr.bin/openssl/man/cms.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "CMS 1"
-.TH CMS 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH CMS 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-cms,
-cms \- CMS utility
+openssl\-cms, cms \- CMS utility
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBcms\fR
+[\fB\-help\fR]
[\fB\-encrypt\fR]
[\fB\-decrypt\fR]
[\fB\-sign\fR]
@@ -168,22 +168,54 @@ cms \- CMS utility
[\fB\-print\fR]
[\fB\-CAfile file\fR]
[\fB\-CApath dir\fR]
+[\fB\-no\-CAfile\fR]
+[\fB\-no\-CApath\fR]
+[\fB\-attime timestamp\fR]
+[\fB\-check_ss_sig\fR]
+[\fB\-crl_check\fR]
+[\fB\-crl_check_all\fR]
+[\fB\-explicit_policy\fR]
+[\fB\-extended_crl\fR]
+[\fB\-ignore_critical\fR]
+[\fB\-inhibit_any\fR]
+[\fB\-inhibit_map\fR]
+[\fB\-no_check_time\fR]
+[\fB\-partial_chain\fR]
+[\fB\-policy arg\fR]
+[\fB\-policy_check\fR]
+[\fB\-policy_print\fR]
+[\fB\-purpose purpose\fR]
+[\fB\-suiteB_128\fR]
+[\fB\-suiteB_128_only\fR]
+[\fB\-suiteB_192\fR]
+[\fB\-trusted_first\fR]
[\fB\-no_alt_chains\fR]
+[\fB\-use_deltas\fR]
+[\fB\-auth_level num\fR]
+[\fB\-verify_depth num\fR]
+[\fB\-verify_email email\fR]
+[\fB\-verify_hostname hostname\fR]
+[\fB\-verify_ip ip\fR]
+[\fB\-verify_name name\fR]
+[\fB\-x509_strict\fR]
[\fB\-md digest\fR]
-[\fB\-[cipher]\fR]
+[\fB\-\f(BIcipher\fB\fR]
[\fB\-nointern\fR]
-[\fB\-no_signer_cert_verify\fR]
+[\fB\-noverify\fR]
[\fB\-nocerts\fR]
[\fB\-noattr\fR]
[\fB\-nosmimecap\fR]
[\fB\-binary\fR]
+[\fB\-crlfeol\fR]
+[\fB\-asciicrlf\fR]
[\fB\-nodetach\fR]
[\fB\-certfile file\fR]
[\fB\-certsout file\fR]
[\fB\-signer file\fR]
[\fB\-recip file\fR]
[\fB\-keyid\fR]
-[\fB\-receipt_request_all \-receipt_request_first\fR]
+[\fB\-receipt_request_all\fR]
+[\fB\-receipt_request_first\fR]
[\fB\-receipt_request_from emailaddress\fR]
[\fB\-receipt_request_to emailaddress\fR]
[\fB\-receipt_request_print\fR]
@@ -193,7 +225,8 @@ cms \- CMS utility
[\fB\-inkey file\fR]
[\fB\-keyopt name:parameter\fR]
[\fB\-passin arg\fR]
-[\fB\-rand file(s)\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fBcert.pem...\fR]
[\fB\-to addr\fR]
[\fB\-from addr\fR]
@@ -203,14 +236,17 @@ cms \- CMS utility
.IX Header "DESCRIPTION"
The \fBcms\fR command handles S/MIME v3.1 mail. It can encrypt, decrypt, sign and
verify, compress and uncompress S/MIME messages.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
There are fourteen operation options that set the type of operation to be
performed. The meaning of the other options varies according to the operation
type.
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-encrypt\fR" 4
.IX Item "-encrypt"
-encrypt mail for the given recipient certificates. Input file is the message
+Encrypt mail for the given recipient certificates. Input file is the message
to be encrypted. The output file is the encrypted mail in \s-1MIME\s0 format. The
actual \s-1CMS\s0 type is <B>EnvelopedData<B>.
.Sp
@@ -218,28 +254,28 @@ Note that no revocation check is done for the recipient cert, so if that
key has been compromised, others may be able to decrypt the text.
.IP "\fB\-decrypt\fR" 4
.IX Item "-decrypt"
-decrypt mail using the supplied certificate and private key. Expects an
+Decrypt mail using the supplied certificate and private key. Expects an
encrypted mail message in \s-1MIME\s0 format for the input file. The decrypted mail
is written to the output file.
.IP "\fB\-debug_decrypt\fR" 4
.IX Item "-debug_decrypt"
-this option sets the \fB\s-1CMS_DEBUG_DECRYPT\s0\fR flag. This option should be used
+This option sets the \fB\s-1CMS_DEBUG_DECRYPT\s0\fR flag. This option should be used
with caution: see the notes section below.
.IP "\fB\-sign\fR" 4
.IX Item "-sign"
-sign mail using the supplied certificate and private key. Input file is
+Sign mail using the supplied certificate and private key. Input file is
the message to be signed. The signed message in \s-1MIME\s0 format is written
to the output file.
.IP "\fB\-verify\fR" 4
.IX Item "-verify"
-verify signed mail. Expects a signed mail message on input and outputs
+Verify signed mail. Expects a signed mail message on input and outputs
the signed data. Both clear text and opaque signing is supported.
.IP "\fB\-cmsout\fR" 4
.IX Item "-cmsout"
-takes an input message and writes out a \s-1PEM\s0 encoded \s-1CMS\s0 structure.
+Takes an input message and writes out a \s-1PEM\s0 encoded \s-1CMS\s0 structure.
.IP "\fB\-resign\fR" 4
.IX Item "-resign"
-resign a message: take an existing message and one or more new signers.
+Resign a message: take an existing message and one or more new signers.
.IP "\fB\-data_create\fR" 4
.IX Item "-data_create"
Create a \s-1CMS\s0 \fBData\fR type.
@@ -264,24 +300,24 @@ output an error.
.IP "\fB\-EncryptedData_encrypt\fR" 4
.IX Item "-EncryptedData_encrypt"
Encrypt content using supplied symmetric key and algorithm using a \s-1CMS\s0
-\&\fBEncrytedData\fR type and output the content.
+\&\fBEncryptedData\fR type and output the content.
.IP "\fB\-sign_receipt\fR" 4
.IX Item "-sign_receipt"
-Generate and output a signed receipt for the supplied message. The input
+Generate and output a signed receipt for the supplied message. The input
message \fBmust\fR contain a signed receipt request. Functionality is otherwise
similar to the \fB\-sign\fR operation.
.IP "\fB\-verify_receipt receipt\fR" 4
.IX Item "-verify_receipt receipt"
-Verify a signed receipt in filename \fBreceipt\fR. The input message \fBmust\fR
+Verify a signed receipt in filename \fBreceipt\fR. The input message \fBmust\fR
contain the original receipt request. Functionality is otherwise similar
to the \fB\-verify\fR operation.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
-the input message to be encrypted or signed or the message to be decrypted
+The input message to be encrypted or signed or the message to be decrypted
or verified.
.IP "\fB\-inform SMIME|PEM|DER\fR" 4
.IX Item "-inform SMIME|PEM|DER"
-this specifies the input format for the \s-1CMS\s0 structure. The default
+This specifies the input format for the \s-1CMS\s0 structure. The default
is \fB\s-1SMIME\s0\fR which reads an S/MIME format message. \fB\s-1PEM\s0\fR and \fB\s-1DER\s0\fR
format change this to expect \s-1PEM\s0 and \s-1DER\s0 format \s-1CMS\s0 structures
instead. This currently only affects the input format of the \s-1CMS\s0
@@ -289,15 +325,15 @@ structure, if no \s-1CMS\s0 structure is being input (for example with
\&\fB\-encrypt\fR or \fB\-sign\fR) this option has no effect.
.IP "\fB\-rctform SMIME|PEM|DER\fR" 4
.IX Item "-rctform SMIME|PEM|DER"
-specify the format for a signed receipt for use with the \fB\-receipt_verify\fR
+Specify the format for a signed receipt for use with the \fB\-receipt_verify\fR
operation.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-the message text that has been decrypted or verified or the output \s-1MIME\s0
+The message text that has been decrypted or verified or the output \s-1MIME\s0
format message that has been signed or verified.
.IP "\fB\-outform SMIME|PEM|DER\fR" 4
.IX Item "-outform SMIME|PEM|DER"
-this specifies the output format for the \s-1CMS\s0 structure. The default
+This specifies the output format for the \s-1CMS\s0 structure. The default
is \fB\s-1SMIME\s0\fR which writes an S/MIME format message. \fB\s-1PEM\s0\fR and \fB\s-1DER\s0\fR
format change this to write \s-1PEM\s0 and \s-1DER\s0 format \s-1CMS\s0 structures
instead. This currently only affects the output format of the \s-1CMS\s0
@@ -305,7 +341,7 @@ structure, if no \s-1CMS\s0 structure is being output (for example with
\&\fB\-verify\fR or \fB\-decrypt\fR) this option has no effect.
.IP "\fB\-stream \-indef \-noindef\fR" 4
.IX Item "-stream -indef -noindef"
-the \fB\-stream\fR and \fB\-indef\fR options are equivalent and enable streaming I/O
+The \fB\-stream\fR and \fB\-indef\fR options are equivalent and enable streaming I/O
for encoding operations. This permits single pass processing of data without
the need to hold the entire contents in memory, potentially supporting very
large files. Streaming is automatically set for S/MIME signing with detached
@@ -313,7 +349,7 @@ data if the output format is \fB\s-1SMIME\s0\fR it is currently off by default f
other operations.
.IP "\fB\-noindef\fR" 4
.IX Item "-noindef"
-disable streaming I/O where it would produce and indefinite length constructed
+Disable streaming I/O where it would produce and indefinite length constructed
encoding. This option currently has no effect. In future streaming will be
enabled by default on all relevant operations and this option will disable it.
.IP "\fB\-content filename\fR" 4
@@ -325,95 +361,113 @@ not included. This option will override any content if the input format
is S/MIME and it uses the multipart/signed \s-1MIME\s0 content type.
.IP "\fB\-text\fR" 4
.IX Item "-text"
-this option adds plain text (text/plain) \s-1MIME\s0 headers to the supplied
+This option adds plain text (text/plain) \s-1MIME\s0 headers to the supplied
message if encrypting or signing. If decrypting or verifying it strips
-off text headers: if the decrypted or verified message is not of \s-1MIME\s0
+off text headers: if the decrypted or verified message is not of \s-1MIME\s0
type text/plain then an error occurs.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-for the \fB\-cmsout\fR operation do not output the parsed \s-1CMS\s0 structure. This
+For the \fB\-cmsout\fR operation do not output the parsed \s-1CMS\s0 structure. This
is useful when combined with the \fB\-print\fR option or if the syntax of the \s-1CMS\s0
structure is being checked.
.IP "\fB\-print\fR" 4
.IX Item "-print"
-for the \fB\-cmsout\fR operation print out all fields of the \s-1CMS\s0 structure. This
+For the \fB\-cmsout\fR operation print out all fields of the \s-1CMS\s0 structure. This
is mainly useful for testing purposes.
.IP "\fB\-CAfile file\fR" 4
.IX Item "-CAfile file"
-a file containing trusted \s-1CA\s0 certificates, only used with \fB\-verify\fR.
+A file containing trusted \s-1CA\s0 certificates, only used with \fB\-verify\fR.
.IP "\fB\-CApath dir\fR" 4
.IX Item "-CApath dir"
-a directory containing trusted \s-1CA\s0 certificates, only used with
+A directory containing trusted \s-1CA\s0 certificates, only used with
\&\fB\-verify\fR. This directory must be a standard certificate directory: that
is a hash of each subject name (using \fBx509 \-hash\fR) should be linked
to each certificate.
+.IP "\fB\-no\-CAfile\fR" 4
+.IX Item "-no-CAfile"
+Do not load the trusted \s-1CA\s0 certificates from the default file location
+.IP "\fB\-no\-CApath\fR" 4
+.IX Item "-no-CApath"
+Do not load the trusted \s-1CA\s0 certificates from the default directory location
.IP "\fB\-md digest\fR" 4
.IX Item "-md digest"
-digest algorithm to use when signing or resigning. If not present then the
+Digest algorithm to use when signing or resigning. If not present then the
default digest algorithm for the signing key will be used (usually \s-1SHA1\s0).
-.IP "\fB\-[cipher]\fR" 4
-.IX Item "-[cipher]"
-the encryption algorithm to use. For example triple \s-1DES\s0 (168 bits) \- \fB\-des3\fR
+.IP "\fB\-\f(BIcipher\fB\fR" 4
+.IX Item "-cipher"
+The encryption algorithm to use. For example triple \s-1DES\s0 (168 bits) \- \fB\-des3\fR
or 256 bit \s-1AES\s0 \- \fB\-aes256\fR. Any standard algorithm name (as used by the
-\&\fIEVP_get_cipherbyname()\fR function) can also be used preceded by a dash, for
-example \fB\-aes_128_cbc\fR. See \fBenc\fR for a list of ciphers
+\&\fIEVP_get_cipherbyname()\fR function) can also be used preceded by a dash, for
+example \fB\-aes\-128\-cbc\fR. See \fIenc\fR\|(1) for a list of ciphers
supported by your version of OpenSSL.
.Sp
-If not specified triple \s-1DES\s0 is used. Only used with \fB\-encrypt\fR and
+If not specified triple \s-1DES\s0 is used. Only used with \fB\-encrypt\fR and
\&\fB\-EncryptedData_create\fR commands.
.IP "\fB\-nointern\fR" 4
.IX Item "-nointern"
-when verifying a message normally certificates (if any) included in
+When verifying a message normally certificates (if any) included in
the message are searched for the signing certificate. With this option
only the certificates specified in the \fB\-certfile\fR option are used.
The supplied certificates can still be used as untrusted CAs however.
-.IP "\fB\-no_signer_cert_verify\fR" 4
-.IX Item "-no_signer_cert_verify"
-do not verify the signers certificate of a signed message.
+.IP "\fB\-noverify\fR" 4
+.IX Item "-noverify"
+Do not verify the signers certificate of a signed message.
.IP "\fB\-nocerts\fR" 4
.IX Item "-nocerts"
-when signing a message the signer's certificate is normally included
+When signing a message the signer's certificate is normally included
with this option it is excluded. This will reduce the size of the
signed message but the verifier must have a copy of the signers certificate
available locally (passed using the \fB\-certfile\fR option for example).
.IP "\fB\-noattr\fR" 4
.IX Item "-noattr"
-normally when a message is signed a set of attributes are included which
+Normally when a message is signed a set of attributes are included which
include the signing time and supported symmetric algorithms. With this
option they are not included.
.IP "\fB\-nosmimecap\fR" 4
.IX Item "-nosmimecap"
-exclude the list of supported algorithms from signed attributes, other options
+Exclude the list of supported algorithms from signed attributes, other options
such as signing time and content type are still included.
.IP "\fB\-binary\fR" 4
.IX Item "-binary"
-normally the input message is converted to \*(L"canonical\*(R" format which is
+Normally the input message is converted to \*(L"canonical\*(R" format which is
effectively using \s-1CR\s0 and \s-1LF\s0 as end of line: as required by the S/MIME
specification. When this option is present no translation occurs. This
is useful when handling binary data which may not be in \s-1MIME\s0 format.
+.IP "\fB\-crlfeol\fR" 4
+.IX Item "-crlfeol"
+Normally the output file uses a single \fB\s-1LF\s0\fR as end of line. When this
+option is present \fB\s-1CRLF\s0\fR is used instead.
+.IP "\fB\-asciicrlf\fR" 4
+.IX Item "-asciicrlf"
+When signing use \s-1ASCII CRLF\s0 format canonicalisation. This strips trailing
+whitespace from all lines, deletes trailing blank lines at \s-1EOF\s0 and sets
+the encapsulated content type. This option is normally used with detached
+content and an output signature format of \s-1DER.\s0 This option is not normally
+needed when verifying as it is enabled automatically if the encapsulated
+content format is detected.
.IP "\fB\-nodetach\fR" 4
.IX Item "-nodetach"
-when signing a message use opaque signing: this form is more resistant
+When signing a message use opaque signing: this form is more resistant
to translation by mail relays but it cannot be read by mail agents that
do not support S/MIME. Without this option cleartext signing with
the \s-1MIME\s0 type multipart/signed is used.
.IP "\fB\-certfile file\fR" 4
.IX Item "-certfile file"
-allows additional certificates to be specified. When signing these will
+Allows additional certificates to be specified. When signing these will
be included with the message. When verifying these will be searched for
the signers certificates. The certificates should be in \s-1PEM\s0 format.
.IP "\fB\-certsout file\fR" 4
.IX Item "-certsout file"
-any certificates contained in the message are written to \fBfile\fR.
+Any certificates contained in the message are written to \fBfile\fR.
.IP "\fB\-signer file\fR" 4
.IX Item "-signer file"
-a signing certificate when signing or resigning a message, this option can be
+A signing certificate when signing or resigning a message, this option can be
used multiple times if more than one signer is required. If a message is being
verified then the signers certificates will be written to this file if the
verification was successful.
.IP "\fB\-recip file\fR" 4
.IX Item "-recip file"
-when decrypting a message this specifies the recipients certificate. The
+When decrypting a message this specifies the recipients certificate. The
certificate must match one of the recipients of the message or an error
occurs.
.Sp
@@ -425,21 +479,21 @@ Only certificates carrying \s-1RSA,\s0 Diffie-Hellman or \s-1EC\s0 keys are supp
option.
.IP "\fB\-keyid\fR" 4
.IX Item "-keyid"
-use subject key identifier to identify certificates instead of issuer name and
+Use subject key identifier to identify certificates instead of issuer name and
serial number. The supplied certificate \fBmust\fR include a subject key
identifier extension. Supported by \fB\-sign\fR and \fB\-encrypt\fR options.
-.IP "\fB\-receipt_request_all \-receipt_request_first\fR" 4
-.IX Item "-receipt_request_all -receipt_request_first"
-for \fB\-sign\fR option include a signed receipt request. Indicate requests should
-be provided by all receipient or first tier recipients (those mailed directly
+.IP "\fB\-receipt_request_all\fR, \fB\-receipt_request_first\fR" 4
+.IX Item "-receipt_request_all, -receipt_request_first"
+For \fB\-sign\fR option include a signed receipt request. Indicate requests should
+be provided by all recipient or first tier recipients (those mailed directly
and not from a mailing list). Ignored it \fB\-receipt_request_from\fR is included.
.IP "\fB\-receipt_request_from emailaddress\fR" 4
.IX Item "-receipt_request_from emailaddress"
-for \fB\-sign\fR option include a signed receipt request. Add an explicit email
+For \fB\-sign\fR option include a signed receipt request. Add an explicit email
address where receipts should be supplied.
.IP "\fB\-receipt_request_to emailaddress\fR" 4
.IX Item "-receipt_request_to emailaddress"
-Add an explicit email address where signed receipts should be sent to. This
+Add an explicit email address where signed receipts should be sent to. This
option \fBmust\fR but supplied if a signed receipt it requested.
.IP "\fB\-receipt_request_print\fR" 4
.IX Item "-receipt_request_print"
@@ -447,61 +501,65 @@ For the \fB\-verify\fR operation print out the contents of any signed receipt
requests.
.IP "\fB\-secretkey key\fR" 4
.IX Item "-secretkey key"
-specify symmetric key to use. The key must be supplied in hex format and be
+Specify symmetric key to use. The key must be supplied in hex format and be
consistent with the algorithm used. Supported by the \fB\-EncryptedData_encrypt\fR
-\&\fB\-EncrryptedData_decrypt\fR, \fB\-encrypt\fR and \fB\-decrypt\fR options. When used
+\&\fB\-EncryptedData_decrypt\fR, \fB\-encrypt\fR and \fB\-decrypt\fR options. When used
with \fB\-encrypt\fR or \fB\-decrypt\fR the supplied key is used to wrap or unwrap the
content encryption key using an \s-1AES\s0 key in the \fBKEKRecipientInfo\fR type.
.IP "\fB\-secretkeyid id\fR" 4
.IX Item "-secretkeyid id"
-the key identifier for the supplied symmetric key for \fBKEKRecipientInfo\fR type.
+The key identifier for the supplied symmetric key for \fBKEKRecipientInfo\fR type.
This option \fBmust\fR be present if the \fB\-secretkey\fR option is used with
\&\fB\-encrypt\fR. With \fB\-decrypt\fR operations the \fBid\fR is used to locate the
relevant key if it is not supplied then an attempt is used to decrypt any
\&\fBKEKRecipientInfo\fR structures.
.IP "\fB\-econtent_type type\fR" 4
.IX Item "-econtent_type type"
-set the encapsulated content type to \fBtype\fR if not supplied the \fBData\fR type
+Set the encapsulated content type to \fBtype\fR if not supplied the \fBData\fR type
is used. The \fBtype\fR argument can be any valid \s-1OID\s0 name in either text or
numerical format.
.IP "\fB\-inkey file\fR" 4
.IX Item "-inkey file"
-the private key to use when signing or decrypting. This must match the
+The private key to use when signing or decrypting. This must match the
corresponding certificate. If this option is not specified then the
private key must be included in the certificate file specified with
the \fB\-recip\fR or \fB\-signer\fR file. When signing this option can be used
multiple times to specify successive keys.
.IP "\fB\-keyopt name:opt\fR" 4
.IX Item "-keyopt name:opt"
-for signing and encryption this option can be used multiple times to
+For signing and encryption this option can be used multiple times to
set customised parameters for the preceding key or certificate. It can
currently be used to set RSA-PSS for signing, RSA-OAEP for encryption
or to modify default parameters for \s-1ECDH.\s0
.IP "\fB\-passin arg\fR" 4
.IX Item "-passin arg"
-the private key password source. For more information about the format of \fBarg\fR
+The private key password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
-.IP "\fB\-rand file(s)\fR" 4
-.IX Item "-rand file(s)"
-a file or files containing random data used to seed the random number
-generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
-Multiple files can be specified separated by a OS-dependent character.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fBcert.pem...\fR" 4
.IX Item "cert.pem..."
-one or more certificates of message recipients: used when encrypting
+One or more certificates of message recipients: used when encrypting
a message.
.IP "\fB\-to, \-from, \-subject\fR" 4
.IX Item "-to, -from, -subject"
-the relevant mail headers. These are included outside the signed
+The relevant mail headers. These are included outside the signed
portion of a message so they may be included manually. If signing
then many S/MIME mail clients check the signers certificate's email
address matches that specified in the From: address.
-.IP "\fB\-purpose, \-ignore_critical, \-issuer_checks, \-crl_check, \-crl_check_all, \-policy_check, \-extended_crl, \-x509_strict, \-policy \-check_ss_sig \-no_alt_chains\fR" 4
-.IX Item "-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains"
-Set various certificate chain valiadition option. See the
-\&\fBverify\fR manual page for details.
+.IP "\fB\-attime\fR, \fB\-check_ss_sig\fR, \fB\-crl_check\fR, \fB\-crl_check_all\fR, \fB\-explicit_policy\fR, \fB\-extended_crl\fR, \fB\-ignore_critical\fR, \fB\-inhibit_any\fR, \fB\-inhibit_map\fR, \fB\-no_alt_chains\fR, \fB\-no_check_time\fR, \fB\-partial_chain\fR, \fB\-policy\fR, \fB\-policy_check\fR, \fB\-policy_print\fR, \fB\-purpose\fR, \fB\-suiteB_128\fR, \fB\-suiteB_128_only\fR, \fB\-suiteB_192\fR, \fB\-trusted_first\fR, \fB\-use_deltas\fR, \fB\-auth_level\fR, \fB\-verify_depth\fR, \fB\-verify_email\fR, \fB\-verify_hostname\fR, \fB\-verify_ip\fR, \fB\-verify_name\fR, \fB\-x509_strict\fR" 4
+.IX Item "-attime, -check_ss_sig, -crl_check, -crl_check_all, -explicit_policy, -extended_crl, -ignore_critical, -inhibit_any, -inhibit_map, -no_alt_chains, -no_check_time, -partial_chain, -policy, -policy_check, -policy_print, -purpose, -suiteB_128, -suiteB_128_only, -suiteB_192, -trusted_first, -use_deltas, -auth_level, -verify_depth, -verify_email, -verify_hostname, -verify_ip, -verify_name, -x509_strict"
+Set various certificate chain validation options. See the
+\&\fIverify\fR\|(1) manual page for details.
.SH "NOTES"
.IX Header "NOTES"
The \s-1MIME\s0 message must be sent without any blank lines between the
@@ -510,7 +568,7 @@ a blank line. Piping the mail directly to sendmail is one way to
achieve the correct format.
.PP
The supplied message to be signed or encrypted must include the
-necessary \s-1MIME\s0 headers or many S/MIME clients wont display it
+necessary \s-1MIME\s0 headers or many S/MIME clients won't display it
properly (if at all). You can use the \fB\-text\fR option to automatically
add plain text headers.
.PP
@@ -531,7 +589,7 @@ The \fB\-resign\fR option uses an existing message digest when adding a new
signer. This means that attributes must be present in at least one existing
signer using the same message digest or this operation will fail.
.PP
-The \fB\-stream\fR and \fB\-indef\fR options enable experimental streaming I/O support.
+The \fB\-stream\fR and \fB\-indef\fR options enable streaming I/O support.
As a result the encoding is \s-1BER\s0 using indefinite length constructed encoding
and no longer \s-1DER.\s0 Streaming is supported for the \fB\-encrypt\fR operation and the
\&\fB\-sign\fR operation if the content is not detached.
@@ -545,30 +603,30 @@ attempt is made to locate the recipient by trying each potential recipient
in turn using the supplied private key. To thwart the \s-1MMA\s0 attack
(Bleichenbacher's attack on \s-1PKCS\s0 #1 v1.5 \s-1RSA\s0 padding) all recipients are
tried whether they succeed or not and if no recipients match the message
-is \*(L"decrypted\*(R" using a random key which will typically output garbage.
+is \*(L"decrypted\*(R" using a random key which will typically output garbage.
The \fB\-debug_decrypt\fR option can be used to disable the \s-1MMA\s0 attack protection
and return an error if no recipient can be found: this option should be used
with caution. For a fuller description see \fICMS_decrypt\fR\|(3)).
.SH "EXIT CODES"
.IX Header "EXIT CODES"
.IP "0" 4
-the operation was completely successfully.
+The operation was completely successfully.
.IP "1" 4
.IX Item "1"
-an error occurred parsing the command options.
+An error occurred parsing the command options.
.IP "2" 4
.IX Item "2"
-one of the input files could not be read.
+One of the input files could not be read.
.IP "3" 4
.IX Item "3"
-an error occurred creating the \s-1CMS\s0 file or when reading the \s-1MIME\s0
+An error occurred creating the \s-1CMS\s0 file or when reading the \s-1MIME\s0
message.
.IP "4" 4
.IX Item "4"
-an error occurred decrypting or verifying the message.
+An error occurred decrypting or verifying the message.
.IP "5" 4
.IX Item "5"
-the message was verified correctly but an error occurred writing out
+The message was verified correctly but an error occurred writing out
the signers certificates.
.SH "COMPATIBILITY WITH PKCS#7 format."
.IX Header "COMPATIBILITY WITH PKCS#7 format."
@@ -748,3 +806,11 @@ The use of non-RSA keys with \fB\-encrypt\fR and \fB\-decrypt\fR was first added
to OpenSSL 1.0.2.
.PP
The \-no_alt_chains options was first added to OpenSSL 1.0.2b.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2008\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/crl.1 b/secure/usr.bin/openssl/man/crl.1
index 18a1a2edcbc7..c584a6054592 100644
--- a/secure/usr.bin/openssl/man/crl.1
+++ b/secure/usr.bin/openssl/man/crl.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "CRL 1"
-.TH CRL 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH CRL 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-crl,
-crl \- CRL utility
+openssl\-crl, crl \- CRL utility
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBcrl\fR
+[\fB\-help\fR]
[\fB\-inform PEM|DER\fR]
[\fB\-outform PEM|DER\fR]
[\fB\-text\fR]
@@ -156,8 +156,11 @@ crl \- CRL utility
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBcrl\fR command processes \s-1CRL\s0 files in \s-1DER\s0 or \s-1PEM\s0 format.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform DER|PEM\fR" 4
.IX Item "-inform DER|PEM"
This specifies the input format. \fB\s-1DER\s0\fR format is \s-1DER\s0 encoded \s-1CRL\s0
@@ -165,50 +168,50 @@ structure. \fB\s-1PEM\s0\fR (the default) is a base64 encoded version of
the \s-1DER\s0 form with header and footer lines.
.IP "\fB\-outform DER|PEM\fR" 4
.IX Item "-outform DER|PEM"
-This specifies the output format, the options have the same meaning as the
-\&\fB\-inform\fR option.
+This specifies the output format, the options have the same meaning and default
+as the \fB\-inform\fR option.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read from or standard input if this
option is not specified.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-specifies the output filename to write to or standard output by
+Specifies the output filename to write to or standard output by
default.
.IP "\fB\-text\fR" 4
.IX Item "-text"
-print out the \s-1CRL\s0 in text form.
+Print out the \s-1CRL\s0 in text form.
.IP "\fB\-nameopt option\fR" 4
.IX Item "-nameopt option"
-option which determines how the subject or issuer names are displayed. See
+Option which determines how the subject or issuer names are displayed. See
the description of \fB\-nameopt\fR in \fIx509\fR\|(1).
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-don't output the encoded version of the \s-1CRL.\s0
+Don't output the encoded version of the \s-1CRL.\s0
.IP "\fB\-hash\fR" 4
.IX Item "-hash"
-output a hash of the issuer name. This can be use to lookup CRLs in
+Output a hash of the issuer name. This can be use to lookup CRLs in
a directory by issuer name.
.IP "\fB\-hash_old\fR" 4
.IX Item "-hash_old"
-outputs the \*(L"hash\*(R" of the \s-1CRL\s0 issuer name using the older algorithm
-as used by OpenSSL versions before 1.0.0.
+Outputs the \*(L"hash\*(R" of the \s-1CRL\s0 issuer name using the older algorithm
+as used by OpenSSL before version 1.0.0.
.IP "\fB\-issuer\fR" 4
.IX Item "-issuer"
-output the issuer name.
+Output the issuer name.
.IP "\fB\-lastupdate\fR" 4
.IX Item "-lastupdate"
-output the lastUpdate field.
+Output the lastUpdate field.
.IP "\fB\-nextupdate\fR" 4
.IX Item "-nextupdate"
-output the nextUpdate field.
+Output the nextUpdate field.
.IP "\fB\-CAfile file\fR" 4
.IX Item "-CAfile file"
-verify the signature on a \s-1CRL\s0 by looking up the issuing certificate in
-\&\fBfile\fR
+Verify the signature on a \s-1CRL\s0 by looking up the issuing certificate in
+\&\fBfile\fR.
.IP "\fB\-CApath dir\fR" 4
.IX Item "-CApath dir"
-verify the signature on a \s-1CRL\s0 by looking up the issuing certificate in
+Verify the signature on a \s-1CRL\s0 by looking up the issuing certificate in
\&\fBdir\fR. This directory must be a standard certificate directory: that
is a hash of each subject name (using \fBx509 \-hash\fR) should be linked
to each certificate.
@@ -231,7 +234,7 @@ Convert a \s-1CRL\s0 file from \s-1PEM\s0 to \s-1DER:\s0
Output the text form of a \s-1DER\s0 encoded certificate:
.PP
.Vb 1
-\& openssl crl \-in crl.der \-text \-noout
+\& openssl crl \-in crl.der \-inform DER \-text \-noout
.Ve
.SH "BUGS"
.IX Header "BUGS"
@@ -240,3 +243,11 @@ and files too.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIcrl2pkcs7\fR\|(1), \fIca\fR\|(1), \fIx509\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/crl2pkcs7.1 b/secure/usr.bin/openssl/man/crl2pkcs7.1
index c1ae08dde2b3..12102f2304d6 100644
--- a/secure/usr.bin/openssl/man/crl2pkcs7.1
+++ b/secure/usr.bin/openssl/man/crl2pkcs7.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "CRL2PKCS7 1"
-.TH CRL2PKCS7 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH CRL2PKCS7 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-crl2pkcs7,
-crl2pkcs7 \- Create a PKCS#7 structure from a CRL and certificates.
+openssl\-crl2pkcs7, crl2pkcs7 \- Create a PKCS#7 structure from a CRL and certificates
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBcrl2pkcs7\fR
+[\fB\-help\fR]
[\fB\-inform PEM|DER\fR]
[\fB\-outform PEM|DER\fR]
[\fB\-in filename\fR]
@@ -151,35 +151,38 @@ crl2pkcs7 \- Create a PKCS#7 structure from a CRL and certificates.
The \fBcrl2pkcs7\fR command takes an optional \s-1CRL\s0 and one or more
certificates and converts them into a PKCS#7 degenerate \*(L"certificates
only\*(R" structure.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform DER|PEM\fR" 4
.IX Item "-inform DER|PEM"
This specifies the \s-1CRL\s0 input format. \fB\s-1DER\s0\fR format is \s-1DER\s0 encoded \s-1CRL\s0
structure.\fB\s-1PEM\s0\fR (the default) is a base64 encoded version of
-the \s-1DER\s0 form with header and footer lines.
+the \s-1DER\s0 form with header and footer lines. The default format is \s-1PEM.\s0
.IP "\fB\-outform DER|PEM\fR" 4
.IX Item "-outform DER|PEM"
This specifies the PKCS#7 structure output format. \fB\s-1DER\s0\fR format is \s-1DER\s0
encoded PKCS#7 structure.\fB\s-1PEM\s0\fR (the default) is a base64 encoded version of
-the \s-1DER\s0 form with header and footer lines.
+the \s-1DER\s0 form with header and footer lines. The default format is \s-1PEM.\s0
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read a \s-1CRL\s0 from or standard input if this
option is not specified.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-specifies the output filename to write the PKCS#7 structure to or standard
+Specifies the output filename to write the PKCS#7 structure to or standard
output by default.
.IP "\fB\-certfile filename\fR" 4
.IX Item "-certfile filename"
-specifies a filename containing one or more certificates in \fB\s-1PEM\s0\fR format.
+Specifies a filename containing one or more certificates in \fB\s-1PEM\s0\fR format.
All certificates in the file will be added to the PKCS#7 structure. This
option can be used more than once to read certificates form multiple
files.
.IP "\fB\-nocrl\fR" 4
.IX Item "-nocrl"
-normally a \s-1CRL\s0 is included in the output file. With this option no \s-1CRL\s0 is
+Normally a \s-1CRL\s0 is included in the output file. With this option no \s-1CRL\s0 is
included in the output file and a \s-1CRL\s0 is not read from the input file.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
@@ -193,7 +196,7 @@ Creates a PKCS#7 structure in \s-1DER\s0 format with no \s-1CRL\s0 from several
different certificates:
.PP
.Vb 2
-\& openssl crl2pkcs7 \-nocrl \-certfile newcert.pem
+\& openssl crl2pkcs7 \-nocrl \-certfile newcert.pem
\& \-certfile demoCA/cacert.pem \-outform DER \-out p7.der
.Ve
.SH "NOTES"
@@ -210,3 +213,11 @@ install user certificates and CAs in \s-1MSIE\s0 using the Xenroll control.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIpkcs7\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/dgst.1 b/secure/usr.bin/openssl/man/dgst.1
index eaddb0852226..846e01c0d007 100644
--- a/secure/usr.bin/openssl/man/dgst.1
+++ b/secure/usr.bin/openssl/man/dgst.1
@@ -129,24 +129,23 @@
.\" ========================================================================
.\"
.IX Title "DGST 1"
-.TH DGST 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH DGST 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-dgst,
-dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md2, md4, md5, dss1 \- message digests
+openssl\-dgst, dgst \- perform digest operations
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
-\&\fBopenssl\fR \fBdgst\fR
-[\fB\-sha|\-sha1|\-mdc2|\-ripemd160|\-sha224|\-sha256|\-sha384|\-sha512|\-md2|\-md4|\-md5|\-dss1\fR]
+\&\fBopenssl dgst\fR
+[\fB\-\f(BIdigest\fB\fR]
+[\fB\-help\fR]
[\fB\-c\fR]
[\fB\-d\fR]
[\fB\-hex\fR]
[\fB\-binary\fR]
[\fB\-r\fR]
-[\fB\-non\-fips\-allow\fR]
[\fB\-out filename\fR]
[\fB\-sign filename\fR]
[\fB\-keyform arg\fR]
@@ -155,81 +154,88 @@ dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md2, md4, md5,
[\fB\-prverify filename\fR]
[\fB\-signature filename\fR]
[\fB\-hmac key\fR]
-[\fB\-non\-fips\-allow\fR]
[\fB\-fips\-fingerprint\fR]
+[\fB\-rand file...\fR]
+[\fB\-engine id\fR]
+[\fB\-engine_impl\fR]
[\fBfile...\fR]
.PP
-\&\fBopenssl\fR
-[\fIdigest\fR]
-[\fB...\fR]
+\&\fBopenssl\fR \fIdigest\fR [\fB...\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The digest functions output the message digest of a supplied file or files
in hexadecimal. The digest functions also generate and verify digital
signatures using message digests.
+.PP
+The generic name, \fBdgst\fR, may be used with an option specifying the
+algorithm to be used.
+The default digest is \fIsha256\fR.
+A supported \fIdigest\fR name may also be used as the command name.
+To see the list of supported algorithms, use the \fIlist \-\-digest\-commands\fR
+command.
.SH "OPTIONS"
.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
+.IP "\fB\-\f(BIdigest\fB\fR" 4
+.IX Item "-digest"
+Specifies name of a supported digest to be used. To see the list of
+supported digests, use the command \fIlist \-\-digest\-commands\fR.
.IP "\fB\-c\fR" 4
.IX Item "-c"
-print out the digest in two digit groups separated by colons, only relevant if
+Print out the digest in two digit groups separated by colons, only relevant if
\&\fBhex\fR format output is used.
.IP "\fB\-d\fR" 4
.IX Item "-d"
-print out \s-1BIO\s0 debugging information.
+Print out \s-1BIO\s0 debugging information.
.IP "\fB\-hex\fR" 4
.IX Item "-hex"
-digest is to be output as a hex dump. This is the default case for a \*(L"normal\*(R"
+Digest is to be output as a hex dump. This is the default case for a \*(L"normal\*(R"
digest as opposed to a digital signature. See \s-1NOTES\s0 below for digital
signatures using \fB\-hex\fR.
.IP "\fB\-binary\fR" 4
.IX Item "-binary"
-output the digest or signature in binary form.
+Output the digest or signature in binary form.
.IP "\fB\-r\fR" 4
.IX Item "-r"
-output the digest in the \*(L"coreutils\*(R" format used by programs like \fBsha1sum\fR.
-.IP "\fB\-non\-fips\-allow\fR" 4
-.IX Item "-non-fips-allow"
-Allow use of non \s-1FIPS\s0 digest when in \s-1FIPS\s0 mode. This has no effect when not in
-\&\s-1FIPS\s0 mode.
+Output the digest in the \*(L"coreutils\*(R" format used by programs like \fBsha1sum\fR.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-filename to output to, or standard output by default.
+Filename to output to, or standard output by default.
.IP "\fB\-sign filename\fR" 4
.IX Item "-sign filename"
-digitally sign the digest using the private key in \*(L"filename\*(R".
+Digitally sign the digest using the private key in \*(L"filename\*(R". Note this option
+does not support Ed25519 or Ed448 private keys. Use the \fBpkeyutl\fR command
+instead for this.
.IP "\fB\-keyform arg\fR" 4
.IX Item "-keyform arg"
Specifies the key format to sign digest with. The \s-1DER, PEM, P12,\s0
and \s-1ENGINE\s0 formats are supported.
-.IP "\fB\-engine id\fR" 4
-.IX Item "-engine id"
-Use engine \fBid\fR for operations (including private key storage).
-This engine is not used as source for digest algorithms, unless it is
-also specified in the configuration file.
.IP "\fB\-sigopt nm:v\fR" 4
.IX Item "-sigopt nm:v"
Pass options to the signature algorithm during sign or verify operations.
Names and values of these options are algorithm-specific.
.IP "\fB\-passin arg\fR" 4
.IX Item "-passin arg"
-the private key password source. For more information about the format of \fBarg\fR
+The private key password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
.IP "\fB\-verify filename\fR" 4
.IX Item "-verify filename"
-verify the signature using the public key in \*(L"filename\*(R".
+Verify the signature using the public key in \*(L"filename\*(R".
The output is either \*(L"Verification \s-1OK\*(R"\s0 or \*(L"Verification Failure\*(R".
.IP "\fB\-prverify filename\fR" 4
.IX Item "-prverify filename"
-verify the signature using the private key in \*(L"filename\*(R".
+Verify the signature using the private key in \*(L"filename\*(R".
.IP "\fB\-signature filename\fR" 4
.IX Item "-signature filename"
-the actual signature to verify.
+The actual signature to verify.
.IP "\fB\-hmac key\fR" 4
.IX Item "-hmac key"
-create a hashed \s-1MAC\s0 using \*(L"key\*(R".
+Create a hashed \s-1MAC\s0 using \*(L"key\*(R".
.IP "\fB\-mac alg\fR" 4
.IX Item "-mac alg"
-create \s-1MAC\s0 (keyed Message Authentication Code). The most popular \s-1MAC\s0
+Create \s-1MAC\s0 (keyed Message Authentication Code). The most popular \s-1MAC\s0
algorithm is \s-1HMAC\s0 (hash-based \s-1MAC\s0), but there are other \s-1MAC\s0 algorithms
which are not based on hash, for instance \fBgost-mac\fR algorithm,
supported by \fBccgost\fR engine. \s-1MAC\s0 keys and other options should be set
@@ -239,12 +245,12 @@ via \fB\-macopt\fR parameter.
Passes options to \s-1MAC\s0 algorithm, specified by \fB\-mac\fR key.
Following options are supported by both by \fB\s-1HMAC\s0\fR and \fBgost-mac\fR:
.RS 4
-.IP "\fBkey:string\fR" 8
+.IP "\fBkey:string\fR" 4
.IX Item "key:string"
-Specifies \s-1MAC\s0 key as alphnumeric string (use if key contain printable
+Specifies \s-1MAC\s0 key as alphanumeric string (use if key contain printable
characters only). String length must conform to any restrictions of
the \s-1MAC\s0 algorithm for example exactly 32 chars for gost-mac.
-.IP "\fBhexkey:string\fR" 8
+.IP "\fBhexkey:string\fR" 4
.IX Item "hexkey:string"
Specifies \s-1MAC\s0 key in hexadecimal form (two hex digits per byte).
Key length must conform to any restrictions of the \s-1MAC\s0 algorithm
@@ -252,23 +258,33 @@ for example exactly 32 chars for gost-mac.
.RE
.RS 4
.RE
-.IP "\fB\-rand file(s)\fR" 4
-.IX Item "-rand file(s)"
-a file or files containing random data used to seed the random number
-generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
-Multiple files can be specified separated by a OS-dependent character.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
-.IP "\fB\-non\-fips\-allow\fR" 4
-.IX Item "-non-fips-allow"
-enable use of non-FIPS algorithms such as \s-1MD5\s0 even in \s-1FIPS\s0 mode.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fB\-fips\-fingerprint\fR" 4
.IX Item "-fips-fingerprint"
-compute \s-1HMAC\s0 using a specific key
-for certain OpenSSL-FIPS operations.
+Compute \s-1HMAC\s0 using a specific key for certain OpenSSL-FIPS operations.
+.IP "\fB\-engine id\fR" 4
+.IX Item "-engine id"
+Use engine \fBid\fR for operations (including private key storage).
+This engine is not used as source for digest algorithms, unless it is
+also specified in the configuration file or \fB\-engine_impl\fR is also
+specified.
+.IP "\fB\-engine_impl\fR" 4
+.IX Item "-engine_impl"
+When used with the \fB\-engine\fR option, it specifies to also use
+engine \fBid\fR for digest operations.
.IP "\fBfile...\fR" 4
.IX Item "file..."
-file or files to digest. If no files are specified then standard input is
+File or files to digest. If no files are specified then standard input is
used.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
@@ -284,8 +300,13 @@ To verify a signature:
file.txt
.SH "NOTES"
.IX Header "NOTES"
-The digest of choice for all new applications is \s-1SHA1.\s0 Other digests are
-however still widely used.
+The digest mechanisms that are available will depend on the options
+used when building OpenSSL.
+The \fBlist digest-commands\fR command can be used to list them.
+.PP
+New or agile applications should use probably use \s-1SHA\-256.\s0 Other digests,
+particularly \s-1SHA\-1\s0 and \s-1MD5,\s0 are still widely used for interoperating
+with existing formats and protocols.
.PP
When signing a file, \fBdgst\fR will automatically determine the algorithm
(\s-1RSA, ECC,\s0 etc) to use for signing based on the private key's \s-1ASN.1\s0 info.
@@ -302,3 +323,15 @@ being signed or verified.
Hex signatures cannot be verified using \fBopenssl\fR. Instead, use \*(L"xxd \-r\*(R"
or similar program to transform the hex signature into a binary signature
prior to verification.
+.SH "HISTORY"
+.IX Header "HISTORY"
+The default digest was changed from \s-1MD5\s0 to \s-1SHA256\s0 in OpenSSL 1.1.0
+The FIPS-related options were removed in OpenSSL 1.1.0
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/dhparam.1 b/secure/usr.bin/openssl/man/dhparam.1
index 33d01cdd00ac..95514740d747 100644
--- a/secure/usr.bin/openssl/man/dhparam.1
+++ b/secure/usr.bin/openssl/man/dhparam.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "DHPARAM 1"
-.TH DHPARAM 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH DHPARAM 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-dhparam,
-dhparam \- DH parameter manipulation and generation
+openssl\-dhparam, dhparam \- DH parameter manipulation and generation
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl dhparam\fR
+[\fB\-help\fR]
[\fB\-inform DER|PEM\fR]
[\fB\-outform DER|PEM\fR]
[\fB\-in\fR \fIfilename\fR]
@@ -151,7 +151,8 @@ dhparam \- DH parameter manipulation and generation
[\fB\-C\fR]
[\fB\-2\fR]
[\fB\-5\fR]
-[\fB\-rand\fR \fIfile(s)\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-engine id\fR]
[\fInumbits\fR]
.SH "DESCRIPTION"
@@ -159,6 +160,9 @@ dhparam \- DH parameter manipulation and generation
This command is used to manipulate \s-1DH\s0 parameter files.
.SH "OPTIONS"
.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform DER|PEM\fR" 4
.IX Item "-inform DER|PEM"
This specifies the input format. The \fB\s-1DER\s0\fR option uses an \s-1ASN1 DER\s0 encoded
@@ -167,8 +171,8 @@ default format: it consists of the \fB\s-1DER\s0\fR format base64 encoded with
additional header and footer lines.
.IP "\fB\-outform DER|PEM\fR" 4
.IX Item "-outform DER|PEM"
-This specifies the output format, the options have the same meaning as the
-\&\fB\-inform\fR option.
+This specifies the output format, the options have the same meaning and default
+as the \fB\-inform\fR option.
.IP "\fB\-in\fR \fIfilename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read parameters from or standard input if
@@ -191,48 +195,53 @@ parameters, a fresh \s-1DH\s0 key should be created for each use to
avoid small-subgroup attacks that may be possible otherwise.
.IP "\fB\-check\fR" 4
.IX Item "-check"
-check if the parameters are valid primes and generator.
+Performs numerous checks to see if the supplied parameters are valid and
+displays a warning if not.
.IP "\fB\-2\fR, \fB\-5\fR" 4
.IX Item "-2, -5"
The generator to use, either 2 or 5. If present then the
input file is ignored and parameters are generated instead. If not
present but \fBnumbits\fR is present, parameters are generated with the
default generator 2.
-.IP "\fB\-rand\fR \fIfile(s)\fR" 4
-.IX Item "-rand file(s)"
-a file or files containing random data used to seed the random number
-generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
-Multiple files can be specified separated by a OS-dependent character.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fInumbits\fR" 4
.IX Item "numbits"
-this option specifies that a parameter set should be generated of size
+This option specifies that a parameter set should be generated of size
\&\fInumbits\fR. It must be the last option. If this option is present then
the input file is ignored and parameters are generated instead. If
this option is not present but a generator (\fB\-2\fR or \fB\-5\fR) is
present, parameters are generated with a default length of 2048 bits.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-this option inhibits the output of the encoded version of the parameters.
+This option inhibits the output of the encoded version of the parameters.
.IP "\fB\-text\fR" 4
.IX Item "-text"
-this option prints out the \s-1DH\s0 parameters in human readable form.
+This option prints out the \s-1DH\s0 parameters in human readable form.
.IP "\fB\-C\fR" 4
.IX Item "-C"
-this option converts the parameters into C code. The parameters can then
-be loaded by calling the \fBget_dh\fR\fInumbits\fR\fB()\fR function.
+This option converts the parameters into C code. The parameters can then
+be loaded by calling the \fIget_dhNNNN()\fR function.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBdhparam\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBdhparam\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
.SH "WARNINGS"
.IX Header "WARNINGS"
The program \fBdhparam\fR combines the functionality of the programs \fBdh\fR and
-\&\fBgendh\fR in previous versions of OpenSSL and SSLeay. The \fBdh\fR and \fBgendh\fR
-programs are retained for now but may have different purposes in future
+\&\fBgendh\fR in previous versions of OpenSSL. The \fBdh\fR and \fBgendh\fR
+programs are retained for now but may have different purposes in future
versions of OpenSSL.
.SH "NOTES"
.IX Header "NOTES"
@@ -253,7 +262,11 @@ There should be a way to generate and manipulate \s-1DH\s0 keys.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIdsaparam\fR\|(1)
-.SH "HISTORY"
-.IX Header "HISTORY"
-The \fBdhparam\fR command was added in OpenSSL 0.9.5.
-The \fB\-dsaparam\fR option was added in OpenSSL 0.9.6.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/dsa.1 b/secure/usr.bin/openssl/man/dsa.1
index ff600983c912..5f860ac6c859 100644
--- a/secure/usr.bin/openssl/man/dsa.1
+++ b/secure/usr.bin/openssl/man/dsa.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "DSA 1"
-.TH DSA 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH DSA 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-dsa,
-dsa \- DSA key processing
+openssl\-dsa, dsa \- DSA key processing
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBdsa\fR
+[\fB\-help\fR]
[\fB\-inform PEM|DER\fR]
[\fB\-outform PEM|DER\fR]
[\fB\-in filename\fR]
@@ -149,6 +149,9 @@ dsa \- DSA key processing
[\fB\-aes128\fR]
[\fB\-aes192\fR]
[\fB\-aes256\fR]
+[\fB\-aria128\fR]
+[\fB\-aria192\fR]
+[\fB\-aria256\fR]
[\fB\-camellia128\fR]
[\fB\-camellia192\fR]
[\fB\-camellia256\fR]
@@ -167,8 +170,11 @@ The \fBdsa\fR command processes \s-1DSA\s0 keys. They can be converted between v
forms and their components printed out. \fBNote\fR This command uses the
traditional SSLeay compatible format for private key encryption: newer
applications should use the more secure PKCS#8 format using the \fBpkcs8\fR
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform DER|PEM\fR" 4
.IX Item "-inform DER|PEM"
This specifies the input format. The \fB\s-1DER\s0\fR option with a private key uses
@@ -182,8 +188,8 @@ encoded with additional header and footer lines. In the case of a private key
PKCS#8 format is also accepted.
.IP "\fB\-outform DER|PEM\fR" 4
.IX Item "-outform DER|PEM"
-This specifies the output format, the options have the same meaning as the
-\&\fB\-inform\fR option.
+This specifies the output format, the options have the same meaning and default
+as the \fB\-inform\fR option.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read a key from or standard input if this
@@ -191,7 +197,7 @@ option is not specified. If the key is encrypted a pass phrase will be
prompted for.
.IP "\fB\-passin arg\fR" 4
.IX Item "-passin arg"
-the input file password source. For more information about the format of \fBarg\fR
+The input file password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
@@ -201,10 +207,10 @@ prompted for. The output filename should \fBnot\fR be the same as the input
filename.
.IP "\fB\-passout arg\fR" 4
.IX Item "-passout arg"
-the output file password source. For more information about the format of \fBarg\fR
+The output file password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
-.IP "\fB\-aes128|\-aes192|\-aes256|\-camellia128|\-camellia192|\-camellia256|\-des|\-des3|\-idea\fR" 4
-.IX Item "-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea"
+.IP "\fB\-aes128\fR, \fB\-aes192\fR, \fB\-aes256\fR, \fB\-aria128\fR, \fB\-aria192\fR, \fB\-aria256\fR, \fB\-camellia128\fR, \fB\-camellia192\fR, \fB\-camellia256\fR, \fB\-des\fR, \fB\-des3\fR, \fB\-idea\fR" 4
+.IX Item "-aes128, -aes192, -aes256, -aria128, -aria192, -aria256, -camellia128, -camellia192, -camellia256, -des, -des3, -idea"
These options encrypt the private key with the specified
cipher before outputting it. A pass phrase is prompted for.
If none of these options is specified the key is written in plain text. This
@@ -214,25 +220,25 @@ setting the encryption options it can be use to add or change the pass phrase.
These options can only be used with \s-1PEM\s0 format output files.
.IP "\fB\-text\fR" 4
.IX Item "-text"
-prints out the public, private key components and parameters.
+Prints out the public, private key components and parameters.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-this option prevents output of the encoded version of the key.
+This option prevents output of the encoded version of the key.
.IP "\fB\-modulus\fR" 4
.IX Item "-modulus"
-this option prints out the value of the public key component of the key.
+This option prints out the value of the public key component of the key.
.IP "\fB\-pubin\fR" 4
.IX Item "-pubin"
-by default a private key is read from the input file: with this option a
+By default, a private key is read from the input file. With this option a
public key is read instead.
.IP "\fB\-pubout\fR" 4
.IX Item "-pubout"
-by default a private key is output. With this option a public
+By default, a private key is output. With this option a public
key will be output instead. This option is automatically set if the input is
a public key.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBdsa\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBdsa\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
@@ -286,3 +292,11 @@ To just output the public part of a private key:
.IX Header "SEE ALSO"
\&\fIdsaparam\fR\|(1), \fIgendsa\fR\|(1), \fIrsa\fR\|(1),
\&\fIgenrsa\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/dsaparam.1 b/secure/usr.bin/openssl/man/dsaparam.1
index 57a597d547f2..33b6cfb0c103 100644
--- a/secure/usr.bin/openssl/man/dsaparam.1
+++ b/secure/usr.bin/openssl/man/dsaparam.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "DSAPARAM 1"
-.TH DSAPARAM 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH DSAPARAM 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-dsaparam,
-dsaparam \- DSA parameter manipulation and generation
+openssl\-dsaparam, dsaparam \- DSA parameter manipulation and generation
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl dsaparam\fR
+[\fB\-help\fR]
[\fB\-inform DER|PEM\fR]
[\fB\-outform DER|PEM\fR]
[\fB\-in filename\fR]
@@ -147,7 +147,8 @@ dsaparam \- DSA parameter manipulation and generation
[\fB\-noout\fR]
[\fB\-text\fR]
[\fB\-C\fR]
-[\fB\-rand file(s)\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-genkey\fR]
[\fB\-engine id\fR]
[\fBnumbits\fR]
@@ -156,6 +157,9 @@ dsaparam \- DSA parameter manipulation and generation
This command is used to manipulate or generate \s-1DSA\s0 parameter files.
.SH "OPTIONS"
.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform DER|PEM\fR" 4
.IX Item "-inform DER|PEM"
This specifies the input format. The \fB\s-1DER\s0\fR option uses an \s-1ASN1 DER\s0 encoded
@@ -164,8 +168,8 @@ of p, q and g respectively. The \s-1PEM\s0 form is the default format: it consis
of the \fB\s-1DER\s0\fR format base64 encoded with additional header and footer lines.
.IP "\fB\-outform DER|PEM\fR" 4
.IX Item "-outform DER|PEM"
-This specifies the output format, the options have the same meaning as the
-\&\fB\-inform\fR option.
+This specifies the output format, the options have the same meaning and default
+as the \fB\-inform\fR option.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read parameters from or standard input if
@@ -178,33 +182,37 @@ if this option is not present. The output filename should \fBnot\fR be the same
as the input filename.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-this option inhibits the output of the encoded version of the parameters.
+This option inhibits the output of the encoded version of the parameters.
.IP "\fB\-text\fR" 4
.IX Item "-text"
-this option prints out the \s-1DSA\s0 parameters in human readable form.
+This option prints out the \s-1DSA\s0 parameters in human readable form.
.IP "\fB\-C\fR" 4
.IX Item "-C"
-this option converts the parameters into C code. The parameters can then
-be loaded by calling the \fB\f(BIget_dsaXXX()\fB\fR function.
+This option converts the parameters into C code. The parameters can then
+be loaded by calling the \fIget_dsaXXX()\fR function.
.IP "\fB\-genkey\fR" 4
.IX Item "-genkey"
-this option will generate a \s-1DSA\s0 either using the specified or generated
+This option will generate a \s-1DSA\s0 either using the specified or generated
parameters.
-.IP "\fB\-rand file(s)\fR" 4
-.IX Item "-rand file(s)"
-a file or files containing random data used to seed the random number
-generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
-Multiple files can be specified separated by a OS-dependent character.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fBnumbits\fR" 4
.IX Item "numbits"
-this option specifies that a parameter set should be generated of size
+This option specifies that a parameter set should be generated of size
\&\fBnumbits\fR. It must be the last option. If this option is included then
the input file (if any) is ignored.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBdsaparam\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBdsaparam\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
@@ -223,3 +231,11 @@ for all available algorithms.
.IX Header "SEE ALSO"
\&\fIgendsa\fR\|(1), \fIdsa\fR\|(1), \fIgenrsa\fR\|(1),
\&\fIrsa\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/ec.1 b/secure/usr.bin/openssl/man/ec.1
index ae749d1a2d7b..1a752538bf74 100644
--- a/secure/usr.bin/openssl/man/ec.1
+++ b/secure/usr.bin/openssl/man/ec.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "EC 1"
-.TH EC 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH EC 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-ec,
-ec \- EC key processing
+openssl\-ec, ec \- EC key processing
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBec\fR
+[\fB\-help\fR]
[\fB\-inform PEM|DER\fR]
[\fB\-outform PEM|DER\fR]
[\fB\-in filename\fR]
@@ -156,16 +156,21 @@ ec \- EC key processing
[\fB\-pubout\fR]
[\fB\-conv_form arg\fR]
[\fB\-param_enc arg\fR]
+[\fB\-no_public\fR]
+[\fB\-check\fR]
[\fB\-engine id\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBec\fR command processes \s-1EC\s0 keys. They can be converted between various
-forms and their components printed out. \fBNote\fR OpenSSL uses the
+forms and their components printed out. \fBNote\fR OpenSSL uses the
private key format specified in '\s-1SEC 1:\s0 Elliptic Curve Cryptography'
-(http://www.secg.org/). To convert a OpenSSL \s-1EC\s0 private key into the
+(http://www.secg.org/). To convert an OpenSSL \s-1EC\s0 private key into the
PKCS#8 private key format use the \fBpkcs8\fR command.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform DER|PEM\fR" 4
.IX Item "-inform DER|PEM"
This specifies the input format. The \fB\s-1DER\s0\fR option with a private key uses
@@ -176,8 +181,8 @@ encoded with additional header and footer lines. In the case of a private key
PKCS#8 format is also accepted.
.IP "\fB\-outform DER|PEM\fR" 4
.IX Item "-outform DER|PEM"
-This specifies the output format, the options have the same meaning as the
-\&\fB\-inform\fR option.
+This specifies the output format, the options have the same meaning and default
+as the \fB\-inform\fR option.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read a key from or standard input if this
@@ -185,7 +190,7 @@ option is not specified. If the key is encrypted a pass phrase will be
prompted for.
.IP "\fB\-passin arg\fR" 4
.IX Item "-passin arg"
-the input file password source. For more information about the format of \fBarg\fR
+The input file password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
@@ -195,11 +200,11 @@ prompted for. The output filename should \fBnot\fR be the same as the input
filename.
.IP "\fB\-passout arg\fR" 4
.IX Item "-passout arg"
-the output file password source. For more information about the format of \fBarg\fR
+The output file password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
.IP "\fB\-des|\-des3|\-idea\fR" 4
.IX Item "-des|-des3|-idea"
-These options encrypt the private key with the \s-1DES,\s0 triple \s-1DES, IDEA\s0 or
+These options encrypt the private key with the \s-1DES,\s0 triple \s-1DES, IDEA\s0 or
any other cipher supported by OpenSSL before outputting it. A pass phrase is
prompted for.
If none of these options is specified the key is written in plain text. This
@@ -209,20 +214,20 @@ setting the encryption options it can be use to add or change the pass phrase.
These options can only be used with \s-1PEM\s0 format output files.
.IP "\fB\-text\fR" 4
.IX Item "-text"
-prints out the public, private key components and parameters.
+Prints out the public, private key components and parameters.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-this option prevents output of the encoded version of the key.
+This option prevents output of the encoded version of the key.
.IP "\fB\-modulus\fR" 4
.IX Item "-modulus"
-this option prints out the value of the public key component of the key.
+This option prints out the value of the public key component of the key.
.IP "\fB\-pubin\fR" 4
.IX Item "-pubin"
-by default a private key is read from the input file: with this option a
+By default, a private key is read from the input file. With this option a
public key is read instead.
.IP "\fB\-pubout\fR" 4
.IX Item "-pubout"
-by default a private key is output. With this option a public
+By default a private key is output. With this option a public
key will be output instead. This option is automatically set if the input is
a public key.
.IP "\fB\-conv_form\fR" 4
@@ -238,14 +243,20 @@ the preprocessor macro \fB\s-1OPENSSL_EC_BIN_PT_COMP\s0\fR at compile time.
.IX Item "-param_enc arg"
This specifies how the elliptic curve parameters are encoded.
Possible value are: \fBnamed_curve\fR, i.e. the ec parameters are
-specified by a \s-1OID,\s0 or \fBexplicit\fR where the ec parameters are
-explicitly given (see \s-1RFC 3279\s0 for the definition of the
+specified by an \s-1OID,\s0 or \fBexplicit\fR where the ec parameters are
+explicitly given (see \s-1RFC 3279\s0 for the definition of the
\&\s-1EC\s0 parameters structures). The default value is \fBnamed_curve\fR.
-\&\fBNote\fR the \fBimplicitlyCA\fR alternative ,as specified in \s-1RFC 3279,\s0
+\&\fBNote\fR the \fBimplicitlyCA\fR alternative, as specified in \s-1RFC 3279,\s0
is currently not implemented in OpenSSL.
+.IP "\fB\-no_public\fR" 4
+.IX Item "-no_public"
+This option omits the public key components from the private key output.
+.IP "\fB\-check\fR" 4
+.IX Item "-check"
+This option checks the consistency of an \s-1EC\s0 private or public key.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBec\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBec\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
@@ -304,9 +315,11 @@ To change the point conversion form to \fBcompressed\fR:
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIecparam\fR\|(1), \fIdsa\fR\|(1), \fIrsa\fR\|(1)
-.SH "HISTORY"
-.IX Header "HISTORY"
-The ec command was first introduced in OpenSSL 0.9.8.
-.SH "AUTHOR"
-.IX Header "AUTHOR"
-Nils Larsch for the OpenSSL project (http://www.openssl.org).
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2003\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/ecparam.1 b/secure/usr.bin/openssl/man/ecparam.1
index 88c004c9dca1..9157c6314a41 100644
--- a/secure/usr.bin/openssl/man/ecparam.1
+++ b/secure/usr.bin/openssl/man/ecparam.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "ECPARAM 1"
-.TH ECPARAM 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH ECPARAM 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-ecparam,
-ecparam \- EC parameter manipulation and generation
+openssl\-ecparam, ecparam \- EC parameter manipulation and generation
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl ecparam\fR
+[\fB\-help\fR]
[\fB\-inform DER|PEM\fR]
[\fB\-outform DER|PEM\fR]
[\fB\-in filename\fR]
@@ -153,7 +153,8 @@ ecparam \- EC parameter manipulation and generation
[\fB\-conv_form arg\fR]
[\fB\-param_enc arg\fR]
[\fB\-no_seed\fR]
-[\fB\-rand file(s)\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-genkey\fR]
[\fB\-engine id\fR]
.SH "DESCRIPTION"
@@ -161,16 +162,19 @@ ecparam \- EC parameter manipulation and generation
This command is used to manipulate or generate \s-1EC\s0 parameter files.
.SH "OPTIONS"
.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform DER|PEM\fR" 4
.IX Item "-inform DER|PEM"
This specifies the input format. The \fB\s-1DER\s0\fR option uses an \s-1ASN.1 DER\s0 encoded
form compatible with \s-1RFC 3279\s0 EcpkParameters. The \s-1PEM\s0 form is the default
-format: it consists of the \fB\s-1DER\s0\fR format base64 encoded with additional
+format: it consists of the \fB\s-1DER\s0\fR format base64 encoded with additional
header and footer lines.
.IP "\fB\-outform DER|PEM\fR" 4
.IX Item "-outform DER|PEM"
-This specifies the output format, the options have the same meaning as the
-\&\fB\-inform\fR option.
+This specifies the output format, the options have the same meaning and default
+as the \fB\-inform\fR option.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read parameters from or standard input if
@@ -189,7 +193,7 @@ This option prints out the \s-1EC\s0 parameters in human readable form.
.IP "\fB\-C\fR" 4
.IX Item "-C"
This option converts the \s-1EC\s0 parameters into C code. The parameters can then
-be loaded by calling the \fB\f(BIget_ec_group_XXX()\fB\fR function.
+be loaded by calling the \fIget_ec_group_XXX()\fR function.
.IP "\fB\-check\fR" 4
.IX Item "-check"
Validate the elliptic curve parameters.
@@ -214,10 +218,10 @@ the preprocessor macro \fB\s-1OPENSSL_EC_BIN_PT_COMP\s0\fR at compile time.
.IX Item "-param_enc arg"
This specifies how the elliptic curve parameters are encoded.
Possible value are: \fBnamed_curve\fR, i.e. the ec parameters are
-specified by a \s-1OID,\s0 or \fBexplicit\fR where the ec parameters are
-explicitly given (see \s-1RFC 3279\s0 for the definition of the
+specified by an \s-1OID,\s0 or \fBexplicit\fR where the ec parameters are
+explicitly given (see \s-1RFC 3279\s0 for the definition of the
\&\s-1EC\s0 parameters structures). The default value is \fBnamed_curve\fR.
-\&\fBNote\fR the \fBimplicitlyCA\fR alternative ,as specified in \s-1RFC 3279,\s0
+\&\fBNote\fR the \fBimplicitlyCA\fR alternative, as specified in \s-1RFC 3279,\s0
is currently not implemented in OpenSSL.
.IP "\fB\-no_seed\fR" 4
.IX Item "-no_seed"
@@ -225,17 +229,21 @@ This option inhibits that the 'seed' for the parameter generation
is included in the ECParameters structure (see \s-1RFC 3279\s0).
.IP "\fB\-genkey\fR" 4
.IX Item "-genkey"
-This option will generate a \s-1EC\s0 private key using the specified parameters.
-.IP "\fB\-rand file(s)\fR" 4
-.IX Item "-rand file(s)"
-a file or files containing random data used to seed the random number
-generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
-Multiple files can be specified separated by a OS-dependent character.
+This option will generate an \s-1EC\s0 private key using the specified parameters.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBecparam\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBecparam\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
@@ -290,9 +298,11 @@ To print out the \s-1EC\s0 parameters to standard output:
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIec\fR\|(1), \fIdsaparam\fR\|(1)
-.SH "HISTORY"
-.IX Header "HISTORY"
-The ecparam command was first introduced in OpenSSL 0.9.8.
-.SH "AUTHOR"
-.IX Header "AUTHOR"
-Nils Larsch for the OpenSSL project (http://www.openssl.org)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2003\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/enc.1 b/secure/usr.bin/openssl/man/enc.1
index aff72b88afa4..a3a27af063ea 100644
--- a/secure/usr.bin/openssl/man/enc.1
+++ b/secure/usr.bin/openssl/man/enc.1
@@ -129,23 +129,25 @@
.\" ========================================================================
.\"
.IX Title "ENC 1"
-.TH ENC 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH ENC 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-enc,
-enc \- symmetric cipher routines
+openssl\-enc, enc \- symmetric cipher routines
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
-\&\fBopenssl enc \-ciphername\fR
+\&\fBopenssl enc \-\f(BIcipher\fB\fR
+[\fB\-help\fR]
+[\fB\-ciphers\fR]
[\fB\-in filename\fR]
[\fB\-out filename\fR]
[\fB\-pass arg\fR]
[\fB\-e\fR]
[\fB\-d\fR]
-[\fB\-a/\-base64\fR]
+[\fB\-a\fR]
+[\fB\-base64\fR]
[\fB\-A\fR]
[\fB\-k password\fR]
[\fB\-kfile filename\fR]
@@ -155,14 +157,20 @@ enc \- symmetric cipher routines
[\fB\-salt\fR]
[\fB\-nosalt\fR]
[\fB\-z\fR]
-[\fB\-md\fR]
+[\fB\-md digest\fR]
+[\fB\-iter count\fR]
+[\fB\-pbkdf2\fR]
[\fB\-p\fR]
[\fB\-P\fR]
[\fB\-bufsize number\fR]
[\fB\-nopad\fR]
[\fB\-debug\fR]
[\fB\-none\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-engine id\fR]
+.PP
+\&\fBopenssl\fR \fI[cipher]\fR [\fB...\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The symmetric cipher commands allow data to be encrypted or decrypted
@@ -171,90 +179,102 @@ or explicitly provided. Base64 encoding or decoding can also be performed
either by itself or in addition to the encryption or decryption.
.SH "OPTIONS"
.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
+.IP "\fB\-ciphers\fR" 4
+.IX Item "-ciphers"
+List all supported ciphers.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
-the input filename, standard input by default.
+The input filename, standard input by default.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-the output filename, standard output by default.
+The output filename, standard output by default.
.IP "\fB\-pass arg\fR" 4
.IX Item "-pass arg"
-the password source. For more information about the format of \fBarg\fR
+The password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
-.IP "\fB\-salt\fR" 4
-.IX Item "-salt"
-use a salt in the key derivation routines. This is the default.
-.IP "\fB\-nosalt\fR" 4
-.IX Item "-nosalt"
-don't use a salt in the key derivation routines. This option \fB\s-1SHOULD NOT\s0\fR be
-used except for test purposes or compatibility with ancient versions of OpenSSL
-and SSLeay.
.IP "\fB\-e\fR" 4
.IX Item "-e"
-encrypt the input data: this is the default.
+Encrypt the input data: this is the default.
.IP "\fB\-d\fR" 4
.IX Item "-d"
-decrypt the input data.
+Decrypt the input data.
.IP "\fB\-a\fR" 4
.IX Item "-a"
-base64 process the data. This means that if encryption is taking place
+Base64 process the data. This means that if encryption is taking place
the data is base64 encoded after encryption. If decryption is set then
the input data is base64 decoded before being decrypted.
.IP "\fB\-base64\fR" 4
.IX Item "-base64"
-same as \fB\-a\fR
+Same as \fB\-a\fR
.IP "\fB\-A\fR" 4
.IX Item "-A"
-if the \fB\-a\fR option is set then base64 process the data on one line.
+If the \fB\-a\fR option is set then base64 process the data on one line.
.IP "\fB\-k password\fR" 4
.IX Item "-k password"
-the password to derive the key from. This is for compatibility with previous
+The password to derive the key from. This is for compatibility with previous
versions of OpenSSL. Superseded by the \fB\-pass\fR argument.
.IP "\fB\-kfile filename\fR" 4
.IX Item "-kfile filename"
-read the password to derive the key from the first line of \fBfilename\fR.
+Read the password to derive the key from the first line of \fBfilename\fR.
This is for compatibility with previous versions of OpenSSL. Superseded by
the \fB\-pass\fR argument.
+.IP "\fB\-md digest\fR" 4
+.IX Item "-md digest"
+Use the specified digest to create the key from the passphrase.
+The default algorithm is sha\-256.
+.IP "\fB\-iter count\fR" 4
+.IX Item "-iter count"
+Use a given number of iterations on the password in deriving the encryption key.
+High values increase the time required to brute-force the resulting file.
+This option enables the use of \s-1PBKDF2\s0 algorithm to derive the key.
+.IP "\fB\-pbkdf2\fR" 4
+.IX Item "-pbkdf2"
+Use \s-1PBKDF2\s0 algorithm with default iteration count unless otherwise specified.
.IP "\fB\-nosalt\fR" 4
.IX Item "-nosalt"
-do not use a salt
+Don't use a salt in the key derivation routines. This option \fB\s-1SHOULD NOT\s0\fR be
+used except for test purposes or compatibility with ancient versions of
+OpenSSL.
.IP "\fB\-salt\fR" 4
.IX Item "-salt"
-use salt (randomly generated or provide with \fB\-S\fR option) when
-encrypting (this is the default).
+Use salt (randomly generated or provide with \fB\-S\fR option) when
+encrypting, this is the default.
.IP "\fB\-S salt\fR" 4
.IX Item "-S salt"
-the actual salt to use: this must be represented as a string of hex digits.
+The actual salt to use: this must be represented as a string of hex digits.
.IP "\fB\-K key\fR" 4
.IX Item "-K key"
-the actual key to use: this must be represented as a string comprised only
+The actual key to use: this must be represented as a string comprised only
of hex digits. If only the key is specified, the \s-1IV\s0 must additionally specified
using the \fB\-iv\fR option. When both a key and a password are specified, the
key given with the \fB\-K\fR option will be used and the \s-1IV\s0 generated from the
-password will be taken. It probably does not make much sense to specify
-both key and password.
+password will be taken. It does not make much sense to specify both key
+and password.
.IP "\fB\-iv \s-1IV\s0\fR" 4
.IX Item "-iv IV"
-the actual \s-1IV\s0 to use: this must be represented as a string comprised only
+The actual \s-1IV\s0 to use: this must be represented as a string comprised only
of hex digits. When only the key is specified using the \fB\-K\fR option, the
\&\s-1IV\s0 must explicitly be defined. When a password is being specified using
one of the other options, the \s-1IV\s0 is generated from this password.
.IP "\fB\-p\fR" 4
.IX Item "-p"
-print out the key and \s-1IV\s0 used.
+Print out the key and \s-1IV\s0 used.
.IP "\fB\-P\fR" 4
.IX Item "-P"
-print out the key and \s-1IV\s0 used then immediately exit: don't do any encryption
+Print out the key and \s-1IV\s0 used then immediately exit: don't do any encryption
or decryption.
.IP "\fB\-bufsize number\fR" 4
.IX Item "-bufsize number"
-set the buffer size for I/O
+Set the buffer size for I/O.
.IP "\fB\-nopad\fR" 4
.IX Item "-nopad"
-disable standard block padding
+Disable standard block padding.
.IP "\fB\-debug\fR" 4
.IX Item "-debug"
-debug the BIOs used for I/O.
+Debug the BIOs used for I/O.
.IP "\fB\-z\fR" 4
.IX Item "-z"
Compress or decompress clear text using zlib before encryption or after
@@ -263,28 +283,40 @@ or zlib-dynamic option.
.IP "\fB\-none\fR" 4
.IX Item "-none"
Use \s-1NULL\s0 cipher (no encryption or decryption of input).
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
+The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
+all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.SH "NOTES"
.IX Header "NOTES"
-The program can be called either as \fBopenssl ciphername\fR or
-\&\fBopenssl enc \-ciphername\fR. But the first form doesn't work with
+The program can be called either as \fBopenssl cipher\fR or
+\&\fBopenssl enc \-cipher\fR. The first form doesn't work with
engine-provided ciphers, because this form is processed before the
configuration file is read and any ENGINEs loaded.
+Use the \fBlist\fR command to get a list of supported ciphers.
.PP
-Engines which provide entirely new encryption algorithms (such as ccgost
+Engines which provide entirely new encryption algorithms (such as the ccgost
engine which provides gost89 algorithm) should be configured in the
-configuration file. Engines, specified in the command line using \-engine
-options can only be used for hadrware-assisted implementations of
-ciphers, which are supported by OpenSSL core or other engine, specified
+configuration file. Engines specified on the command line using \-engine
+options can only be used for hardware-assisted implementations of
+ciphers which are supported by the OpenSSL core or another engine specified
in the configuration file.
.PP
-When enc command lists supported ciphers, ciphers provided by engines,
+When the enc command lists supported ciphers, ciphers provided by engines,
specified in the configuration files are listed too.
.PP
A password will be prompted for to derive the key and \s-1IV\s0 if necessary.
.PP
The \fB\-salt\fR option should \fB\s-1ALWAYS\s0\fR be used if the key is being derived
from a password unless you want compatibility with previous versions of
-OpenSSL and SSLeay.
+OpenSSL.
.PP
Without the \fB\-salt\fR option it is possible to perform efficient dictionary
attacks on the password and to attack stream cipher encrypted data. The reason
@@ -295,12 +327,12 @@ encrypting a file and read from the encrypted file when it is decrypted.
.PP
Some of the ciphers do not have large keys and others have security
implications if not used correctly. A beginner is advised to just use
-a strong block cipher in \s-1CBC\s0 mode such as bf or des3.
+a strong block cipher, such as \s-1AES,\s0 in \s-1CBC\s0 mode.
.PP
-All the block ciphers normally use PKCS#5 padding also known as standard block
-padding: this allows a rudimentary integrity or password check to be
-performed. However since the chance of random data passing the test is
-better than 1 in 256 it isn't a very good test.
+All the block ciphers normally use PKCS#5 padding, also known as standard
+block padding. This allows a rudimentary integrity or password check to
+be performed. However since the chance of random data passing the test
+is better than 1 in 256 it isn't a very good test.
.PP
If padding is disabled then the input data must be a multiple of the cipher
block length.
@@ -313,13 +345,27 @@ Blowfish and \s-1RC5\s0 algorithms use a 128 bit key.
Note that some of these ciphers can be disabled at compile time
and some are available only if an appropriate engine is configured
in the configuration file. The output of the \fBenc\fR command run with
-unsupported options (for example \fBopenssl enc \-help\fR) includes a
-list of ciphers, supported by your versesion of OpenSSL, including
+the \fB\-ciphers\fR option (that is \fBopenssl enc \-ciphers\fR) produces a
+list of ciphers, supported by your version of OpenSSL, including
ones provided by configured engines.
.PP
The \fBenc\fR program does not support authenticated encryption modes
-like \s-1CCM\s0 and \s-1GCM.\s0 The utility does not store or retrieve the
-authentication tag.
+like \s-1CCM\s0 and \s-1GCM,\s0 and will not support such modes in the future.
+The \fBenc\fR interface by necessity must begin streaming output (e.g.,
+to standard output when \fB\-out\fR is not used before the authentication
+tag could be validated, leading to the usage of \fBenc\fR in pipelines
+that begin processing untrusted data and are not capable of rolling
+back upon authentication failure. The \s-1AEAD\s0 modes currently in common
+use also suffer from catastrophic failure of confidentiality and/or
+integrity upon reuse of key/iv/nonce, and since \fBenc\fR places the
+entire burden of key/iv/nonce management upon the user, the risk of
+exposing \s-1AEAD\s0 modes is too great to allow. These key/iv/nonce
+management issues also affect other modes currently exposed in \fBenc\fR,
+but the failure modes are less extreme in these cases, and the
+functionality cannot be removed with a stable release branch.
+For bulk encryption of data, whether using authenticated encryption
+modes or other modes, \fIcms\fR\|(1) is recommended, as it provides a
+standard data format and performs the needed key/iv/nonce management.
.PP
.Vb 1
\& base64 Base 64
@@ -339,7 +385,7 @@ authentication tag.
\&
\& des\-cbc DES in CBC mode
\& des Alias for des\-cbc
-\& des\-cfb DES in CBC mode
+\& des\-cfb DES in CFB mode
\& des\-ofb DES in OFB mode
\& des\-ecb DES in ECB mode
\&
@@ -357,7 +403,7 @@ authentication tag.
\& desx DESX algorithm.
\&
\& gost89 GOST 28147\-89 in CFB mode (provided by ccgost engine)
-\& gost89\-cnt \`GOST 28147\-89 in CNT mode (provided by ccgost engine)
+\& gost89\-cnt \`GOST 28147\-89 in CNT mode (provided by ccgost engine)
\&
\& idea\-cbc IDEA algorithm in CBC mode
\& idea same as idea\-cbc
@@ -384,12 +430,22 @@ authentication tag.
\& rc5\-ofb RC5 cipher in OFB mode
\&
\& aes\-[128|192|256]\-cbc 128/192/256 bit AES in CBC mode
-\& aes\-[128|192|256] Alias for aes\-[128|192|256]\-cbc
+\& aes[128|192|256] Alias for aes\-[128|192|256]\-cbc
\& aes\-[128|192|256]\-cfb 128/192/256 bit AES in 128 bit CFB mode
\& aes\-[128|192|256]\-cfb1 128/192/256 bit AES in 1 bit CFB mode
\& aes\-[128|192|256]\-cfb8 128/192/256 bit AES in 8 bit CFB mode
+\& aes\-[128|192|256]\-ctr 128/192/256 bit AES in CTR mode
\& aes\-[128|192|256]\-ecb 128/192/256 bit AES in ECB mode
\& aes\-[128|192|256]\-ofb 128/192/256 bit AES in OFB mode
+\&
+\& camellia\-[128|192|256]\-cbc 128/192/256 bit Camellia in CBC mode
+\& camellia[128|192|256] Alias for camellia\-[128|192|256]\-cbc
+\& camellia\-[128|192|256]\-cfb 128/192/256 bit Camellia in 128 bit CFB mode
+\& camellia\-[128|192|256]\-cfb1 128/192/256 bit Camellia in 1 bit CFB mode
+\& camellia\-[128|192|256]\-cfb8 128/192/256 bit Camellia in 8 bit CFB mode
+\& camellia\-[128|192|256]\-ctr 128/192/256 bit Camellia in CTR mode
+\& camellia\-[128|192|256]\-ecb 128/192/256 bit Camellia in ECB mode
+\& camellia\-[128|192|256]\-ofb 128/192/256 bit Camellia in OFB mode
.Ve
.SH "EXAMPLES"
.IX Header "EXAMPLES"
@@ -439,8 +495,17 @@ Decrypt some data using a supplied 40 bit \s-1RC4\s0 key:
.IX Header "BUGS"
The \fB\-A\fR option when used with large files doesn't work properly.
.PP
-There should be an option to allow an iteration count to be included.
-.PP
The \fBenc\fR program only supports a fixed number of algorithms with
certain parameters. So if, for example, you want to use \s-1RC2\s0 with a
76 bit key or \s-1RC4\s0 with an 84 bit key you can't use this program.
+.SH "HISTORY"
+.IX Header "HISTORY"
+The default digest was changed from \s-1MD5\s0 to \s-1SHA256\s0 in Openssl 1.1.0.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/engine.1 b/secure/usr.bin/openssl/man/engine.1
new file mode 100644
index 000000000000..fe9591ca396f
--- /dev/null
+++ b/secure/usr.bin/openssl/man/engine.1
@@ -0,0 +1,236 @@
+.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
+.\"
+.\" Standard preamble:
+.\" ========================================================================
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Vb \" Begin verbatim text
+.ft CW
+.nf
+.ne \\$1
+..
+.de Ve \" End verbatim text
+.ft R
+.fi
+..
+.\" Set up some character translations and predefined strings. \*(-- will
+.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
+.\" double quote, and \*(R" will give a right double quote. \*(C+ will
+.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
+.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
+.\" nothing in troff, for use with C<>.
+.tr \(*W-
+.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
+.ie n \{\
+. ds -- \(*W-
+. ds PI pi
+. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
+. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
+. ds L" ""
+. ds R" ""
+. ds C` ""
+. ds C' ""
+'br\}
+.el\{\
+. ds -- \|\(em\|
+. ds PI \(*p
+. ds L" ``
+. ds R" ''
+. ds C`
+. ds C'
+'br\}
+.\"
+.\" Escape single quotes in literal strings from groff's Unicode transform.
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\"
+.\" If the F register is >0, we'll generate index entries on stderr for
+.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
+.\" entries marked with X<> in POD. Of course, you'll have to process the
+.\" output yourself in some meaningful fashion.
+.\"
+.\" Avoid warning from groff about undefined register 'F'.
+.de IX
+..
+.if !\nF .nr F 0
+.if \nF>0 \{\
+. de IX
+. tm Index:\\$1\t\\n%\t"\\$2"
+..
+. if !\nF==2 \{\
+. nr % 0
+. nr F 2
+. \}
+.\}
+.\"
+.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
+.\" Fear. Run. Save yourself. No user-serviceable parts.
+. \" fudge factors for nroff and troff
+.if n \{\
+. ds #H 0
+. ds #V .8m
+. ds #F .3m
+. ds #[ \f1
+. ds #] \fP
+.\}
+.if t \{\
+. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
+. ds #V .6m
+. ds #F 0
+. ds #[ \&
+. ds #] \&
+.\}
+. \" simple accents for nroff and troff
+.if n \{\
+. ds ' \&
+. ds ` \&
+. ds ^ \&
+. ds , \&
+. ds ~ ~
+. ds /
+.\}
+.if t \{\
+. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
+. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
+. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
+. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
+. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
+. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
+.\}
+. \" troff and (daisy-wheel) nroff accents
+.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
+.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
+.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
+.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
+.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
+.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
+.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
+.ds ae a\h'-(\w'a'u*4/10)'e
+.ds Ae A\h'-(\w'A'u*4/10)'E
+. \" corrections for vroff
+.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
+.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
+. \" for low resolution devices (crt and lpr)
+.if \n(.H>23 .if \n(.V>19 \
+\{\
+. ds : e
+. ds 8 ss
+. ds o a
+. ds d- d\h'-1'\(ga
+. ds D- D\h'-1'\(hy
+. ds th \o'bp'
+. ds Th \o'LP'
+. ds ae ae
+. ds Ae AE
+.\}
+.rm #[ #] #H #V #F C
+.\" ========================================================================
+.\"
+.IX Title "ENGINE 1"
+.TH ENGINE 1 "2018-09-11" "1.1.1" "OpenSSL"
+.\" For nroff, turn off justification. Always turn off hyphenation; it makes
+.\" way too many mistakes in technical documents.
+.if n .ad l
+.nh
+.SH "NAME"
+openssl\-engine, engine \- load and query engines
+.SH "SYNOPSIS"
+.IX Header "SYNOPSIS"
+\&\fBopenssl engine\fR
+[ \fIengine...\fR ]
+[\fB\-v\fR]
+[\fB\-vv\fR]
+[\fB\-vvv\fR]
+[\fB\-vvv\fR]
+[\fB\-vvv\fR]
+[\fB\-c\fR]
+[\fB\-t\fR]
+[\fB\-tt\fR]
+[\fB\-pre\fR \fIcommand\fR]
+[\fB\-post\fR \fIcommand\fR]
+[ \fIengine...\fR ]
+.SH "DESCRIPTION"
+.IX Header "DESCRIPTION"
+The \fBengine\fR command is used to query the status and capabilities
+of the specified \fBengine\fR's.
+Engines may be specified before and after all other command-line flags.
+Only those specified are queried.
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-v\fR \fB\-vv\fR \fB\-vvv\fR \fB\-vvvv\fR" 4
+.IX Item "-v -vv -vvv -vvvv"
+Provides information about each specified engine. The first flag lists
+all the possible run-time control commands; the second adds a
+description of each command; the third adds the input flags, and the
+final option adds the internal input flags.
+.IP "\fB\-c\fR" 4
+.IX Item "-c"
+Lists the capabilities of each engine.
+.IP "\fB\-t\fR" 4
+.IX Item "-t"
+Tests if each specified engine is available, and displays the answer.
+.IP "\fB\-tt\fR" 4
+.IX Item "-tt"
+Displays an error trace for any unavailable engine.
+.IP "\fB\-pre\fR \fIcommand\fR" 4
+.IX Item "-pre command"
+.PD 0
+.IP "\fB\-post\fR \fIcommand\fR" 4
+.IX Item "-post command"
+.PD
+Command-line configuration of engines.
+The \fB\-pre\fR command is given to the engine before it is loaded and
+the \fB\-post\fR command is given after the engine is loaded.
+The \fIcommand\fR is of the form \fIcmd:val\fR where \fIcmd\fR is the command,
+and \fIval\fR is the value for the command.
+See the example below.
+.SH "EXAMPLE"
+.IX Header "EXAMPLE"
+To list all the commands available to a dynamic engine:
+.PP
+.Vb 10
+\& $ openssl engine \-t \-tt \-vvvv dynamic
+\& (dynamic) Dynamic engine loading support
+\& [ unavailable ]
+\& SO_PATH: Specifies the path to the new ENGINE shared library
+\& (input flags): STRING
+\& NO_VCHECK: Specifies to continue even if version checking fails (boolean)
+\& (input flags): NUMERIC
+\& ID: Specifies an ENGINE id name for loading
+\& (input flags): STRING
+\& LIST_ADD: Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)
+\& (input flags): NUMERIC
+\& DIR_LOAD: Specifies whether to load from \*(AqDIR_ADD\*(Aq directories (0=no,1=yes,2=mandatory)
+\& (input flags): NUMERIC
+\& DIR_ADD: Adds a directory from which ENGINEs can be loaded
+\& (input flags): STRING
+\& LOAD: Load up the ENGINE specified by other settings
+\& (input flags): NO_INPUT
+.Ve
+.PP
+To list the capabilities of the \fIrsax\fR engine:
+.PP
+.Vb 4
+\& $ openssl engine \-c
+\& (rsax) RSAX engine support
+\& [RSA]
+\& (dynamic) Dynamic engine loading support
+.Ve
+.SH "ENVIRONMENT"
+.IX Header "ENVIRONMENT"
+.IP "\fB\s-1OPENSSL_ENGINES\s0\fR" 4
+.IX Item "OPENSSL_ENGINES"
+The path to the engines directory.
+.SH "SEE ALSO"
+.IX Header "SEE ALSO"
+\&\fIconfig\fR\|(5)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2016\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/errstr.1 b/secure/usr.bin/openssl/man/errstr.1
index dec3c719aed8..2debaab43215 100644
--- a/secure/usr.bin/openssl/man/errstr.1
+++ b/secure/usr.bin/openssl/man/errstr.1
@@ -129,23 +129,25 @@
.\" ========================================================================
.\"
.IX Title "ERRSTR 1"
-.TH ERRSTR 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH ERRSTR 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-errstr,
-errstr \- lookup error codes
+openssl\-errstr, errstr \- lookup error codes
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl errstr error_code\fR
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Sometimes an application will not load error message and only
-numerical forms will be available. The \fBerrstr\fR utility can be used to
+numerical forms will be available. The \fBerrstr\fR utility can be used to
display the meaning of the hex code. The hex code is the hex digits after the
second colon.
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+None.
.SH "EXAMPLE"
.IX Header "EXAMPLE"
The error code:
@@ -165,8 +167,11 @@ to produce the error message:
.Vb 1
\& error:2006D080:BIO routines:BIO_new_file:no such file
.Ve
-.SH "SEE ALSO"
-.IX Header "SEE ALSO"
-\&\fIerr\fR\|(3),
-\&\fIERR_load_crypto_strings\fR\|(3),
-\&\fISSL_load_error_strings\fR\|(3)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2004\-2016 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/gendsa.1 b/secure/usr.bin/openssl/man/gendsa.1
index 33f91e533856..14d9fd9261fb 100644
--- a/secure/usr.bin/openssl/man/gendsa.1
+++ b/secure/usr.bin/openssl/man/gendsa.1
@@ -129,28 +129,32 @@
.\" ========================================================================
.\"
.IX Title "GENDSA 1"
-.TH GENDSA 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH GENDSA 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-gendsa,
-gendsa \- generate a DSA private key from a set of parameters
+openssl\-gendsa, gendsa \- generate a DSA private key from a set of parameters
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBgendsa\fR
+[\fB\-help\fR]
[\fB\-out filename\fR]
[\fB\-aes128\fR]
[\fB\-aes192\fR]
[\fB\-aes256\fR]
+[\fB\-aria128\fR]
+[\fB\-aria192\fR]
+[\fB\-aria256\fR]
[\fB\-camellia128\fR]
[\fB\-camellia192\fR]
[\fB\-camellia256\fR]
[\fB\-des\fR]
[\fB\-des3\fR]
[\fB\-idea\fR]
-[\fB\-rand file(s)\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-engine id\fR]
[\fBparamfile\fR]
.SH "DESCRIPTION"
@@ -159,21 +163,32 @@ The \fBgendsa\fR command generates a \s-1DSA\s0 private key from a \s-1DSA\s0 pa
(which will be typically generated by the \fBopenssl dsaparam\fR command).
.SH "OPTIONS"
.IX Header "OPTIONS"
-.IP "\fB\-aes128|\-aes192|\-aes256|\-camellia128|\-camellia192|\-camellia256|\-des|\-des3|\-idea\fR" 4
-.IX Item "-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
+.IP "\fB\-out filename\fR" 4
+.IX Item "-out filename"
+Output the key to the specified file. If this argument is not specified then
+standard output is used.
+.IP "\fB\-aes128\fR, \fB\-aes192\fR, \fB\-aes256\fR, \fB\-aria128\fR, \fB\-aria192\fR, \fB\-aria256\fR, \fB\-camellia128\fR, \fB\-camellia192\fR, \fB\-camellia256\fR, \fB\-des\fR, \fB\-des3\fR, \fB\-idea\fR" 4
+.IX Item "-aes128, -aes192, -aes256, -aria128, -aria192, -aria256, -camellia128, -camellia192, -camellia256, -des, -des3, -idea"
These options encrypt the private key with specified
cipher before outputting it. A pass phrase is prompted for.
If none of these options is specified no encryption is used.
-.IP "\fB\-rand file(s)\fR" 4
-.IX Item "-rand file(s)"
-a file or files containing random data used to seed the random number
-generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
-Multiple files can be specified separated by a OS-dependent character.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBgendsa\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBgendsa\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
@@ -190,3 +205,11 @@ much quicker that \s-1RSA\s0 key generation for example.
.IX Header "SEE ALSO"
\&\fIdsaparam\fR\|(1), \fIdsa\fR\|(1), \fIgenrsa\fR\|(1),
\&\fIrsa\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/genpkey.1 b/secure/usr.bin/openssl/man/genpkey.1
index ddc58bb64b03..cbfda8622c75 100644
--- a/secure/usr.bin/openssl/man/genpkey.1
+++ b/secure/usr.bin/openssl/man/genpkey.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "GENPKEY 1"
-.TH GENPKEY 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH GENPKEY 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-genpkey,
-genpkey \- generate a private key
+openssl\-genpkey, genpkey \- generate a private key
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBgenpkey\fR
+[\fB\-help\fR]
[\fB\-out filename\fR]
[\fB\-outform PEM|DER\fR]
[\fB\-pass arg\fR]
@@ -155,10 +155,13 @@ genpkey \- generate a private key
The \fBgenpkey\fR command generates a private key.
.SH "OPTIONS"
.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-the output filename. If this argument is not specified then standard output is
-used.
+Output the key to the specified file. If this argument is not specified then
+standard output is used.
.IP "\fB\-outform DER|PEM\fR" 4
.IX Item "-outform DER|PEM"
This specifies the output format \s-1DER\s0 or \s-1PEM.\s0 The default format is \s-1PEM.\s0
@@ -184,7 +187,8 @@ precede any \fB\-pkeyopt\fR options. The options \fB\-paramfile\fR and \fB\-algo
are mutually exclusive. Engines may add algorithms in addition to the standard
built-in ones.
.Sp
-Valid built-in algorithm names for private key generation are \s-1RSA\s0 and \s-1EC.\s0
+Valid built-in algorithm names for private key generation are \s-1RSA,\s0 RSA-PSS, \s-1EC,
+X25519, X448, ED25519\s0 and \s-1ED448.\s0
.Sp
Valid built-in algorithm names for parameter generation (see the \fB\-genparam\fR
option) are \s-1DH, DSA\s0 and \s-1EC.\s0
@@ -209,7 +213,7 @@ precede any \fB\-algorithm\fR, \fB\-paramfile\fR or \fB\-pkeyopt\fR options.
Some public key algorithms generate a private key based on a set of parameters.
They can be supplied using this option. If this option is used the public key
algorithm used is determined by the parameters. If used this option must
-precede and \fB\-pkeyopt\fR options. The options \fB\-paramfile\fR and \fB\-algorithm\fR
+precede any \fB\-pkeyopt\fR options. The options \fB\-paramfile\fR and \fB\-algorithm\fR
are mutually exclusive.
.IP "\fB\-text\fR" 4
.IX Item "-text"
@@ -217,18 +221,38 @@ Print an (unencrypted) text representation of private and public keys and
parameters along with the \s-1PEM\s0 or \s-1DER\s0 structure.
.SH "KEY GENERATION OPTIONS"
.IX Header "KEY GENERATION OPTIONS"
-The options supported by each algorith and indeed each implementation of an
+The options supported by each algorithm and indeed each implementation of an
algorithm can vary. The options for the OpenSSL implementations are detailed
-below.
+below. There are no key generation options defined for the X25519, X448, \s-1ED25519\s0
+or \s-1ED448\s0 algorithms.
.SS "\s-1RSA\s0 Key Generation Options"
.IX Subsection "RSA Key Generation Options"
.IP "\fBrsa_keygen_bits:numbits\fR" 4
.IX Item "rsa_keygen_bits:numbits"
The number of bits in the generated key. If not specified 1024 is used.
+.IP "\fBrsa_keygen_primes:numprimes\fR" 4
+.IX Item "rsa_keygen_primes:numprimes"
+The number of primes in the generated key. If not specified 2 is used.
.IP "\fBrsa_keygen_pubexp:value\fR" 4
.IX Item "rsa_keygen_pubexp:value"
The \s-1RSA\s0 public exponent value. This can be a large decimal or
hexadecimal value if preceded by \fB0x\fR. Default value is 65537.
+.SS "RSA-PSS Key Generation Options"
+.IX Subsection "RSA-PSS Key Generation Options"
+Note: by default an \fBRSA-PSS\fR key has no parameter restrictions.
+.IP "\fBrsa_keygen_bits:numbits\fR, \fBrsa_keygen_primes:numprimes\fR, \fBrsa_keygen_pubexp:value\fR" 4
+.IX Item "rsa_keygen_bits:numbits, rsa_keygen_primes:numprimes, rsa_keygen_pubexp:value"
+These options have the same meaning as the \fB\s-1RSA\s0\fR algorithm.
+.IP "\fBrsa_pss_keygen_md:digest\fR" 4
+.IX Item "rsa_pss_keygen_md:digest"
+If set the key is restricted and can only use \fBdigest\fR for signing.
+.IP "\fBrsa_pss_keygen_mgf1_md:digest\fR" 4
+.IX Item "rsa_pss_keygen_mgf1_md:digest"
+If set the key is restricted and can only use \fBdigest\fR as it's \s-1MGF1\s0
+parameter.
+.IP "\fBrsa_pss_keygen_saltlen:len\fR" 4
+.IX Item "rsa_pss_keygen_saltlen:len"
+If set the key is restricted and \fBlen\fR specifies the minimum salt length.
.SS "\s-1EC\s0 Key Generation Options"
.IX Subsection "EC Key Generation Options"
The \s-1EC\s0 key generation options can also be used for parameter generation.
@@ -291,31 +315,6 @@ options.
.IX Subsection "EC Parameter Generation Options"
The \s-1EC\s0 parameter generation options are the same as for key generation. See
\&\*(L"\s-1EC\s0 Key Generation Options\*(R" above.
-.SH "GOST2001 KEY GENERATION AND PARAMETER OPTIONS"
-.IX Header "GOST2001 KEY GENERATION AND PARAMETER OPTIONS"
-Gost 2001 support is not enabled by default. To enable this algorithm,
-one should load the ccgost engine in the OpenSSL configuration file.
-See \s-1README\s0.gost file in the engines/ccgost directiry of the source
-distribution for more details.
-.PP
-Use of a parameter file for the \s-1GOST R 34.10\s0 algorithm is optional.
-Parameters can be specified during key generation directly as well as
-during generation of parameter file.
-.IP "\fBparamset:name\fR" 4
-.IX Item "paramset:name"
-Specifies \s-1GOST R 34.10\-2001\s0 parameter set according to \s-1RFC 4357.\s0
-Parameter set can be specified using abbreviated name, object short name or
-numeric \s-1OID.\s0 Following parameter sets are supported:
-.Sp
-.Vb 7
-\& paramset OID Usage
-\& A 1.2.643.2.2.35.1 Signature
-\& B 1.2.643.2.2.35.2 Signature
-\& C 1.2.643.2.2.35.3 Signature
-\& XA 1.2.643.2.2.36.0 Key exchange
-\& XB 1.2.643.2.2.36.1 Key exchange
-\& test 1.2.643.2.2.35.0 Test purposes
-.Ve
.SH "NOTES"
.IX Header "NOTES"
The use of the genpkey program is encouraged over the algorithm specific
@@ -338,15 +337,15 @@ Encrypt output private key using 128 bit \s-1AES\s0 and the passphrase \*(L"hell
Generate a 2048 bit \s-1RSA\s0 key using 3 as the public exponent:
.PP
.Vb 2
-\& openssl genpkey \-algorithm RSA \-out key.pem \-pkeyopt rsa_keygen_bits:2048 \e
-\& \-pkeyopt rsa_keygen_pubexp:3
+\& openssl genpkey \-algorithm RSA \-out key.pem \e
+\& \-pkeyopt rsa_keygen_bits:2048 \-pkeyopt rsa_keygen_pubexp:3
.Ve
.PP
Generate 2048 bit \s-1DSA\s0 parameters:
.PP
.Vb 2
\& openssl genpkey \-genparam \-algorithm DSA \-out dsap.pem \e
-\& \-pkeyopt dsa_paramgen_bits:2048
+\& \-pkeyopt dsa_paramgen_bits:2048
.Ve
.PP
Generate \s-1DSA\s0 key from parameters:
@@ -359,15 +358,15 @@ Generate 2048 bit \s-1DH\s0 parameters:
.PP
.Vb 2
\& openssl genpkey \-genparam \-algorithm DH \-out dhp.pem \e
-\& \-pkeyopt dh_paramgen_prime_len:2048
+\& \-pkeyopt dh_paramgen_prime_len:2048
.Ve
.PP
Generate 2048 bit X9.42 \s-1DH\s0 parameters:
.PP
.Vb 3
\& openssl genpkey \-genparam \-algorithm DH \-out dhpx.pem \e
-\& \-pkeyopt dh_paramgen_prime_len:2048 \e
-\& \-pkeyopt dh_paramgen_type:1
+\& \-pkeyopt dh_paramgen_prime_len:2048 \e
+\& \-pkeyopt dh_paramgen_type:1
.Ve
.PP
Output \s-1RFC5114 2048\s0 bit \s-1DH\s0 parameters with 224 bit subgroup:
@@ -382,6 +381,20 @@ Generate \s-1DH\s0 key from parameters:
\& openssl genpkey \-paramfile dhp.pem \-out dhkey.pem
.Ve
.PP
+Generate \s-1EC\s0 parameters:
+.PP
+.Vb 3
+\& openssl genpkey \-genparam \-algorithm EC \-out ecp.pem \e
+\& \-pkeyopt ec_paramgen_curve:secp384r1 \e
+\& \-pkeyopt ec_param_enc:named_curve
+.Ve
+.PP
+Generate \s-1EC\s0 key from parameters:
+.PP
+.Vb 1
+\& openssl genpkey \-paramfile ecp.pem \-out eckey.pem
+.Ve
+.PP
Generate \s-1EC\s0 key directly:
.PP
.Vb 3
@@ -389,7 +402,29 @@ Generate \s-1EC\s0 key directly:
\& \-pkeyopt ec_paramgen_curve:P\-384 \e
\& \-pkeyopt ec_param_enc:named_curve
.Ve
+.PP
+Generate an X25519 private key:
+.PP
+.Vb 1
+\& openssl genpkey \-algorithm X25519 \-out xkey.pem
+.Ve
+.PP
+Generate an \s-1ED448\s0 private key:
+.PP
+.Vb 1
+\& openssl genpkey \-algorithm ED448 \-out xkey.pem
+.Ve
.SH "HISTORY"
.IX Header "HISTORY"
The ability to use \s-1NIST\s0 curve names, and to generate an \s-1EC\s0 key directly,
-were added in OpenSSL 1.0.2.
+were added in OpenSSL 1.0.2. The ability to generate X25519 keys was added in
+OpenSSL 1.1.0. The ability to generate X448, \s-1ED25519\s0 and \s-1ED448\s0 keys was added in
+OpenSSL 1.1.1.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2006\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/genrsa.1 b/secure/usr.bin/openssl/man/genrsa.1
index 06b9833fde51..5500dd79dace 100644
--- a/secure/usr.bin/openssl/man/genrsa.1
+++ b/secure/usr.bin/openssl/man/genrsa.1
@@ -129,14 +129,13 @@
.\" ========================================================================
.\"
.IX Title "GENRSA 1"
-.TH GENRSA 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH GENRSA 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-genrsa,
-genrsa \- generate an RSA private key
+openssl\-genrsa, genrsa \- generate an RSA private key
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBgenrsa\fR
@@ -157,8 +156,10 @@ genrsa \- generate an RSA private key
[\fB\-idea\fR]
[\fB\-f4\fR]
[\fB\-3\fR]
-[\fB\-rand file(s)\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-engine id\fR]
+[\fB\-primes num\fR]
[\fBnumbits\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
@@ -174,57 +175,63 @@ Output the key to the specified file. If this argument is not specified then
standard output is used.
.IP "\fB\-passout arg\fR" 4
.IX Item "-passout arg"
-the output file password source. For more information about the format of \fBarg\fR
-see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
-.IP "\fB\-aes128|\-aes192|\-aes256|\-aria128|\-aria192|\-aria256|\-camellia128|\-camellia192|\-camellia256|\-des|\-des3|\-idea\fR" 4
-.IX Item "-aes128|-aes192|-aes256|-aria128|-aria192|-aria256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea"
+The output file password source. For more information about the format
+of \fBarg\fR see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
+.IP "\fB\-aes128\fR, \fB\-aes192\fR, \fB\-aes256\fR, \fB\-aria128\fR, \fB\-aria192\fR, \fB\-aria256\fR, \fB\-camellia128\fR, \fB\-camellia192\fR, \fB\-camellia256\fR, \fB\-des\fR, \fB\-des3\fR, \fB\-idea\fR" 4
+.IX Item "-aes128, -aes192, -aes256, -aria128, -aria192, -aria256, -camellia128, -camellia192, -camellia256, -des, -des3, -idea"
These options encrypt the private key with specified
cipher before outputting it. If none of these options is
specified no encryption is used. If encryption is used a pass phrase is prompted
for if it is not supplied via the \fB\-passout\fR argument.
.IP "\fB\-F4|\-3\fR" 4
.IX Item "-F4|-3"
-the public exponent to use, either 65537 or 3. The default is 65537.
-.IP "\fB\-rand file(s)\fR" 4
-.IX Item "-rand file(s)"
-a file or files containing random data used to seed the random number
-generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
+The public exponent to use, either 65537 or 3. The default is 65537.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
Multiple files can be specified separated by an OS-dependent character.
The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBgenrsa\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBgenrsa\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
+.IP "\fB\-primes num\fR" 4
+.IX Item "-primes num"
+Specify the number of primes to use while generating the \s-1RSA\s0 key. The \fBnum\fR
+parameter must be a positive integer that is greater than 1 and less than 16.
+If \fBnum\fR is greater than 2, then the generated key is called a 'multi\-prime'
+\&\s-1RSA\s0 key, which is defined in \s-1RFC 8017.\s0
.IP "\fBnumbits\fR" 4
.IX Item "numbits"
-the size of the private key to generate in bits. This must be the last option
-specified. The default is 2048.
+The size of the private key to generate in bits. This must be the last option
+specified. The default is 2048 and values less than 512 are not allowed.
.SH "NOTES"
.IX Header "NOTES"
-\&\s-1RSA\s0 private key generation essentially involves the generation of two prime
-numbers. When generating a private key various symbols will be output to
+\&\s-1RSA\s0 private key generation essentially involves the generation of two or more
+prime numbers. When generating a private key various symbols will be output to
indicate the progress of the generation. A \fB.\fR represents each number which
has passed an initial sieve test, \fB+\fR means a number has passed a single
-round of the Miller-Rabin primality test. A newline means that the number has
-passed all the prime tests (the actual number depends on the key size).
+round of the Miller-Rabin primality test, \fB*\fR means the current prime starts
+a regenerating progress due to some failed tests. A newline means that the number
+has passed all the prime tests (the actual number depends on the key size).
.PP
Because key generation is a random process the time taken to generate a key
-may vary somewhat.
-.SH "BUGS"
-.IX Header "BUGS"
-A quirk of the prime generation algorithm is that it cannot generate small
-primes. Therefore the number of bits should not be less that 64. For typical
-private keys this will not matter because for security reasons they will
-be much larger (typically 1024 bits).
+may vary somewhat. But in general, more primes lead to less generation time
+of a key.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIgendsa\fR\|(1)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
-Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
diff --git a/secure/usr.bin/openssl/man/list.1 b/secure/usr.bin/openssl/man/list.1
new file mode 100644
index 000000000000..a64ec72c1e86
--- /dev/null
+++ b/secure/usr.bin/openssl/man/list.1
@@ -0,0 +1,207 @@
+.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
+.\"
+.\" Standard preamble:
+.\" ========================================================================
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Vb \" Begin verbatim text
+.ft CW
+.nf
+.ne \\$1
+..
+.de Ve \" End verbatim text
+.ft R
+.fi
+..
+.\" Set up some character translations and predefined strings. \*(-- will
+.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
+.\" double quote, and \*(R" will give a right double quote. \*(C+ will
+.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
+.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
+.\" nothing in troff, for use with C<>.
+.tr \(*W-
+.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
+.ie n \{\
+. ds -- \(*W-
+. ds PI pi
+. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
+. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
+. ds L" ""
+. ds R" ""
+. ds C` ""
+. ds C' ""
+'br\}
+.el\{\
+. ds -- \|\(em\|
+. ds PI \(*p
+. ds L" ``
+. ds R" ''
+. ds C`
+. ds C'
+'br\}
+.\"
+.\" Escape single quotes in literal strings from groff's Unicode transform.
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\"
+.\" If the F register is >0, we'll generate index entries on stderr for
+.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
+.\" entries marked with X<> in POD. Of course, you'll have to process the
+.\" output yourself in some meaningful fashion.
+.\"
+.\" Avoid warning from groff about undefined register 'F'.
+.de IX
+..
+.if !\nF .nr F 0
+.if \nF>0 \{\
+. de IX
+. tm Index:\\$1\t\\n%\t"\\$2"
+..
+. if !\nF==2 \{\
+. nr % 0
+. nr F 2
+. \}
+.\}
+.\"
+.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
+.\" Fear. Run. Save yourself. No user-serviceable parts.
+. \" fudge factors for nroff and troff
+.if n \{\
+. ds #H 0
+. ds #V .8m
+. ds #F .3m
+. ds #[ \f1
+. ds #] \fP
+.\}
+.if t \{\
+. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
+. ds #V .6m
+. ds #F 0
+. ds #[ \&
+. ds #] \&
+.\}
+. \" simple accents for nroff and troff
+.if n \{\
+. ds ' \&
+. ds ` \&
+. ds ^ \&
+. ds , \&
+. ds ~ ~
+. ds /
+.\}
+.if t \{\
+. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
+. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
+. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
+. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
+. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
+. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
+.\}
+. \" troff and (daisy-wheel) nroff accents
+.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
+.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
+.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
+.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
+.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
+.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
+.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
+.ds ae a\h'-(\w'a'u*4/10)'e
+.ds Ae A\h'-(\w'A'u*4/10)'E
+. \" corrections for vroff
+.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
+.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
+. \" for low resolution devices (crt and lpr)
+.if \n(.H>23 .if \n(.V>19 \
+\{\
+. ds : e
+. ds 8 ss
+. ds o a
+. ds d- d\h'-1'\(ga
+. ds D- D\h'-1'\(hy
+. ds th \o'bp'
+. ds Th \o'LP'
+. ds ae ae
+. ds Ae AE
+.\}
+.rm #[ #] #H #V #F C
+.\" ========================================================================
+.\"
+.IX Title "LIST 1"
+.TH LIST 1 "2018-09-11" "1.1.1" "OpenSSL"
+.\" For nroff, turn off justification. Always turn off hyphenation; it makes
+.\" way too many mistakes in technical documents.
+.if n .ad l
+.nh
+.SH "NAME"
+openssl\-list, list \- list algorithms and features
+.SH "SYNOPSIS"
+.IX Header "SYNOPSIS"
+\&\fBopenssl list\fR
+[\fB\-help\fR]
+[\fB\-1\fR]
+[\fB\-commands\fR]
+[\fB\-digest\-commands\fR]
+[\fB\-digest\-algorithms\fR]
+[\fB\-cipher\-commands\fR]
+[\fB\-cipher\-algorithms\fR]
+[\fB\-public\-key\-algorithms\fR]
+[\fB\-public\-key\-methods\fR]
+[\fB\-disabled\fR]
+.SH "DESCRIPTION"
+.IX Header "DESCRIPTION"
+This command is used to generate list of algorithms or disabled
+features.
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Display a usage message.
+.IP "\fB\-1\fR" 4
+.IX Item "-1"
+List the commands, digest-commands, or cipher-commands in a single column.
+If used, this option must be given first.
+.IP "\fB\-commands\fR" 4
+.IX Item "-commands"
+Display a list of standard commands.
+.IP "\fB\-digest\-commands\fR" 4
+.IX Item "-digest-commands"
+Display a list of message digest commands, which are typically used
+as input to the \fIdgst\fR\|(1) or \fIspeed\fR\|(1) commands.
+.IP "\fB\-digest\-algorithms\fR" 4
+.IX Item "-digest-algorithms"
+Display a list of message digest algorithms.
+If a line is of the form
+ foo => bar
+then \fBfoo\fR is an alias for the official algorithm name, \fBbar\fR.
+.IP "\fB\-cipher\-commands\fR" 4
+.IX Item "-cipher-commands"
+Display a list of cipher commands, which are typically used as input
+to the \fIdgst\fR\|(1) or \fIspeed\fR\|(1) commands.
+.IP "\fB\-cipher\-algorithms\fR" 4
+.IX Item "-cipher-algorithms"
+Display a list of cipher algorithms.
+If a line is of the form
+ foo => bar
+then \fBfoo\fR is an alias for the official algorithm name, \fBbar\fR.
+.IP "\fB\-public\-key\-algorithms\fR" 4
+.IX Item "-public-key-algorithms"
+Display a list of public key algorithms, with each algorithm as
+a block of multiple lines, all but the first are indented.
+.IP "\fB\-public\-key\-methods\fR" 4
+.IX Item "-public-key-methods"
+Display a list of public key method OIDs: this also includes public key methods
+without an associated \s-1ASN.1\s0 method, for example, \s-1KDF\s0 algorithms.
+.IP "\fB\-disabled\fR" 4
+.IX Item "-disabled"
+Display a list of disabled features, those that were compiled out
+of the installation.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2016\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/nseq.1 b/secure/usr.bin/openssl/man/nseq.1
index d29c7f501eda..eb7629438308 100644
--- a/secure/usr.bin/openssl/man/nseq.1
+++ b/secure/usr.bin/openssl/man/nseq.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "NSEQ 1"
-.TH NSEQ 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH NSEQ 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-nseq,
-nseq \- create or examine a netscape certificate sequence
+openssl\-nseq, nseq \- create or examine a Netscape certificate sequence
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBnseq\fR
+[\fB\-help\fR]
[\fB\-in filename\fR]
[\fB\-out filename\fR]
[\fB\-toseq\fR]
@@ -149,18 +149,21 @@ The \fBnseq\fR command takes a file containing a Netscape certificate
sequence and prints out the certificates contained in it or takes a
file of certificates and converts it into a Netscape certificate
sequence.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read or standard input if this
option is not specified.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-specifies the output filename or standard output by default.
+Specifies the output filename or standard output by default.
.IP "\fB\-toseq\fR" 4
.IX Item "-toseq"
-normally a Netscape certificate sequence will be input and the output
+Normally a Netscape certificate sequence will be input and the output
is the certificates contained in it. With the \fB\-toseq\fR option the
situation is reversed: a Netscape certificate sequence is created from
a file of certificates.
@@ -186,7 +189,7 @@ The \fB\s-1PEM\s0\fR encoded form uses the same headers and footers as a certifi
\& \-\-\-\-\-END CERTIFICATE\-\-\-\-\-
.Ve
.PP
-A Netscape certificate sequence is a Netscape specific form that can be sent
+A Netscape certificate sequence is a Netscape specific format that can be sent
to browsers as an alternative to the standard PKCS#7 format when several
certificates are sent to the browser: for example during certificate enrollment.
It is used by Netscape certificate server for example.
@@ -194,3 +197,11 @@ It is used by Netscape certificate server for example.
.IX Header "BUGS"
This program needs a few more options: like allowing \s-1DER\s0 or \s-1PEM\s0 input and
output files and allowing multiple certificate files to be used.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/ocsp.1 b/secure/usr.bin/openssl/man/ocsp.1
index 74d822041e58..2ce141bc6b2b 100644
--- a/secure/usr.bin/openssl/man/ocsp.1
+++ b/secure/usr.bin/openssl/man/ocsp.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "OCSP 1"
-.TH OCSP 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH OCSP 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-ocsp,
-ocsp \- Online Certificate Status Protocol utility
+openssl\-ocsp, ocsp \- Online Certificate Status Protocol utility
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBocsp\fR
+[\fB\-help\fR]
[\fB\-out file\fR]
[\fB\-issuer file\fR]
[\fB\-cert file\fR]
@@ -158,12 +158,42 @@ ocsp \- Online Certificate Status Protocol utility
[\fB\-nonce\fR]
[\fB\-no_nonce\fR]
[\fB\-url \s-1URL\s0\fR]
-[\fB\-host host:n\fR]
-[\fB\-header name value\fR]
+[\fB\-host host:port\fR]
+[\fB\-multi process-count\fR]
+[\fB\-header\fR]
[\fB\-path\fR]
[\fB\-CApath dir\fR]
[\fB\-CAfile file\fR]
+[\fB\-no\-CAfile\fR]
+[\fB\-no\-CApath\fR]
+[\fB\-attime timestamp\fR]
+[\fB\-check_ss_sig\fR]
+[\fB\-crl_check\fR]
+[\fB\-crl_check_all\fR]
+[\fB\-explicit_policy\fR]
+[\fB\-extended_crl\fR]
+[\fB\-ignore_critical\fR]
+[\fB\-inhibit_any\fR]
+[\fB\-inhibit_map\fR]
+[\fB\-no_check_time\fR]
+[\fB\-partial_chain\fR]
+[\fB\-policy arg\fR]
+[\fB\-policy_check\fR]
+[\fB\-policy_print\fR]
+[\fB\-purpose purpose\fR]
+[\fB\-suiteB_128\fR]
+[\fB\-suiteB_128_only\fR]
+[\fB\-suiteB_192\fR]
+[\fB\-trusted_first\fR]
[\fB\-no_alt_chains\fR]
+[\fB\-use_deltas\fR]
+[\fB\-auth_level num\fR]
+[\fB\-verify_depth num\fR]
+[\fB\-verify_email email\fR]
+[\fB\-verify_hostname hostname\fR]
+[\fB\-verify_ip ip\fR]
+[\fB\-verify_name name\fR]
+[\fB\-x509_strict\fR]
[\fB\-VAfile file\fR]
[\fB\-validity_period n\fR]
[\fB\-status_age n\fR]
@@ -177,17 +207,19 @@ ocsp \- Online Certificate Status Protocol utility
[\fB\-no_cert_checks\fR]
[\fB\-no_explicit\fR]
[\fB\-port num\fR]
+[\fB\-ignore_err\fR]
[\fB\-index file\fR]
[\fB\-CA file\fR]
[\fB\-rsigner file\fR]
[\fB\-rkey file\fR]
[\fB\-rother file\fR]
+[\fB\-rsigopt nm:v\fR]
[\fB\-resp_no_certs\fR]
[\fB\-nmin n\fR]
[\fB\-ndays n\fR]
[\fB\-resp_key_id\fR]
[\fB\-nrequest n\fR]
-[\fB\-md5|\-sha1|...\fR]
+[\fB\-\f(BIdigest\fB\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The Online Certificate Status Protocol (\s-1OCSP\s0) enables applications to
@@ -196,8 +228,15 @@ determine the (revocation) state of an identified certificate (\s-1RFC 2560\s0).
The \fBocsp\fR command performs many common \s-1OCSP\s0 tasks. It can be used
to print out requests and responses, create requests and send queries
to an \s-1OCSP\s0 responder and behave like a mini \s-1OCSP\s0 server itself.
-.SH "OCSP CLIENT OPTIONS"
-.IX Header "OCSP CLIENT OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+This command operates as either a client or a server.
+The options are described below, divided into those two modes.
+.SS "\s-1OCSP\s0 Client Options"
+.IX Subsection "OCSP Client Options"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
specify output filename, default is standard output.
@@ -230,126 +269,151 @@ Additional certificates to include in the signed request.
.IP "\fB\-nonce\fR, \fB\-no_nonce\fR" 4
.IX Item "-nonce, -no_nonce"
Add an \s-1OCSP\s0 nonce extension to a request or disable \s-1OCSP\s0 nonce addition.
-Normally if an \s-1OCSP\s0 request is input using the \fBrespin\fR option no
+Normally if an \s-1OCSP\s0 request is input using the \fBreqin\fR option no
nonce is added: using the \fBnonce\fR option will force addition of a nonce.
If an \s-1OCSP\s0 request is being created (using \fBcert\fR and \fBserial\fR options)
a nonce is automatically added specifying \fBno_nonce\fR overrides this.
.IP "\fB\-req_text\fR, \fB\-resp_text\fR, \fB\-text\fR" 4
.IX Item "-req_text, -resp_text, -text"
-print out the text form of the \s-1OCSP\s0 request, response or both respectively.
+Print out the text form of the \s-1OCSP\s0 request, response or both respectively.
.IP "\fB\-reqout file\fR, \fB\-respout file\fR" 4
.IX Item "-reqout file, -respout file"
-write out the \s-1DER\s0 encoded certificate request or response to \fBfile\fR.
+Write out the \s-1DER\s0 encoded certificate request or response to \fBfile\fR.
.IP "\fB\-reqin file\fR, \fB\-respin file\fR" 4
.IX Item "-reqin file, -respin file"
-read \s-1OCSP\s0 request or response file from \fBfile\fR. These option are ignored
+Read \s-1OCSP\s0 request or response file from \fBfile\fR. These option are ignored
if \s-1OCSP\s0 request or response creation is implied by other options (for example
with \fBserial\fR, \fBcert\fR and \fBhost\fR options).
.IP "\fB\-url responder_url\fR" 4
.IX Item "-url responder_url"
-specify the responder \s-1URL.\s0 Both \s-1HTTP\s0 and \s-1HTTPS\s0 (\s-1SSL/TLS\s0) URLs can be specified.
+Specify the responder \s-1URL.\s0 Both \s-1HTTP\s0 and \s-1HTTPS\s0 (\s-1SSL/TLS\s0) URLs can be specified.
.IP "\fB\-host hostname:port\fR, \fB\-path pathname\fR" 4
.IX Item "-host hostname:port, -path pathname"
-if the \fBhost\fR option is present then the \s-1OCSP\s0 request is sent to the host
+If the \fBhost\fR option is present then the \s-1OCSP\s0 request is sent to the host
\&\fBhostname\fR on port \fBport\fR. \fBpath\fR specifies the \s-1HTTP\s0 path name to use
-or \*(L"/\*(R" by default.
-.IP "\fB\-header name value\fR" 4
-.IX Item "-header name value"
-If sending a request to an \s-1OCSP\s0 server, then the specified header name and
-value are added to the \s-1HTTP\s0 request. Note that the \fBname\fR and \fBvalue\fR must
-be specified as two separate parameters, not as a single quoted string, and
-that the header name does not have the trailing colon.
-Some \s-1OCSP\s0 responders require a Host header; use this flag to provide it.
+or \*(L"/\*(R" by default. This is equivalent to specifying \fB\-url\fR with scheme
+http:// and the given hostname, port, and pathname.
+.IP "\fB\-header name=value\fR" 4
+.IX Item "-header name=value"
+Adds the header \fBname\fR with the specified \fBvalue\fR to the \s-1OCSP\s0 request
+that is sent to the responder.
+This may be repeated.
.IP "\fB\-timeout seconds\fR" 4
.IX Item "-timeout seconds"
-connection timeout to the \s-1OCSP\s0 responder in seconds
+Connection timeout to the \s-1OCSP\s0 responder in seconds.
+On \s-1POSIX\s0 systems, when running as an \s-1OCSP\s0 responder, this option also limits
+the time that the responder is willing to wait for the client request.
+This time is measured from the time the responder accepts the connection until
+the complete request is received.
+.IP "\fB\-multi process-count\fR" 4
+.IX Item "-multi process-count"
+Run the specified number of \s-1OCSP\s0 responder child processes, with the parent
+process respawning child processes as needed.
+Child processes will detect changes in the \s-1CA\s0 index file and automatically
+reload it.
+When running as a responder \fB\-timeout\fR option is recommended to limit the time
+each child is willing to wait for the client's \s-1OCSP\s0 response.
+This option is available on \s-1POSIX\s0 systems (that support the \fIfork()\fR and other
+required unix system-calls).
.IP "\fB\-CAfile file\fR, \fB\-CApath pathname\fR" 4
.IX Item "-CAfile file, -CApath pathname"
-file or pathname containing trusted \s-1CA\s0 certificates. These are used to verify
+File or pathname containing trusted \s-1CA\s0 certificates. These are used to verify
the signature on the \s-1OCSP\s0 response.
-.IP "\fB\-no_alt_chains\fR" 4
-.IX Item "-no_alt_chains"
-See \fBverify\fR manual page for details.
+.IP "\fB\-no\-CAfile\fR" 4
+.IX Item "-no-CAfile"
+Do not load the trusted \s-1CA\s0 certificates from the default file location
+.IP "\fB\-no\-CApath\fR" 4
+.IX Item "-no-CApath"
+Do not load the trusted \s-1CA\s0 certificates from the default directory location
+.IP "\fB\-attime\fR, \fB\-check_ss_sig\fR, \fB\-crl_check\fR, \fB\-crl_check_all\fR, \fB\-explicit_policy\fR, \fB\-extended_crl\fR, \fB\-ignore_critical\fR, \fB\-inhibit_any\fR, \fB\-inhibit_map\fR, \fB\-no_alt_chains\fR, \fB\-no_check_time\fR, \fB\-partial_chain\fR, \fB\-policy\fR, \fB\-policy_check\fR, \fB\-policy_print\fR, \fB\-purpose\fR, \fB\-suiteB_128\fR, \fB\-suiteB_128_only\fR, \fB\-suiteB_192\fR, \fB\-trusted_first\fR, \fB\-use_deltas\fR, \fB\-auth_level\fR, \fB\-verify_depth\fR, \fB\-verify_email\fR, \fB\-verify_hostname\fR, \fB\-verify_ip\fR, \fB\-verify_name\fR, \fB\-x509_strict\fR" 4
+.IX Item "-attime, -check_ss_sig, -crl_check, -crl_check_all, -explicit_policy, -extended_crl, -ignore_critical, -inhibit_any, -inhibit_map, -no_alt_chains, -no_check_time, -partial_chain, -policy, -policy_check, -policy_print, -purpose, -suiteB_128, -suiteB_128_only, -suiteB_192, -trusted_first, -use_deltas, -auth_level, -verify_depth, -verify_email, -verify_hostname, -verify_ip, -verify_name, -x509_strict"
+Set different certificate verification options.
+See \fIverify\fR\|(1) manual page for details.
.IP "\fB\-verify_other file\fR" 4
.IX Item "-verify_other file"
-file containing additional certificates to search when attempting to locate
+File containing additional certificates to search when attempting to locate
the \s-1OCSP\s0 response signing certificate. Some responders omit the actual signer's
certificate from the response: this option can be used to supply the necessary
certificate in such cases.
.IP "\fB\-trust_other\fR" 4
.IX Item "-trust_other"
-the certificates specified by the \fB\-verify_other\fR option should be explicitly
+The certificates specified by the \fB\-verify_other\fR option should be explicitly
trusted and no additional checks will be performed on them. This is useful
when the complete responder certificate chain is not available or trusting a
root \s-1CA\s0 is not appropriate.
.IP "\fB\-VAfile file\fR" 4
.IX Item "-VAfile file"
-file containing explicitly trusted responder certificates. Equivalent to the
+File containing explicitly trusted responder certificates. Equivalent to the
\&\fB\-verify_other\fR and \fB\-trust_other\fR options.
.IP "\fB\-noverify\fR" 4
.IX Item "-noverify"
-don't attempt to verify the \s-1OCSP\s0 response signature or the nonce values. This
-option will normally only be used for debugging since it disables all verification
-of the responders certificate.
+Don't attempt to verify the \s-1OCSP\s0 response signature or the nonce
+values. This option will normally only be used for debugging since it
+disables all verification of the responders certificate.
.IP "\fB\-no_intern\fR" 4
.IX Item "-no_intern"
-ignore certificates contained in the \s-1OCSP\s0 response when searching for the
+Ignore certificates contained in the \s-1OCSP\s0 response when searching for the
signers certificate. With this option the signers certificate must be specified
with either the \fB\-verify_other\fR or \fB\-VAfile\fR options.
.IP "\fB\-no_signature_verify\fR" 4
.IX Item "-no_signature_verify"
-don't check the signature on the \s-1OCSP\s0 response. Since this option tolerates invalid
-signatures on \s-1OCSP\s0 responses it will normally only be used for testing purposes.
+Don't check the signature on the \s-1OCSP\s0 response. Since this option
+tolerates invalid signatures on \s-1OCSP\s0 responses it will normally only be
+used for testing purposes.
.IP "\fB\-no_cert_verify\fR" 4
.IX Item "-no_cert_verify"
-don't verify the \s-1OCSP\s0 response signers certificate at all. Since this option allows
-the \s-1OCSP\s0 response to be signed by any certificate it should only be used for
-testing purposes.
+Don't verify the \s-1OCSP\s0 response signers certificate at all. Since this
+option allows the \s-1OCSP\s0 response to be signed by any certificate it should
+only be used for testing purposes.
.IP "\fB\-no_chain\fR" 4
.IX Item "-no_chain"
-do not use certificates in the response as additional untrusted \s-1CA\s0
+Do not use certificates in the response as additional untrusted \s-1CA\s0
certificates.
.IP "\fB\-no_explicit\fR" 4
.IX Item "-no_explicit"
-do not explicitly trust the root \s-1CA\s0 if it is set to be trusted for \s-1OCSP\s0 signing.
+Do not explicitly trust the root \s-1CA\s0 if it is set to be trusted for \s-1OCSP\s0 signing.
.IP "\fB\-no_cert_checks\fR" 4
.IX Item "-no_cert_checks"
-don't perform any additional checks on the \s-1OCSP\s0 response signers certificate.
+Don't perform any additional checks on the \s-1OCSP\s0 response signers certificate.
That is do not make any checks to see if the signers certificate is authorised
to provide the necessary status information: as a result this option should
only be used for testing purposes.
.IP "\fB\-validity_period nsec\fR, \fB\-status_age age\fR" 4
.IX Item "-validity_period nsec, -status_age age"
-these options specify the range of times, in seconds, which will be tolerated
-in an \s-1OCSP\s0 response. Each certificate status response includes a \fBnotBefore\fR time and
-an optional \fBnotAfter\fR time. The current time should fall between these two values, but
-the interval between the two times may be only a few seconds. In practice the \s-1OCSP\s0
-responder and clients clocks may not be precisely synchronised and so such a check
-may fail. To avoid this the \fB\-validity_period\fR option can be used to specify an
-acceptable error range in seconds, the default value is 5 minutes.
+These options specify the range of times, in seconds, which will be tolerated
+in an \s-1OCSP\s0 response. Each certificate status response includes a \fBnotBefore\fR
+time and an optional \fBnotAfter\fR time. The current time should fall between
+these two values, but the interval between the two times may be only a few
+seconds. In practice the \s-1OCSP\s0 responder and clients clocks may not be precisely
+synchronised and so such a check may fail. To avoid this the
+\&\fB\-validity_period\fR option can be used to specify an acceptable error range in
+seconds, the default value is 5 minutes.
.Sp
-If the \fBnotAfter\fR time is omitted from a response then this means that new status
-information is immediately available. In this case the age of the \fBnotBefore\fR field
-is checked to see it is not older than \fBage\fR seconds old. By default this additional
-check is not performed.
-.IP "\fB\-md5|\-sha1|\-sha256|\-ripemod160|...\fR" 4
-.IX Item "-md5|-sha1|-sha256|-ripemod160|..."
-this option sets digest algorithm to use for certificate identification
-in the \s-1OCSP\s0 request. By default \s-1SHA\-1\s0 is used.
-.SH "OCSP SERVER OPTIONS"
-.IX Header "OCSP SERVER OPTIONS"
+If the \fBnotAfter\fR time is omitted from a response then this means that new
+status information is immediately available. In this case the age of the
+\&\fBnotBefore\fR field is checked to see it is not older than \fBage\fR seconds old.
+By default this additional check is not performed.
+.IP "\fB\-\f(BIdigest\fB\fR" 4
+.IX Item "-digest"
+This option sets digest algorithm to use for certificate identification in the
+\&\s-1OCSP\s0 request. Any digest supported by the OpenSSL \fBdgst\fR command can be used.
+The default is \s-1SHA\-1.\s0 This option may be used multiple times to specify the
+digest used by subsequent certificate identifiers.
+.SS "\s-1OCSP\s0 Server Options"
+.IX Subsection "OCSP Server Options"
.IP "\fB\-index indexfile\fR" 4
.IX Item "-index indexfile"
-\&\fBindexfile\fR is a text index file in \fBca\fR format containing certificate revocation
-information.
+The \fBindexfile\fR parameter is the name of a text index file in \fBca\fR
+format containing certificate revocation information.
.Sp
-If the \fBindex\fR option is specified the \fBocsp\fR utility is in responder mode, otherwise
-it is in client mode. The request(s) the responder processes can be either specified on
-the command line (using \fBissuer\fR and \fBserial\fR options), supplied in a file (using the
-\&\fBrespin\fR option) or via external \s-1OCSP\s0 clients (if \fBport\fR or \fBurl\fR is specified).
+If the \fBindex\fR option is specified the \fBocsp\fR utility is in responder
+mode, otherwise it is in client mode. The request(s) the responder
+processes can be either specified on the command line (using \fBissuer\fR
+and \fBserial\fR options), supplied in a file (using the \fBreqin\fR option)
+or via external \s-1OCSP\s0 clients (if \fBport\fR or \fBurl\fR is specified).
.Sp
-If the \fBindex\fR option is present then the \fB\s-1CA\s0\fR and \fBrsigner\fR options must also be
-present.
+If the \fBindex\fR option is present then the \fB\s-1CA\s0\fR and \fBrsigner\fR options
+must also be present.
.IP "\fB\-CA file\fR" 4
.IX Item "-CA file"
\&\s-1CA\s0 certificate corresponding to the revocation information in \fBindexfile\fR.
@@ -364,23 +428,34 @@ Additional certificates to include in the \s-1OCSP\s0 response.
Don't include any certificates in the \s-1OCSP\s0 response.
.IP "\fB\-resp_key_id\fR" 4
.IX Item "-resp_key_id"
-Identify the signer certificate using the key \s-1ID,\s0 default is to use the subject name.
+Identify the signer certificate using the key \s-1ID,\s0 default is to use the
+subject name.
.IP "\fB\-rkey file\fR" 4
.IX Item "-rkey file"
-The private key to sign \s-1OCSP\s0 responses with: if not present the file specified in the
-\&\fBrsigner\fR option is used.
+The private key to sign \s-1OCSP\s0 responses with: if not present the file
+specified in the \fBrsigner\fR option is used.
+.IP "\fB\-rsigopt nm:v\fR" 4
+.IX Item "-rsigopt nm:v"
+Pass options to the signature algorithm when signing \s-1OCSP\s0 responses.
+Names and values of these options are algorithm-specific.
.IP "\fB\-port portnum\fR" 4
.IX Item "-port portnum"
-Port to listen for \s-1OCSP\s0 requests on. The port may also be specified using the \fBurl\fR
-option.
+Port to listen for \s-1OCSP\s0 requests on. The port may also be specified
+using the \fBurl\fR option.
+.IP "\fB\-ignore_err\fR" 4
+.IX Item "-ignore_err"
+Ignore malformed requests or responses: When acting as an \s-1OCSP\s0 client, retry if
+a malformed response is received. When acting as an \s-1OCSP\s0 responder, continue
+running instead of terminating upon receiving a malformed request.
.IP "\fB\-nrequest number\fR" 4
.IX Item "-nrequest number"
The \s-1OCSP\s0 server will exit after receiving \fBnumber\fR requests, default unlimited.
.IP "\fB\-nmin minutes\fR, \fB\-ndays days\fR" 4
.IX Item "-nmin minutes, -ndays days"
-Number of minutes or days when fresh revocation information is available: used in the
-\&\fBnextUpdate\fR field. If neither option is present then the \fBnextUpdate\fR field is
-omitted meaning fresh revocation information is immediately available.
+Number of minutes or days when fresh revocation information is available:
+used in the \fBnextUpdate\fR field. If neither option is present then the
+\&\fBnextUpdate\fR field is omitted meaning fresh revocation information is
+immediately available.
.SH "OCSP Response verification."
.IX Header "OCSP Response verification."
\&\s-1OCSP\s0 Response follows the rules specified in \s-1RFC2560.\s0
@@ -440,7 +515,7 @@ format of revocation is also inefficient for large quantities of revocation
data.
.PP
It is possible to run the \fBocsp\fR application in responder mode via a \s-1CGI\s0
-script using the \fBrespin\fR and \fBrespout\fR options.
+script using the \fBreqin\fR and \fBrespout\fR options.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
Create an \s-1OCSP\s0 request and write it to a file:
@@ -449,8 +524,8 @@ Create an \s-1OCSP\s0 request and write it to a file:
\& openssl ocsp \-issuer issuer.pem \-cert c1.pem \-cert c2.pem \-reqout req.der
.Ve
.PP
-Send a query to an \s-1OCSP\s0 responder with \s-1URL\s0 http://ocsp.myhost.com/ save the
-response to a file and print it out in text form
+Send a query to an \s-1OCSP\s0 responder with \s-1URL\s0 http://ocsp.myhost.com/ save the
+response to a file, print it out in text form, and verify the response:
.PP
.Vb 2
\& openssl ocsp \-issuer issuer.pem \-cert c1.pem \-cert c2.pem \e
@@ -460,7 +535,7 @@ response to a file and print it out in text form
Read in an \s-1OCSP\s0 response and print out text form:
.PP
.Vb 1
-\& openssl ocsp \-respin resp.der \-text
+\& openssl ocsp \-respin resp.der \-text \-noverify
.Ve
.PP
\&\s-1OCSP\s0 server on port 8888 using a standard \fBca\fR configuration, and a separate
@@ -478,15 +553,15 @@ As above but exit after processing one request:
\& \-nrequest 1
.Ve
.PP
-Query status information using internally generated request:
+Query status information using an internally generated request:
.PP
.Vb 2
\& openssl ocsp \-index demoCA/index.txt \-rsigner rcert.pem \-CA demoCA/cacert.pem
\& \-issuer demoCA/cacert.pem \-serial 1
.Ve
.PP
-Query status information using request read from a file, write response to a
-second file.
+Query status information using request read from a file, and write the response
+to a second file.
.PP
.Vb 2
\& openssl ocsp \-index demoCA/index.txt \-rsigner rcert.pem \-CA demoCA/cacert.pem
@@ -494,4 +569,12 @@ second file.
.Ve
.SH "HISTORY"
.IX Header "HISTORY"
-The \-no_alt_chains options was first added to OpenSSL 1.0.2b.
+The \-no_alt_chains options was first added to OpenSSL 1.1.0.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2001\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/openssl.1 b/secure/usr.bin/openssl/man/openssl.1
index f0b6837a3f36..e45cd31fc43d 100644
--- a/secure/usr.bin/openssl/man/openssl.1
+++ b/secure/usr.bin/openssl/man/openssl.1
@@ -129,7 +129,7 @@
.\" ========================================================================
.\"
.IX Title "OPENSSL 1"
-.TH OPENSSL 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH OPENSSL 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -143,7 +143,7 @@ openssl \- OpenSSL command line tool
[ \fIcommand_opts\fR ]
[ \fIcommand_args\fR ]
.PP
-\&\fBopenssl\fR [ \fBlist-standard-commands\fR | \fBlist-message-digest-commands\fR | \fBlist-cipher-commands\fR | \fBlist-cipher-algorithms\fR | \fBlist-message-digest-algorithms\fR | \fBlist-public-key-algorithms\fR]
+\&\fBopenssl\fR \fBlist\fR [ \fBstandard-commands\fR | \fBdigest-commands\fR | \fBcipher-commands\fR | \fBcipher-algorithms\fR | \fBdigest-algorithms\fR | \fBpublic-key-algorithms\fR]
.PP
\&\fBopenssl\fR \fBno\-\fR\fI\s-1XXX\s0\fR [ \fIarbitrary options\fR ]
.SH "DESCRIPTION"
@@ -153,13 +153,13 @@ v2/v3) and Transport Layer Security (\s-1TLS\s0 v1) network protocols and relate
cryptography standards required by them.
.PP
The \fBopenssl\fR program is a command line tool for using the various
-cryptography functions of OpenSSL's \fBcrypto\fR library from the shell.
+cryptography functions of OpenSSL's \fBcrypto\fR library from the shell.
It can be used for
.PP
.Vb 8
\& o Creation and management of private keys, public keys and parameters
\& o Public key cryptographic operations
-\& o Creation of X.509 certificates, CSRs and CRLs
+\& o Creation of X.509 certificates, CSRs and CRLs
\& o Calculation of Message Digests
\& o Encryption and Decryption with Ciphers
\& o SSL/TLS Client and Server Tests
@@ -172,22 +172,31 @@ The \fBopenssl\fR program provides a rich variety of commands (\fIcommand\fR in
\&\s-1SYNOPSIS\s0 above), each of which often has a wealth of options and arguments
(\fIcommand_opts\fR and \fIcommand_args\fR in the \s-1SYNOPSIS\s0).
.PP
-The pseudo-commands \fBlist-standard-commands\fR, \fBlist-message-digest-commands\fR,
-and \fBlist-cipher-commands\fR output a list (one entry per line) of the names
+Many commands use an external configuration file for some or all of their
+arguments and have a \fB\-config\fR option to specify that file.
+The environment variable \fB\s-1OPENSSL_CONF\s0\fR can be used to specify
+the location of the file.
+If the environment variable is not specified, then the file is named
+\&\fBopenssl.cnf\fR in the default certificate storage area, whose value
+depends on the configuration flags specified when the OpenSSL
+was built.
+.PP
+The list parameters \fBstandard-commands\fR, \fBdigest-commands\fR,
+and \fBcipher-commands\fR output a list (one entry per line) of the names
of all standard commands, message digest commands, or cipher commands,
respectively, that are available in the present \fBopenssl\fR utility.
.PP
-The pseudo-commands \fBlist-cipher-algorithms\fR and
-\&\fBlist-message-digest-algorithms\fR list all cipher and message digest names, one entry per line. Aliases are listed as:
+The list parameters \fBcipher-algorithms\fR and
+\&\fBdigest-algorithms\fR list all cipher and message digest names, one entry per line. Aliases are listed as:
.PP
.Vb 1
\& from => to
.Ve
.PP
-The pseudo-command \fBlist-public-key-algorithms\fR lists all supported public
+The list parameter \fBpublic-key-algorithms\fR lists all supported public
key algorithms.
.PP
-The pseudo-command \fBno\-\fR\fI\s-1XXX\s0\fR tests whether a command of the
+The command \fBno\-\fR\fI\s-1XXX\s0\fR tests whether a command of the
specified name is available. If no command named \fI\s-1XXX\s0\fR exists, it
returns 0 (success) and prints \fBno\-\fR\fI\s-1XXX\s0\fR; otherwise it returns 1
and prints \fI\s-1XXX\s0\fR. In both cases, the output goes to \fBstdout\fR and
@@ -196,118 +205,127 @@ are always ignored. Since for each cipher there is a command of the
same name, this provides an easy way for shell scripts to test for the
availability of ciphers in the \fBopenssl\fR program. (\fBno\-\fR\fI\s-1XXX\s0\fR is
not able to detect pseudo-commands such as \fBquit\fR,
-\&\fBlist\-\fR\fI...\fR\fB\-commands\fR, or \fBno\-\fR\fI\s-1XXX\s0\fR itself.)
-.SS "\s-1STANDARD COMMANDS\s0"
-.IX Subsection "STANDARD COMMANDS"
-.IP "\fBasn1parse\fR" 10
+\&\fBlist\fR, or \fBno\-\fR\fI\s-1XXX\s0\fR itself.)
+.SS "Standard Commands"
+.IX Subsection "Standard Commands"
+.IP "\fBasn1parse\fR" 4
.IX Item "asn1parse"
Parse an \s-1ASN.1\s0 sequence.
-.IP "\fBca\fR" 10
+.IP "\fBca\fR" 4
.IX Item "ca"
Certificate Authority (\s-1CA\s0) Management.
-.IP "\fBciphers\fR" 10
+.IP "\fBciphers\fR" 4
.IX Item "ciphers"
Cipher Suite Description Determination.
-.IP "\fBcms\fR" 10
+.IP "\fBcms\fR" 4
.IX Item "cms"
-\&\s-1CMS\s0 (Cryptographic Message Syntax) utility
-.IP "\fBcrl\fR" 10
+\&\s-1CMS\s0 (Cryptographic Message Syntax) utility.
+.IP "\fBcrl\fR" 4
.IX Item "crl"
Certificate Revocation List (\s-1CRL\s0) Management.
-.IP "\fBcrl2pkcs7\fR" 10
+.IP "\fBcrl2pkcs7\fR" 4
.IX Item "crl2pkcs7"
\&\s-1CRL\s0 to PKCS#7 Conversion.
-.IP "\fBdgst\fR" 10
+.IP "\fBdgst\fR" 4
.IX Item "dgst"
Message Digest Calculation.
-.IP "\fBdh\fR" 10
+.IP "\fBdh\fR" 4
.IX Item "dh"
Diffie-Hellman Parameter Management.
-Obsoleted by \fBdhparam\fR.
-.IP "\fBdhparam\fR" 10
+Obsoleted by \fIdhparam\fR\|(1).
+.IP "\fBdhparam\fR" 4
.IX Item "dhparam"
-Generation and Management of Diffie-Hellman Parameters. Superseded by
-\&\fBgenpkey\fR and \fBpkeyparam\fR
-.IP "\fBdsa\fR" 10
+Generation and Management of Diffie-Hellman Parameters. Superseded by
+\&\fIgenpkey\fR\|(1) and \fIpkeyparam\fR\|(1).
+.IP "\fBdsa\fR" 4
.IX Item "dsa"
\&\s-1DSA\s0 Data Management.
-.IP "\fBdsaparam\fR" 10
+.IP "\fBdsaparam\fR" 4
.IX Item "dsaparam"
-\&\s-1DSA\s0 Parameter Generation and Management. Superseded by
-\&\fBgenpkey\fR and \fBpkeyparam\fR
-.IP "\fBec\fR" 10
+\&\s-1DSA\s0 Parameter Generation and Management. Superseded by
+\&\fIgenpkey\fR\|(1) and \fIpkeyparam\fR\|(1).
+.IP "\fBec\fR" 4
.IX Item "ec"
-\&\s-1EC\s0 (Elliptic curve) key processing
-.IP "\fBecparam\fR" 10
+\&\s-1EC\s0 (Elliptic curve) key processing.
+.IP "\fBecparam\fR" 4
.IX Item "ecparam"
-\&\s-1EC\s0 parameter manipulation and generation
-.IP "\fBenc\fR" 10
+\&\s-1EC\s0 parameter manipulation and generation.
+.IP "\fBenc\fR" 4
.IX Item "enc"
Encoding with Ciphers.
-.IP "\fBengine\fR" 10
+.IP "\fBengine\fR" 4
.IX Item "engine"
-Engine (loadble module) information and manipulation.
-.IP "\fBerrstr\fR" 10
+Engine (loadable module) information and manipulation.
+.IP "\fBerrstr\fR" 4
.IX Item "errstr"
Error Number to Error String Conversion.
-.IP "\fBgendh\fR" 10
+.IP "\fBgendh\fR" 4
.IX Item "gendh"
Generation of Diffie-Hellman Parameters.
-Obsoleted by \fBdhparam\fR.
-.IP "\fBgendsa\fR" 10
+Obsoleted by \fIdhparam\fR\|(1).
+.IP "\fBgendsa\fR" 4
.IX Item "gendsa"
-Generation of \s-1DSA\s0 Private Key from Parameters. Superseded by
-\&\fBgenpkey\fR and \fBpkey\fR
-.IP "\fBgenpkey\fR" 10
+Generation of \s-1DSA\s0 Private Key from Parameters. Superseded by
+\&\fIgenpkey\fR\|(1) and \fIpkey\fR\|(1).
+.IP "\fBgenpkey\fR" 4
.IX Item "genpkey"
Generation of Private Key or Parameters.
-.IP "\fBgenrsa\fR" 10
+.IP "\fBgenrsa\fR" 4
.IX Item "genrsa"
-Generation of \s-1RSA\s0 Private Key. Superceded by \fBgenpkey\fR.
-.IP "\fBnseq\fR" 10
+Generation of \s-1RSA\s0 Private Key. Superseded by \fIgenpkey\fR\|(1).
+.IP "\fBnseq\fR" 4
.IX Item "nseq"
-Create or examine a netscape certificate sequence
-.IP "\fBocsp\fR" 10
+Create or examine a Netscape certificate sequence.
+.IP "\fBocsp\fR" 4
.IX Item "ocsp"
Online Certificate Status Protocol utility.
-.IP "\fBpasswd\fR" 10
+.IP "\fBpasswd\fR" 4
.IX Item "passwd"
Generation of hashed passwords.
-.IP "\fBpkcs12\fR" 10
+.IP "\fBpkcs12\fR" 4
.IX Item "pkcs12"
PKCS#12 Data Management.
-.IP "\fBpkcs7\fR" 10
+.IP "\fBpkcs7\fR" 4
.IX Item "pkcs7"
PKCS#7 Data Management.
-.IP "\fBpkey\fR" 10
+.IP "\fBpkcs8\fR" 4
+.IX Item "pkcs8"
+PKCS#8 format private key conversion tool.
+.IP "\fBpkey\fR" 4
.IX Item "pkey"
Public and private key management.
-.IP "\fBpkeyparam\fR" 10
+.IP "\fBpkeyparam\fR" 4
.IX Item "pkeyparam"
Public key algorithm parameter management.
-.IP "\fBpkeyutl\fR" 10
+.IP "\fBpkeyutl\fR" 4
.IX Item "pkeyutl"
Public key algorithm cryptographic operation utility.
-.IP "\fBrand\fR" 10
+.IP "\fBprime\fR" 4
+.IX Item "prime"
+Compute prime numbers.
+.IP "\fBrand\fR" 4
.IX Item "rand"
Generate pseudo-random bytes.
-.IP "\fBreq\fR" 10
+.IP "\fBrehash\fR" 4
+.IX Item "rehash"
+Create symbolic links to certificate and \s-1CRL\s0 files named by the hash values.
+.IP "\fBreq\fR" 4
.IX Item "req"
PKCS#10 X.509 Certificate Signing Request (\s-1CSR\s0) Management.
-.IP "\fBrsa\fR" 10
+.IP "\fBrsa\fR" 4
.IX Item "rsa"
\&\s-1RSA\s0 key management.
-.IP "\fBrsautl\fR" 10
+.IP "\fBrsautl\fR" 4
.IX Item "rsautl"
\&\s-1RSA\s0 utility for signing, verification, encryption, and decryption. Superseded
-by \fBpkeyutl\fR
-.IP "\fBs_client\fR" 10
+by \fIpkeyutl\fR\|(1).
+.IP "\fBs_client\fR" 4
.IX Item "s_client"
This implements a generic \s-1SSL/TLS\s0 client which can establish a transparent
connection to a remote server speaking \s-1SSL/TLS.\s0 It's intended for testing
purposes only and provides only rudimentary interface functionality but
internally uses mostly all functionality of the OpenSSL \fBssl\fR library.
-.IP "\fBs_server\fR" 10
+.IP "\fBs_server\fR" 4
.IX Item "s_server"
This implements a generic \s-1SSL/TLS\s0 server which accepts connections from remote
clients speaking \s-1SSL/TLS.\s0 It's intended for testing purposes only and provides
@@ -315,99 +333,141 @@ only rudimentary interface functionality but internally uses mostly all
functionality of the OpenSSL \fBssl\fR library. It provides both an own command
line oriented protocol for testing \s-1SSL\s0 functions and a simple \s-1HTTP\s0 response
facility to emulate an SSL/TLS\-aware webserver.
-.IP "\fBs_time\fR" 10
+.IP "\fBs_time\fR" 4
.IX Item "s_time"
\&\s-1SSL\s0 Connection Timer.
-.IP "\fBsess_id\fR" 10
+.IP "\fBsess_id\fR" 4
.IX Item "sess_id"
\&\s-1SSL\s0 Session Data Management.
-.IP "\fBsmime\fR" 10
+.IP "\fBsmime\fR" 4
.IX Item "smime"
S/MIME mail processing.
-.IP "\fBspeed\fR" 10
+.IP "\fBspeed\fR" 4
.IX Item "speed"
Algorithm Speed Measurement.
-.IP "\fBspkac\fR" 10
+.IP "\fBspkac\fR" 4
.IX Item "spkac"
-\&\s-1SPKAC\s0 printing and generating utility
-.IP "\fBts\fR" 10
+\&\s-1SPKAC\s0 printing and generating utility.
+.IP "\fBsrp\fR" 4
+.IX Item "srp"
+Maintain \s-1SRP\s0 password file.
+.IP "\fBstoreutl\fR" 4
+.IX Item "storeutl"
+Utility to list and display certificates, keys, CRLs, etc.
+.IP "\fBts\fR" 4
.IX Item "ts"
-Time Stamping Authority tool (client/server)
-.IP "\fBverify\fR" 10
+Time Stamping Authority tool (client/server).
+.IP "\fBverify\fR" 4
.IX Item "verify"
X.509 Certificate Verification.
-.IP "\fBversion\fR" 10
+.IP "\fBversion\fR" 4
.IX Item "version"
OpenSSL Version Information.
-.IP "\fBx509\fR" 10
+.IP "\fBx509\fR" 4
.IX Item "x509"
X.509 Certificate Data Management.
-.SS "\s-1MESSAGE DIGEST COMMANDS\s0"
-.IX Subsection "MESSAGE DIGEST COMMANDS"
-.IP "\fBmd2\fR" 10
+.SS "Message Digest Commands"
+.IX Subsection "Message Digest Commands"
+.IP "\fBblake2b512\fR" 4
+.IX Item "blake2b512"
+BLAKE2b\-512 Digest
+.IP "\fBblake2s256\fR" 4
+.IX Item "blake2s256"
+BLAKE2s\-256 Digest
+.IP "\fBmd2\fR" 4
.IX Item "md2"
\&\s-1MD2\s0 Digest
-.IP "\fBmd5\fR" 10
+.IP "\fBmd4\fR" 4
+.IX Item "md4"
+\&\s-1MD4\s0 Digest
+.IP "\fBmd5\fR" 4
.IX Item "md5"
\&\s-1MD5\s0 Digest
-.IP "\fBmdc2\fR" 10
+.IP "\fBmdc2\fR" 4
.IX Item "mdc2"
\&\s-1MDC2\s0 Digest
-.IP "\fBrmd160\fR" 10
+.IP "\fBrmd160\fR" 4
.IX Item "rmd160"
\&\s-1RMD\-160\s0 Digest
-.IP "\fBsha\fR" 10
-.IX Item "sha"
-\&\s-1SHA\s0 Digest
-.IP "\fBsha1\fR" 10
+.IP "\fBsha1\fR" 4
.IX Item "sha1"
\&\s-1SHA\-1\s0 Digest
-.IP "\fBsha224\fR" 10
+.IP "\fBsha224\fR" 4
.IX Item "sha224"
-\&\s-1SHA\-224\s0 Digest
-.IP "\fBsha256\fR" 10
+\&\s-1SHA\-2 224\s0 Digest
+.IP "\fBsha256\fR" 4
.IX Item "sha256"
-\&\s-1SHA\-256\s0 Digest
-.IP "\fBsha384\fR" 10
+\&\s-1SHA\-2 256\s0 Digest
+.IP "\fBsha384\fR" 4
.IX Item "sha384"
-\&\s-1SHA\-384\s0 Digest
-.IP "\fBsha512\fR" 10
+\&\s-1SHA\-2 384\s0 Digest
+.IP "\fBsha512\fR" 4
.IX Item "sha512"
-\&\s-1SHA\-512\s0 Digest
-.SS "\s-1ENCODING AND CIPHER COMMANDS\s0"
-.IX Subsection "ENCODING AND CIPHER COMMANDS"
-.IP "\fBbase64\fR" 10
+\&\s-1SHA\-2 512\s0 Digest
+.IP "\fBsha3\-224\fR" 4
+.IX Item "sha3-224"
+\&\s-1SHA\-3 224\s0 Digest
+.IP "\fBsha3\-256\fR" 4
+.IX Item "sha3-256"
+\&\s-1SHA\-3 256\s0 Digest
+.IP "\fBsha3\-384\fR" 4
+.IX Item "sha3-384"
+\&\s-1SHA\-3 384\s0 Digest
+.IP "\fBsha3\-512\fR" 4
+.IX Item "sha3-512"
+\&\s-1SHA\-3 512\s0 Digest
+.IP "\fBshake128\fR" 4
+.IX Item "shake128"
+\&\s-1SHA\-3 SHAKE128\s0 Digest
+.IP "\fBshake256\fR" 4
+.IX Item "shake256"
+\&\s-1SHA\-3 SHAKE256\s0 Digest
+.IP "\fBsm3\fR" 4
+.IX Item "sm3"
+\&\s-1SM3\s0 Digest
+.SS "Encoding and Cipher Commands"
+.IX Subsection "Encoding and Cipher Commands"
+.IP "\fBbase64\fR" 4
.IX Item "base64"
Base64 Encoding
-.IP "\fBbf bf-cbc bf-cfb bf-ecb bf-ofb\fR" 10
-.IX Item "bf bf-cbc bf-cfb bf-ecb bf-ofb"
+.IP "\fBbf\fR, \fBbf-cbc\fR, \fBbf-cfb\fR, \fBbf-ecb\fR, \fBbf-ofb\fR" 4
+.IX Item "bf, bf-cbc, bf-cfb, bf-ecb, bf-ofb"
Blowfish Cipher
-.IP "\fBcast cast-cbc\fR" 10
-.IX Item "cast cast-cbc"
+.IP "\fBcast\fR, \fBcast-cbc\fR" 4
+.IX Item "cast, cast-cbc"
\&\s-1CAST\s0 Cipher
-.IP "\fBcast5\-cbc cast5\-cfb cast5\-ecb cast5\-ofb\fR" 10
-.IX Item "cast5-cbc cast5-cfb cast5-ecb cast5-ofb"
+.IP "\fBcast5\-cbc\fR, \fBcast5\-cfb\fR, \fBcast5\-ecb\fR, \fBcast5\-ofb\fR" 4
+.IX Item "cast5-cbc, cast5-cfb, cast5-ecb, cast5-ofb"
\&\s-1CAST5\s0 Cipher
-.IP "\fBdes des-cbc des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb des-ede-ofb des-ofb\fR" 10
-.IX Item "des des-cbc des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb des-ede-ofb des-ofb"
+.IP "\fBdes\fR, \fBdes-cbc\fR, \fBdes-cfb\fR, \fBdes-ecb\fR, \fBdes-ede\fR, \fBdes-ede-cbc\fR, \fBdes-ede-cfb\fR, \fBdes-ede-ofb\fR, \fBdes-ofb\fR" 4
+.IX Item "des, des-cbc, des-cfb, des-ecb, des-ede, des-ede-cbc, des-ede-cfb, des-ede-ofb, des-ofb"
\&\s-1DES\s0 Cipher
-.IP "\fBdes3 desx des\-ede3 des\-ede3\-cbc des\-ede3\-cfb des\-ede3\-ofb\fR" 10
-.IX Item "des3 desx des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb"
+.IP "\fBdes3\fR, \fBdesx\fR, \fBdes\-ede3\fR, \fBdes\-ede3\-cbc\fR, \fBdes\-ede3\-cfb\fR, \fBdes\-ede3\-ofb\fR" 4
+.IX Item "des3, desx, des-ede3, des-ede3-cbc, des-ede3-cfb, des-ede3-ofb"
Triple-DES Cipher
-.IP "\fBidea idea-cbc idea-cfb idea-ecb idea-ofb\fR" 10
-.IX Item "idea idea-cbc idea-cfb idea-ecb idea-ofb"
+.IP "\fBidea\fR, \fBidea-cbc\fR, \fBidea-cfb\fR, \fBidea-ecb\fR, \fBidea-ofb\fR" 4
+.IX Item "idea, idea-cbc, idea-cfb, idea-ecb, idea-ofb"
\&\s-1IDEA\s0 Cipher
-.IP "\fBrc2 rc2\-cbc rc2\-cfb rc2\-ecb rc2\-ofb\fR" 10
-.IX Item "rc2 rc2-cbc rc2-cfb rc2-ecb rc2-ofb"
+.IP "\fBrc2\fR, \fBrc2\-cbc\fR, \fBrc2\-cfb\fR, \fBrc2\-ecb\fR, \fBrc2\-ofb\fR" 4
+.IX Item "rc2, rc2-cbc, rc2-cfb, rc2-ecb, rc2-ofb"
\&\s-1RC2\s0 Cipher
-.IP "\fBrc4\fR" 10
+.IP "\fBrc4\fR" 4
.IX Item "rc4"
\&\s-1RC4\s0 Cipher
-.IP "\fBrc5 rc5\-cbc rc5\-cfb rc5\-ecb rc5\-ofb\fR" 10
-.IX Item "rc5 rc5-cbc rc5-cfb rc5-ecb rc5-ofb"
+.IP "\fBrc5\fR, \fBrc5\-cbc\fR, \fBrc5\-cfb\fR, \fBrc5\-ecb\fR, \fBrc5\-ofb\fR" 4
+.IX Item "rc5, rc5-cbc, rc5-cfb, rc5-ecb, rc5-ofb"
\&\s-1RC5\s0 Cipher
-.SH "PASS PHRASE ARGUMENTS"
-.IX Header "PASS PHRASE ARGUMENTS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+Details of which options are available depend on the specific command.
+This section describes some common options with common behavior.
+.SS "Common Options"
+.IX Subsection "Common Options"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Provides a terse summary of all options.
+.SS "Pass Phrase Options"
+.IX Subsection "Pass Phrase Options"
Several commands accept password arguments, typically using \fB\-passin\fR
and \fB\-passout\fR for input and output passwords respectively. These allow
the password to be obtained from a variety of sources. Both of these
@@ -415,50 +475,61 @@ options take a single argument whose format is described below. If no
password argument is given and a password is required then the user is
prompted to enter one: this will typically be read from the current
terminal with echoing turned off.
-.IP "\fBpass:password\fR" 10
+.PP
+Note that character encoding may be relevant, please see
+\&\fIpassphrase\-encoding\fR\|(7).
+.IP "\fBpass:password\fR" 4
.IX Item "pass:password"
-the actual password is \fBpassword\fR. Since the password is visible
+The actual password is \fBpassword\fR. Since the password is visible
to utilities (like 'ps' under Unix) this form should only be used
where security is not important.
-.IP "\fBenv:var\fR" 10
+.IP "\fBenv:var\fR" 4
.IX Item "env:var"
-obtain the password from the environment variable \fBvar\fR. Since
+Obtain the password from the environment variable \fBvar\fR. Since
the environment of other processes is visible on certain platforms
(e.g. ps under certain Unix OSes) this option should be used with caution.
-.IP "\fBfile:pathname\fR" 10
+.IP "\fBfile:pathname\fR" 4
.IX Item "file:pathname"
-the first line of \fBpathname\fR is the password. If the same \fBpathname\fR
+The first line of \fBpathname\fR is the password. If the same \fBpathname\fR
argument is supplied to \fB\-passin\fR and \fB\-passout\fR arguments then the first
line will be used for the input password and the next line for the output
password. \fBpathname\fR need not refer to a regular file: it could for example
refer to a device or named pipe.
-.IP "\fBfd:number\fR" 10
+.IP "\fBfd:number\fR" 4
.IX Item "fd:number"
-read the password from the file descriptor \fBnumber\fR. This can be used to
+Read the password from the file descriptor \fBnumber\fR. This can be used to
send the data via a pipe for example.
-.IP "\fBstdin\fR" 10
+.IP "\fBstdin\fR" 4
.IX Item "stdin"
-read the password from standard input.
+Read the password from standard input.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
-\&\fIasn1parse\fR\|(1), \fIca\fR\|(1), \fIconfig\fR\|(5),
+\&\fIasn1parse\fR\|(1), \fIca\fR\|(1), \fIciphers\fR\|(1), \fIcms\fR\|(1), \fIconfig\fR\|(5),
\&\fIcrl\fR\|(1), \fIcrl2pkcs7\fR\|(1), \fIdgst\fR\|(1),
\&\fIdhparam\fR\|(1), \fIdsa\fR\|(1), \fIdsaparam\fR\|(1),
-\&\fIenc\fR\|(1), \fIgendsa\fR\|(1), \fIgenpkey\fR\|(1),
-\&\fIgenrsa\fR\|(1), \fInseq\fR\|(1), \fIopenssl\fR\|(1),
+\&\fIec\fR\|(1), \fIecparam\fR\|(1),
+\&\fIenc\fR\|(1), \fIengine\fR\|(1), \fIerrstr\fR\|(1), \fIgendsa\fR\|(1), \fIgenpkey\fR\|(1),
+\&\fIgenrsa\fR\|(1), \fInseq\fR\|(1), \fIocsp\fR\|(1),
\&\fIpasswd\fR\|(1),
\&\fIpkcs12\fR\|(1), \fIpkcs7\fR\|(1), \fIpkcs8\fR\|(1),
-\&\fIrand\fR\|(1), \fIreq\fR\|(1), \fIrsa\fR\|(1),
+\&\fIpkey\fR\|(1), \fIpkeyparam\fR\|(1), \fIpkeyutl\fR\|(1), \fIprime\fR\|(1),
+\&\fIrand\fR\|(1), \fIrehash\fR\|(1), \fIreq\fR\|(1), \fIrsa\fR\|(1),
\&\fIrsautl\fR\|(1), \fIs_client\fR\|(1),
-\&\fIs_server\fR\|(1), \fIs_time\fR\|(1),
-\&\fIsmime\fR\|(1), \fIspkac\fR\|(1),
+\&\fIs_server\fR\|(1), \fIs_time\fR\|(1), \fIsess_id\fR\|(1),
+\&\fIsmime\fR\|(1), \fIspeed\fR\|(1), \fIspkac\fR\|(1), \fIsrp\fR\|(1), \fIstoreutl\fR\|(1),
+\&\fIts\fR\|(1),
\&\fIverify\fR\|(1), \fIversion\fR\|(1), \fIx509\fR\|(1),
-\&\fIcrypto\fR\|(3), \fIssl\fR\|(3), \fIx509v3_config\fR\|(5)
+\&\fIcrypto\fR\|(7), \fIssl\fR\|(7), \fIx509v3_config\fR\|(5)
.SH "HISTORY"
.IX Header "HISTORY"
-The \fIopenssl\fR\|(1) document appeared in OpenSSL 0.9.2.
-The \fBlist\-\fR\fI\s-1XXX\s0\fR\fB\-commands\fR pseudo-commands were added in OpenSSL 0.9.3;
The \fBlist\-\fR\fI\s-1XXX\s0\fR\fB\-algorithms\fR pseudo-commands were added in OpenSSL 1.0.0;
-the \fBno\-\fR\fI\s-1XXX\s0\fR pseudo-commands were added in OpenSSL 0.9.5a.
For notes on the availability of other commands, see their individual
manual pages.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/passwd.1 b/secure/usr.bin/openssl/man/passwd.1
index c0419b1af5be..a01d9e4d28e8 100644
--- a/secure/usr.bin/openssl/man/passwd.1
+++ b/secure/usr.bin/openssl/man/passwd.1
@@ -129,26 +129,31 @@
.\" ========================================================================
.\"
.IX Title "PASSWD 1"
-.TH PASSWD 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH PASSWD 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-passwd,
-passwd \- compute password hashes
+openssl\-passwd, passwd \- compute password hashes
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl passwd\fR
+[\fB\-help\fR]
[\fB\-crypt\fR]
[\fB\-1\fR]
[\fB\-apr1\fR]
+[\fB\-aixmd5\fR]
+[\fB\-5\fR]
+[\fB\-6\fR]
[\fB\-salt\fR \fIstring\fR]
[\fB\-in\fR \fIfile\fR]
[\fB\-stdin\fR]
[\fB\-noverify\fR]
[\fB\-quiet\fR]
[\fB\-table\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
{\fIpassword\fR}
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
@@ -157,9 +162,12 @@ run-time or the hash of each password in a list. The password list is
taken from the named file for option \fB\-in file\fR, from stdin for
option \fB\-stdin\fR, or from the command line, or from the terminal otherwise.
The Unix standard algorithm \fBcrypt\fR and the MD5\-based \s-1BSD\s0 password
-algorithm \fB1\fR and its Apache variant \fBapr1\fR are available.
+algorithm \fB1\fR, its Apache variant \fBapr1\fR, and its \s-1AIX\s0 variant are available.
.SH "OPTIONS"
.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-crypt\fR" 4
.IX Item "-crypt"
Use the \fBcrypt\fR algorithm (default).
@@ -169,6 +177,17 @@ Use the \s-1MD5\s0 based \s-1BSD\s0 password algorithm \fB1\fR.
.IP "\fB\-apr1\fR" 4
.IX Item "-apr1"
Use the \fBapr1\fR algorithm (Apache variant of the \s-1BSD\s0 algorithm).
+.IP "\fB\-aixmd5\fR" 4
+.IX Item "-aixmd5"
+Use the \fB\s-1AIX MD5\s0\fR algorithm (\s-1AIX\s0 variant of the \s-1BSD\s0 algorithm).
+.IP "\fB\-5\fR" 4
+.IX Item "-5"
+.PD 0
+.IP "\fB\-6\fR" 4
+.IX Item "-6"
+.PD
+Use the \fB\s-1SHA256\s0\fR / \fB\s-1SHA512\s0\fR based algorithms defined by Ulrich Drepper.
+See <https://www.akkadia.org/drepper/SHA\-crypt.txt>.
.IP "\fB\-salt\fR \fIstring\fR" 4
.IX Item "-salt string"
Use the specified salt.
@@ -189,10 +208,37 @@ Don't output warnings when passwords given at the command line are truncated.
.IX Item "-table"
In the output list, prepend the cleartext password and a \s-1TAB\s0 character
to each password hash.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
+The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
+all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
-\&\fBopenssl passwd \-crypt \-salt xx password\fR prints \fBxxj31ZMTZzkVA\fR.
+.Vb 2
+\& % openssl passwd \-crypt \-salt xx password
+\& xxj31ZMTZzkVA
+\&
+\& % openssl passwd \-1 \-salt xxxxxxxx password
+\& $1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.
+\&
+\& % openssl passwd \-apr1 \-salt xxxxxxxx password
+\& $apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0
+\&
+\& % openssl passwd \-aixmd5 \-salt xxxxxxxx password
+\& xxxxxxxx$8Oaipk/GPKhC64w/YVeFD/
+.Ve
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
.PP
-\&\fBopenssl passwd \-1 \-salt xxxxxxxx password\fR prints \fB\f(CB$1\fB$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.\fR.
-.PP
-\&\fBopenssl passwd \-apr1 \-salt xxxxxxxx password\fR prints \fB\f(CB$apr1\fB$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0\fR.
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/pkcs12.1 b/secure/usr.bin/openssl/man/pkcs12.1
index d6b6851df98a..34d4f5559866 100644
--- a/secure/usr.bin/openssl/man/pkcs12.1
+++ b/secure/usr.bin/openssl/man/pkcs12.1
@@ -129,20 +129,20 @@
.\" ========================================================================
.\"
.IX Title "PKCS12 1"
-.TH PKCS12 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH PKCS12 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-pkcs12,
-pkcs12 \- PKCS#12 file utility
+openssl\-pkcs12, pkcs12 \- PKCS#12 file utility
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBpkcs12\fR
+[\fB\-help\fR]
[\fB\-export\fR]
[\fB\-chain\fR]
-[\fB\-inkey filename\fR]
+[\fB\-inkey file_or_id\fR]
[\fB\-certfile filename\fR]
[\fB\-name name\fR]
[\fB\-caname name\fR]
@@ -155,7 +155,7 @@ pkcs12 \- PKCS#12 file utility
[\fB\-cacerts\fR]
[\fB\-nokeys\fR]
[\fB\-info\fR]
-[\fB\-des | \-des3 | \-idea | \-aes128 | \-aes192 | \-aes256 | \-camellia128 | \-camellia192 | \-camellia256 | \-nodes\fR]
+[\fB\-des | \-des3 | \-idea | \-aes128 | \-aes192 | \-aes256 | \-aria128 | \-aria192 | \-aria256 | \-camellia128 | \-camellia192 | \-camellia256 | \-nodes\fR]
[\fB\-noiter\fR]
[\fB\-maciter | \-nomaciter | \-nomac\fR]
[\fB\-twopass\fR]
@@ -168,22 +168,28 @@ pkcs12 \- PKCS#12 file utility
[\fB\-password arg\fR]
[\fB\-passin arg\fR]
[\fB\-passout arg\fR]
-[\fB\-rand file(s)\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-CAfile file\fR]
[\fB\-CApath dir\fR]
+[\fB\-no\-CAfile\fR]
+[\fB\-no\-CApath\fR]
[\fB\-CSP name\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBpkcs12\fR command allows PKCS#12 files (sometimes referred to as
\&\s-1PFX\s0 files) to be created and parsed. PKCS#12 files are used by several
programs including Netscape, \s-1MSIE\s0 and \s-1MS\s0 Outlook.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
There are a lot of options the meaning of some depends of whether a PKCS#12 file
is being created or parsed. By default a PKCS#12 file is parsed. A PKCS#12
file can be created by using the \fB\-export\fR option (see below).
.SH "PARSING OPTIONS"
.IX Header "PARSING OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies filename of the PKCS#12 file to be parsed. Standard input is used
@@ -194,12 +200,12 @@ The filename to write certificates and private keys to, standard output by
default. They are all written in \s-1PEM\s0 format.
.IP "\fB\-passin arg\fR" 4
.IX Item "-passin arg"
-the PKCS#12 file (i.e. input file) password source. For more information about
+The PKCS#12 file (i.e. input file) password source. For more information about
the format of \fBarg\fR see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in
\&\fIopenssl\fR\|(1).
.IP "\fB\-passout arg\fR" 4
.IX Item "-passout arg"
-pass phrase source to encrypt any outputted private keys with. For more
+Pass phrase source to encrypt any outputted private keys with. For more
information about the format of \fBarg\fR see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section
in \fIopenssl\fR\|(1).
.IP "\fB\-password arg\fR" 4
@@ -208,48 +214,51 @@ With \-export, \-password is equivalent to \-passout.
Otherwise, \-password is equivalent to \-passin.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-this option inhibits output of the keys and certificates to the output file
+This option inhibits output of the keys and certificates to the output file
version of the PKCS#12 file.
.IP "\fB\-clcerts\fR" 4
.IX Item "-clcerts"
-only output client certificates (not \s-1CA\s0 certificates).
+Only output client certificates (not \s-1CA\s0 certificates).
.IP "\fB\-cacerts\fR" 4
.IX Item "-cacerts"
-only output \s-1CA\s0 certificates (not client certificates).
+Only output \s-1CA\s0 certificates (not client certificates).
.IP "\fB\-nocerts\fR" 4
.IX Item "-nocerts"
-no certificates at all will be output.
+No certificates at all will be output.
.IP "\fB\-nokeys\fR" 4
.IX Item "-nokeys"
-no private keys will be output.
+No private keys will be output.
.IP "\fB\-info\fR" 4
.IX Item "-info"
-output additional information about the PKCS#12 file structure, algorithms used and
-iteration counts.
+Output additional information about the PKCS#12 file structure, algorithms
+used and iteration counts.
.IP "\fB\-des\fR" 4
.IX Item "-des"
-use \s-1DES\s0 to encrypt private keys before outputting.
+Use \s-1DES\s0 to encrypt private keys before outputting.
.IP "\fB\-des3\fR" 4
.IX Item "-des3"
-use triple \s-1DES\s0 to encrypt private keys before outputting, this is the default.
+Use triple \s-1DES\s0 to encrypt private keys before outputting, this is the default.
.IP "\fB\-idea\fR" 4
.IX Item "-idea"
-use \s-1IDEA\s0 to encrypt private keys before outputting.
+Use \s-1IDEA\s0 to encrypt private keys before outputting.
.IP "\fB\-aes128\fR, \fB\-aes192\fR, \fB\-aes256\fR" 4
.IX Item "-aes128, -aes192, -aes256"
-use \s-1AES\s0 to encrypt private keys before outputting.
+Use \s-1AES\s0 to encrypt private keys before outputting.
+.IP "\fB\-aria128\fR, \fB\-aria192\fR, \fB\-aria256\fR" 4
+.IX Item "-aria128, -aria192, -aria256"
+Use \s-1ARIA\s0 to encrypt private keys before outputting.
.IP "\fB\-camellia128\fR, \fB\-camellia192\fR, \fB\-camellia256\fR" 4
.IX Item "-camellia128, -camellia192, -camellia256"
-use Camellia to encrypt private keys before outputting.
+Use Camellia to encrypt private keys before outputting.
.IP "\fB\-nodes\fR" 4
.IX Item "-nodes"
-don't encrypt the private keys at all.
+Don't encrypt the private keys at all.
.IP "\fB\-nomacver\fR" 4
.IX Item "-nomacver"
-don't attempt to verify the integrity \s-1MAC\s0 before reading the file.
+Don't attempt to verify the integrity \s-1MAC\s0 before reading the file.
.IP "\fB\-twopass\fR" 4
.IX Item "-twopass"
-prompt for separate integrity and encryption passwords: most software
+Prompt for separate integrity and encryption passwords: most software
always assumes these are the same so this option will render such
PKCS#12 files unreadable.
.SH "FILE CREATION OPTIONS"
@@ -268,10 +277,12 @@ The filename to read certificates and private keys from, standard input by
default. They must all be in \s-1PEM\s0 format. The order doesn't matter but one
private key and its corresponding certificate should be present. If additional
certificates are present they will also be included in the PKCS#12 file.
-.IP "\fB\-inkey filename\fR" 4
-.IX Item "-inkey filename"
-file to read private key from. If not present then a private key must be present
+.IP "\fB\-inkey file_or_id\fR" 4
+.IX Item "-inkey file_or_id"
+File to read private key from. If not present then a private key must be present
in the input file.
+If no engine is used, the argument is taken as a file; if an engine is
+specified, the argument is given to the engine as a key identifier.
.IP "\fB\-name friendlyname\fR" 4
.IX Item "-name friendlyname"
This specifies the \*(L"friendly name\*(R" for the certificate and private key. This
@@ -287,27 +298,27 @@ appear. Netscape ignores friendly names on other certificates whereas \s-1MSIE\s
displays them.
.IP "\fB\-pass arg\fR, \fB\-passout arg\fR" 4
.IX Item "-pass arg, -passout arg"
-the PKCS#12 file (i.e. output file) password source. For more information about
+The PKCS#12 file (i.e. output file) password source. For more information about
the format of \fBarg\fR see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in
\&\fIopenssl\fR\|(1).
.IP "\fB\-passin password\fR" 4
.IX Item "-passin password"
-pass phrase source to decrypt any input private keys with. For more information
+Pass phrase source to decrypt any input private keys with. For more information
about the format of \fBarg\fR see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in
\&\fIopenssl\fR\|(1).
.IP "\fB\-chain\fR" 4
.IX Item "-chain"
-if this option is present then an attempt is made to include the entire
+If this option is present then an attempt is made to include the entire
certificate chain of the user certificate. The standard \s-1CA\s0 store is used
for this search. If the search fails it is considered a fatal error.
.IP "\fB\-descert\fR" 4
.IX Item "-descert"
-encrypt the certificate using triple \s-1DES,\s0 this may render the PKCS#12
+Encrypt the certificate using triple \s-1DES,\s0 this may render the PKCS#12
file unreadable by some \*(L"export grade\*(R" software. By default the private
key is encrypted using triple \s-1DES\s0 and the certificate using 40 bit \s-1RC2.\s0
.IP "\fB\-keypbe alg\fR, \fB\-certpbe alg\fR" 4
.IX Item "-keypbe alg, -certpbe alg"
-these options allow the algorithm used to encrypt the private key and
+These options allow the algorithm used to encrypt the private key and
certificates to be selected. Any PKCS#5 v1.5 or PKCS#12 \s-1PBE\s0 algorithm name
can be used (see \fB\s-1NOTES\s0\fR section for more information). If a cipher name
(as output by the \fBlist-cipher-algorithms\fR command is specified then it
@@ -315,7 +326,7 @@ is used with PKCS#5 v2.0. For interoperability reasons it is advisable to only
use PKCS#12 algorithms.
.IP "\fB\-keyex|\-keysig\fR" 4
.IX Item "-keyex|-keysig"
-specifies that the private key is to be used for key exchange or just signing.
+Specifies that the private key is to be used for key exchange or just signing.
This option is only interpreted by \s-1MSIE\s0 and similar \s-1MS\s0 software. Normally
\&\*(L"export grade\*(R" software will only allow 512 bit \s-1RSA\s0 keys to be used for
encryption purposes but arbitrary length keys for signing. The \fB\-keysig\fR
@@ -325,10 +336,10 @@ authentication, however due to a bug only \s-1MSIE 5.0\s0 and later support
the use of signing only keys for \s-1SSL\s0 client authentication.
.IP "\fB\-macalg digest\fR" 4
.IX Item "-macalg digest"
-specify the \s-1MAC\s0 digest algorithm. If not included them \s-1SHA1\s0 will be used.
+Specify the \s-1MAC\s0 digest algorithm. If not included them \s-1SHA1\s0 will be used.
.IP "\fB\-nomaciter\fR, \fB\-noiter\fR" 4
.IX Item "-nomaciter, -noiter"
-these options affect the iteration counts on the \s-1MAC\s0 and key algorithms.
+These options affect the iteration counts on the \s-1MAC\s0 and key algorithms.
Unless you wish to produce files compatible with \s-1MSIE 4.0\s0 you should leave
these options alone.
.Sp
@@ -349,14 +360,18 @@ This option is included for compatibility with previous versions, it used
to be needed to use \s-1MAC\s0 iterations counts but they are now used by default.
.IP "\fB\-nomac\fR" 4
.IX Item "-nomac"
-don't attempt to provide the \s-1MAC\s0 integrity.
-.IP "\fB\-rand file(s)\fR" 4
-.IX Item "-rand file(s)"
-a file or files containing random data used to seed the random number
-generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
-Multiple files can be specified separated by a OS-dependent character.
+Don't attempt to provide the \s-1MAC\s0 integrity.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fB\-CAfile file\fR" 4
.IX Item "-CAfile file"
\&\s-1CA\s0 storage as a file.
@@ -365,9 +380,15 @@ all others.
\&\s-1CA\s0 storage as a directory. This directory must be a standard certificate
directory: that is a hash of each subject name (using \fBx509 \-hash\fR) should be
linked to each certificate.
+.IP "\fB\-no\-CAfile\fR" 4
+.IX Item "-no-CAfile"
+Do not load the trusted \s-1CA\s0 certificates from the default file location.
+.IP "\fB\-no\-CApath\fR" 4
+.IX Item "-no-CApath"
+Do not load the trusted \s-1CA\s0 certificates from the default directory location.
.IP "\fB\-CSP name\fR" 4
.IX Item "-CSP name"
-write \fBname\fR as a Microsoft \s-1CSP\s0 name.
+Write \fBname\fR as a Microsoft \s-1CSP\s0 name.
.SH "NOTES"
.IX Header "NOTES"
Although there are a large number of options most of them are very rarely
@@ -391,6 +412,16 @@ the defaults are fine but occasionally software can't handle triple \s-1DES\s0
encrypted private keys, then the option \fB\-keypbe \s-1PBE\-SHA1\-RC2\-40\s0\fR can
be used to reduce the private key encryption to 40 bit \s-1RC2. A\s0 complete
description of all algorithms is contained in the \fBpkcs8\fR manual page.
+.PP
+Prior 1.1 release passwords containing non-ASCII characters were encoded
+in non-compliant manner, which limited interoperability, in first hand
+with Windows. But switching to standard-compliant password encoding
+poses problem accessing old data protected with broken encoding. For
+this reason even legacy encodings is attempted when reading the
+data. If you use PKCS#12 files in production application you are advised
+to convert the data, because implemented heuristic approach is not
+MT-safe, its sole goal is to facilitate the data upgrade with this
+utility.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
Parse a PKCS#12 file and output it to a file:
@@ -429,31 +460,14 @@ Include some extra certificates:
\& openssl pkcs12 \-export \-in file.pem \-out file.p12 \-name "My Certificate" \e
\& \-certfile othercerts.pem
.Ve
-.SH "BUGS"
-.IX Header "BUGS"
-Some would argue that the PKCS#12 standard is one big bug :\-)
-.PP
-Versions of OpenSSL before 0.9.6a had a bug in the PKCS#12 key generation
-routines. Under rare circumstances this could produce a PKCS#12 file encrypted
-with an invalid key. As a result some PKCS#12 files which triggered this bug
-from other implementations (\s-1MSIE\s0 or Netscape) could not be decrypted
-by OpenSSL and similarly OpenSSL could produce PKCS#12 files which could
-not be decrypted by other implementations. The chances of producing such
-a file are relatively small: less than 1 in 256.
-.PP
-A side effect of fixing this bug is that any old invalidly encrypted PKCS#12
-files cannot no longer be parsed by the fixed version. Under such circumstances
-the \fBpkcs12\fR utility will report that the \s-1MAC\s0 is \s-1OK\s0 but fail with a decryption
-error when extracting private keys.
-.PP
-This problem can be resolved by extracting the private keys and certificates
-from the PKCS#12 file using an older version of OpenSSL and recreating the PKCS#12
-file from the keys and certificates using a newer version of OpenSSL. For example:
-.PP
-.Vb 2
-\& old\-openssl \-in bad.p12 \-out keycerts.pem
-\& openssl \-in keycerts.pem \-export \-name "My PKCS#12 file" \-out fixed.p12
-.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIpkcs8\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/pkcs7.1 b/secure/usr.bin/openssl/man/pkcs7.1
index 3e0fcee9f20e..0b2be258a231 100644
--- a/secure/usr.bin/openssl/man/pkcs7.1
+++ b/secure/usr.bin/openssl/man/pkcs7.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "PKCS7 1"
-.TH PKCS7 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH PKCS7 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-pkcs7,
-pkcs7 \- PKCS#7 utility
+openssl\-pkcs7, pkcs7 \- PKCS#7 utility
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBpkcs7\fR
+[\fB\-help\fR]
[\fB\-inform PEM|DER\fR]
[\fB\-outform PEM|DER\fR]
[\fB\-in filename\fR]
@@ -151,8 +151,11 @@ pkcs7 \- PKCS#7 utility
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBpkcs7\fR command processes PKCS#7 files in \s-1DER\s0 or \s-1PEM\s0 format.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform DER|PEM\fR" 4
.IX Item "-inform DER|PEM"
This specifies the input format. \fB\s-1DER\s0\fR format is \s-1DER\s0 encoded PKCS#7
@@ -160,31 +163,31 @@ v1.5 structure.\fB\s-1PEM\s0\fR (the default) is a base64 encoded version of
the \s-1DER\s0 form with header and footer lines.
.IP "\fB\-outform DER|PEM\fR" 4
.IX Item "-outform DER|PEM"
-This specifies the output format, the options have the same meaning as the
-\&\fB\-inform\fR option.
+This specifies the output format, the options have the same meaning and default
+as the \fB\-inform\fR option.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read from or standard input if this
option is not specified.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-specifies the output filename to write to or standard output by
+Specifies the output filename to write to or standard output by
default.
.IP "\fB\-print_certs\fR" 4
.IX Item "-print_certs"
-prints out any certificates or CRLs contained in the file. They are
+Prints out any certificates or CRLs contained in the file. They are
preceded by their subject and issuer names in one line format.
.IP "\fB\-text\fR" 4
.IX Item "-text"
-prints out certificates details in full rather than just subject and
+Prints out certificates details in full rather than just subject and
issuer names.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-don't output the encoded version of the PKCS#7 structure (or certificates
+Don't output the encoded version of the PKCS#7 structure (or certificates
is \fB\-print_certs\fR is set).
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBpkcs7\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBpkcs7\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
@@ -220,8 +223,16 @@ For compatibility with some CAs it will also accept:
.IX Header "RESTRICTIONS"
There is no option to print out all the fields of a PKCS#7 file.
.PP
-This PKCS#7 routines only understand PKCS#7 v 1.5 as specified in \s-1RFC2315\s0 they
+This PKCS#7 routines only understand PKCS#7 v 1.5 as specified in \s-1RFC2315\s0 they
cannot currently parse, for example, the new \s-1CMS\s0 as described in \s-1RFC2630.\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIcrl2pkcs7\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/pkcs8.1 b/secure/usr.bin/openssl/man/pkcs8.1
index 9a74c124ce34..da5edfc5b9ca 100644
--- a/secure/usr.bin/openssl/man/pkcs8.1
+++ b/secure/usr.bin/openssl/man/pkcs8.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "PKCS8 1"
-.TH PKCS8 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH PKCS8 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-pkcs8,
-pkcs8 \- PKCS#8 format private key conversion tool
+openssl\-pkcs8, pkcs8 \- PKCS#8 format private key conversion tool
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBpkcs8\fR
+[\fB\-help\fR]
[\fB\-topk8\fR]
[\fB\-inform PEM|DER\fR]
[\fB\-outform PEM|DER\fR]
@@ -147,38 +147,47 @@ pkcs8 \- PKCS#8 format private key conversion tool
[\fB\-passin arg\fR]
[\fB\-out filename\fR]
[\fB\-passout arg\fR]
+[\fB\-iter count\fR]
[\fB\-noiter\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-nocrypt\fR]
-[\fB\-nooct\fR]
-[\fB\-embed\fR]
-[\fB\-nsdb\fR]
+[\fB\-traditional\fR]
[\fB\-v2 alg\fR]
[\fB\-v2prf alg\fR]
[\fB\-v1 alg\fR]
[\fB\-engine id\fR]
+[\fB\-scrypt\fR]
+[\fB\-scrypt_N N\fR]
+[\fB\-scrypt_r r\fR]
+[\fB\-scrypt_p p\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBpkcs8\fR command processes private keys in PKCS#8 format. It can handle
both unencrypted PKCS#8 PrivateKeyInfo format and EncryptedPrivateKeyInfo
format with a variety of PKCS#5 (v1.5 and v2.0) and PKCS#12 algorithms.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-topk8\fR" 4
.IX Item "-topk8"
-Normally a PKCS#8 private key is expected on input and a traditional format
-private key will be written. With the \fB\-topk8\fR option the situation is
-reversed: it reads a traditional format private key and writes a PKCS#8
-format key.
+Normally a PKCS#8 private key is expected on input and a private key will be
+written to the output file. With the \fB\-topk8\fR option the situation is
+reversed: it reads a private key and writes a PKCS#8 format key.
.IP "\fB\-inform DER|PEM\fR" 4
.IX Item "-inform DER|PEM"
-This specifies the input format. If a PKCS#8 format key is expected on input
-then either a \fB\s-1DER\s0\fR or \fB\s-1PEM\s0\fR encoded version of a PKCS#8 key will be
-expected. Otherwise the \fB\s-1DER\s0\fR or \fB\s-1PEM\s0\fR format of the traditional format
-private key is used.
+This specifies the input format: see \*(L"\s-1KEY FORMATS\*(R"\s0 for more details. The default
+format is \s-1PEM.\s0
.IP "\fB\-outform DER|PEM\fR" 4
.IX Item "-outform DER|PEM"
-This specifies the output format, the options have the same meaning as the
-\&\fB\-inform\fR option.
+This specifies the output format: see \*(L"\s-1KEY FORMATS\*(R"\s0 for more details. The default
+format is \s-1PEM.\s0
+.IP "\fB\-traditional\fR" 4
+.IX Item "-traditional"
+When this option is present and \fB\-topk8\fR is not a traditional format private
+key is written.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read a key from or standard input if this
@@ -186,7 +195,7 @@ option is not specified. If the key is encrypted a pass phrase will be
prompted for.
.IP "\fB\-passin arg\fR" 4
.IX Item "-passin arg"
-the input file password source. For more information about the format of \fBarg\fR
+The input file password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
@@ -196,8 +205,13 @@ prompted for. The output filename should \fBnot\fR be the same as the input
filename.
.IP "\fB\-passout arg\fR" 4
.IX Item "-passout arg"
-the output file password source. For more information about the format of \fBarg\fR
+The output file password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
+.IP "\fB\-iter count\fR" 4
+.IX Item "-iter count"
+When creating new PKCS#8 containers, use a given number of iterations on
+the password in deriving the encryption key for the PKCS#8 output.
+High values increase the time required to brute-force a PKCS#8 container.
.IP "\fB\-nocrypt\fR" 4
.IX Item "-nocrypt"
PKCS#8 keys generated or input are normally PKCS#8 EncryptedPrivateKeyInfo
@@ -206,53 +220,81 @@ this option an unencrypted PrivateKeyInfo structure is expected or output.
This option does not encrypt private keys at all and should only be used
when absolutely necessary. Certain software such as some versions of Java
code signing software used unencrypted private keys.
-.IP "\fB\-nooct\fR" 4
-.IX Item "-nooct"
-This option generates \s-1RSA\s0 private keys in a broken format that some software
-uses. Specifically the private key should be enclosed in a \s-1OCTET STRING\s0
-but some software just includes the structure itself without the
-surrounding \s-1OCTET STRING.\s0
-.IP "\fB\-embed\fR" 4
-.IX Item "-embed"
-This option generates \s-1DSA\s0 keys in a broken format. The \s-1DSA\s0 parameters are
-embedded inside the PrivateKey structure. In this form the \s-1OCTET STRING\s0
-contains an \s-1ASN1 SEQUENCE\s0 consisting of two structures: a \s-1SEQUENCE\s0 containing
-the parameters and an \s-1ASN1 INTEGER\s0 containing the private key.
-.IP "\fB\-nsdb\fR" 4
-.IX Item "-nsdb"
-This option generates \s-1DSA\s0 keys in a broken format compatible with Netscape
-private key databases. The PrivateKey contains a \s-1SEQUENCE\s0 consisting of
-the public and private keys respectively.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
+The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
+all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fB\-v2 alg\fR" 4
.IX Item "-v2 alg"
-This option enables the use of PKCS#5 v2.0 algorithms. Normally PKCS#8
-private keys are encrypted with the password based encryption algorithm
-called \fBpbeWithMD5AndDES\-CBC\fR this uses 56 bit \s-1DES\s0 encryption but it
-was the strongest encryption algorithm supported in PKCS#5 v1.5. Using
-the \fB\-v2\fR option PKCS#5 v2.0 algorithms are used which can use any
-encryption algorithm such as 168 bit triple \s-1DES\s0 or 128 bit \s-1RC2\s0 however
-not many implementations support PKCS#5 v2.0 yet. If you are just using
-private keys with OpenSSL then this doesn't matter.
+This option sets the PKCS#5 v2.0 algorithm.
.Sp
The \fBalg\fR argument is the encryption algorithm to use, valid values include
-\&\fBdes\fR, \fBdes3\fR and \fBrc2\fR. It is recommended that \fBdes3\fR is used.
+\&\fBaes128\fR, \fBaes256\fR and \fBdes3\fR. If this option isn't specified then \fBaes256\fR
+is used.
.IP "\fB\-v2prf alg\fR" 4
.IX Item "-v2prf alg"
This option sets the \s-1PRF\s0 algorithm to use with PKCS#5 v2.0. A typical value
-values would be \fBhmacWithSHA256\fR. If this option isn't set then the default
-for the cipher is used or \fBhmacWithSHA1\fR if there is no default.
+value would be \fBhmacWithSHA256\fR. If this option isn't set then the default
+for the cipher is used or \fBhmacWithSHA256\fR if there is no default.
+.Sp
+Some implementations may not support custom \s-1PRF\s0 algorithms and may require
+the \fBhmacWithSHA1\fR option to work.
.IP "\fB\-v1 alg\fR" 4
.IX Item "-v1 alg"
-This option specifies a PKCS#5 v1.5 or PKCS#12 algorithm to use. A complete
-list of possible algorithms is included below.
+This option indicates a PKCS#5 v1.5 or PKCS#12 algorithm should be used. Some
+older implementations may not support PKCS#5 v2.0 and may require this option.
+If not specified PKCS#5 v2.0 form is used.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBpkcs8\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBpkcs8\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
+.IP "\fB\-scrypt\fR" 4
+.IX Item "-scrypt"
+Uses the \fBscrypt\fR algorithm for private key encryption using default
+parameters: currently N=16384, r=8 and p=1 and \s-1AES\s0 in \s-1CBC\s0 mode with a 256 bit
+key. These parameters can be modified using the \fB\-scrypt_N\fR, \fB\-scrypt_r\fR,
+\&\fB\-scrypt_p\fR and \fB\-v2\fR options.
+.IP "\fB\-scrypt_N N\fR \fB\-scrypt_r r\fR \fB\-scrypt_p p\fR" 4
+.IX Item "-scrypt_N N -scrypt_r r -scrypt_p p"
+Sets the scrypt \fBN\fR, \fBr\fR or \fBp\fR parameters.
+.SH "KEY FORMATS"
+.IX Header "KEY FORMATS"
+Various different formats are used by the pkcs8 utility. These are detailed
+below.
+.PP
+If a key is being converted from PKCS#8 form (i.e. the \fB\-topk8\fR option is
+not used) then the input file must be in PKCS#8 format. An encrypted
+key is expected unless \fB\-nocrypt\fR is included.
+.PP
+If \fB\-topk8\fR is not used and \fB\s-1PEM\s0\fR mode is set the output file will be an
+unencrypted private key in PKCS#8 format. If the \fB\-traditional\fR option is
+used then a traditional format private key is written instead.
+.PP
+If \fB\-topk8\fR is not used and \fB\s-1DER\s0\fR mode is set the output file will be an
+unencrypted private key in traditional \s-1DER\s0 format.
+.PP
+If \fB\-topk8\fR is used then any supported private key can be used for the input
+file in a format specified by \fB\-inform\fR. The output file will be encrypted
+PKCS#8 format using the specified encryption parameters unless \fB\-nocrypt\fR
+is included.
.SH "NOTES"
.IX Header "NOTES"
+By default, when converting a key to PKCS#8 format, PKCS#5 v2.0 using 256 bit
+\&\s-1AES\s0 with \s-1HMAC\s0 and \s-1SHA256\s0 is used.
+.PP
+Some older implementations do not support PKCS#5 v2.0 format and require
+the older PKCS#5 v1.5 form instead, possibly also requiring insecure weak
+encryption algorithms such as 56 bit \s-1DES.\s0
+.PP
The encrypted form of a \s-1PEM\s0 encode PKCS#8 files uses the following
headers and footers:
.PP
@@ -273,13 +315,6 @@ counts are more secure that those encrypted using the traditional
SSLeay compatible formats. So if additional security is considered
important the keys should be converted.
.PP
-The default encryption is only 56 bits because this is the encryption
-that most current implementations of PKCS#8 will support.
-.PP
-Some software may use PKCS#12 password based encryption algorithms
-with PKCS#8 format private keys: these are handled automatically
-but there is no option to produce them.
-.PP
It is possible to write out \s-1DER\s0 encoded encrypted private keys in
PKCS#8 format because the encryption details are included at an \s-1ASN1\s0
level whereas the traditional format includes them at a \s-1PEM\s0 level.
@@ -292,37 +327,49 @@ below.
.IX Item "PBE-MD2-DES PBE-MD5-DES"
These algorithms were included in the original PKCS#5 v1.5 specification.
They only offer 56 bits of protection since they both use \s-1DES.\s0
-.IP "\fB\s-1PBE\-SHA1\-RC2\-64 PBE\-MD2\-RC2\-64 PBE\-MD5\-RC2\-64 PBE\-SHA1\-DES\s0\fR" 4
-.IX Item "PBE-SHA1-RC2-64 PBE-MD2-RC2-64 PBE-MD5-RC2-64 PBE-SHA1-DES"
+.IP "\fB\s-1PBE\-SHA1\-RC2\-64\s0\fR, \fB\s-1PBE\-MD2\-RC2\-64\s0\fR, \fB\s-1PBE\-MD5\-RC2\-64\s0\fR, \fB\s-1PBE\-SHA1\-DES\s0\fR" 4
+.IX Item "PBE-SHA1-RC2-64, PBE-MD2-RC2-64, PBE-MD5-RC2-64, PBE-SHA1-DES"
These algorithms are not mentioned in the original PKCS#5 v1.5 specification
but they use the same key derivation algorithm and are supported by some
software. They are mentioned in PKCS#5 v2.0. They use either 64 bit \s-1RC2\s0 or
56 bit \s-1DES.\s0
-.IP "\fB\s-1PBE\-SHA1\-RC4\-128 PBE\-SHA1\-RC4\-40 PBE\-SHA1\-3DES PBE\-SHA1\-2DES PBE\-SHA1\-RC2\-128 PBE\-SHA1\-RC2\-40\s0\fR" 4
-.IX Item "PBE-SHA1-RC4-128 PBE-SHA1-RC4-40 PBE-SHA1-3DES PBE-SHA1-2DES PBE-SHA1-RC2-128 PBE-SHA1-RC2-40"
+.IP "\fB\s-1PBE\-SHA1\-RC4\-128\s0\fR, \fB\s-1PBE\-SHA1\-RC4\-40\s0\fR, \fB\s-1PBE\-SHA1\-3DES\s0\fR, \fB\s-1PBE\-SHA1\-2DES\s0\fR, \fB\s-1PBE\-SHA1\-RC2\-128\s0\fR, \fB\s-1PBE\-SHA1\-RC2\-40\s0\fR" 4
+.IX Item "PBE-SHA1-RC4-128, PBE-SHA1-RC4-40, PBE-SHA1-3DES, PBE-SHA1-2DES, PBE-SHA1-RC2-128, PBE-SHA1-RC2-40"
These algorithms use the PKCS#12 password based encryption algorithm and
allow strong encryption algorithms like triple \s-1DES\s0 or 128 bit \s-1RC2\s0 to be used.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
-Convert a private from traditional to PKCS#5 v2.0 format using triple
-\&\s-1DES:\s0
+Convert a private key to PKCS#8 format using default parameters (\s-1AES\s0 with
+256 bit key and \fBhmacWithSHA256\fR):
+.PP
+.Vb 1
+\& openssl pkcs8 \-in key.pem \-topk8 \-out enckey.pem
+.Ve
+.PP
+Convert a private key to PKCS#8 unencrypted format:
+.PP
+.Vb 1
+\& openssl pkcs8 \-in key.pem \-topk8 \-nocrypt \-out enckey.pem
+.Ve
+.PP
+Convert a private key to PKCS#5 v2.0 format using triple \s-1DES:\s0
.PP
.Vb 1
\& openssl pkcs8 \-in key.pem \-topk8 \-v2 des3 \-out enckey.pem
.Ve
.PP
-Convert a private from traditional to PKCS#5 v2.0 format using \s-1AES\s0 with
-256 bits in \s-1CBC\s0 mode and \fBhmacWithSHA256\fR \s-1PRF:\s0
+Convert a private key to PKCS#5 v2.0 format using \s-1AES\s0 with 256 bits in \s-1CBC\s0
+mode and \fBhmacWithSHA512\fR \s-1PRF:\s0
.PP
.Vb 1
-\& openssl pkcs8 \-in key.pem \-topk8 \-v2 aes\-256\-cbc \-v2prf hmacWithSHA256 \-out enckey.pem
+\& openssl pkcs8 \-in key.pem \-topk8 \-v2 aes\-256\-cbc \-v2prf hmacWithSHA512 \-out enckey.pem
.Ve
.PP
Convert a private key to PKCS#8 using a PKCS#5 1.5 compatible algorithm
(\s-1DES\s0):
.PP
.Vb 1
-\& openssl pkcs8 \-in key.pem \-topk8 \-out enckey.pem
+\& openssl pkcs8 \-in key.pem \-topk8 \-v1 PBE\-MD5\-DES \-out enckey.pem
.Ve
.PP
Convert a private key to PKCS#8 using a PKCS#12 compatible algorithm
@@ -338,10 +385,17 @@ Read a \s-1DER\s0 unencrypted PKCS#8 format private key:
\& openssl pkcs8 \-inform DER \-nocrypt \-in key.der \-out key.pem
.Ve
.PP
-Convert a private key from any PKCS#8 format to traditional format:
+Convert a private key from any PKCS#8 encrypted format to traditional format:
.PP
.Vb 1
-\& openssl pkcs8 \-in pk8.pem \-out key.pem
+\& openssl pkcs8 \-in pk8.pem \-traditional \-out key.pem
+.Ve
+.PP
+Convert a private key to PKCS#8 format, encrypting with \s-1AES\-256\s0 and with
+one million iterations of the password:
+.PP
+.Vb 1
+\& openssl pkcs8 \-in key.pem \-topk8 \-v2 aes\-256\-cbc \-iter 1000000 \-out pk8.pem
.Ve
.SH "STANDARDS"
.IX Header "STANDARDS"
@@ -359,11 +413,18 @@ PKCS#8 private key format complies with this standard.
.IX Header "BUGS"
There should be an option that prints out the encryption algorithm
in use and other details such as the iteration count.
-.PP
-PKCS#8 using triple \s-1DES\s0 and PKCS#5 v2.0 should be the default private
-key format for OpenSSL: for compatibility several of the utilities use
-the old format at present.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIdsa\fR\|(1), \fIrsa\fR\|(1), \fIgenrsa\fR\|(1),
\&\fIgendsa\fR\|(1)
+.SH "HISTORY"
+.IX Header "HISTORY"
+The \fB\-iter\fR option was added to OpenSSL 1.1.0.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/pkey.1 b/secure/usr.bin/openssl/man/pkey.1
index 797329601894..c5d6ce0e139f 100644
--- a/secure/usr.bin/openssl/man/pkey.1
+++ b/secure/usr.bin/openssl/man/pkey.1
@@ -129,43 +129,49 @@
.\" ========================================================================
.\"
.IX Title "PKEY 1"
-.TH PKEY 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH PKEY 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-pkey,
-pkey \- public or private key processing tool
+openssl\-pkey, pkey \- public or private key processing tool
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBpkey\fR
+[\fB\-help\fR]
[\fB\-inform PEM|DER\fR]
[\fB\-outform PEM|DER\fR]
[\fB\-in filename\fR]
[\fB\-passin arg\fR]
[\fB\-out filename\fR]
[\fB\-passout arg\fR]
-[\fB\-cipher\fR]
+[\fB\-traditional\fR]
+[\fB\-\f(BIcipher\fB\fR]
[\fB\-text\fR]
[\fB\-text_pub\fR]
[\fB\-noout\fR]
[\fB\-pubin\fR]
[\fB\-pubout\fR]
[\fB\-engine id\fR]
+[\fB\-check\fR]
+[\fB\-pubcheck\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBpkey\fR command processes public or private keys. They can be converted
between various forms and their components printed out.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform DER|PEM\fR" 4
.IX Item "-inform DER|PEM"
-This specifies the input format \s-1DER\s0 or \s-1PEM.\s0
+This specifies the input format \s-1DER\s0 or \s-1PEM.\s0 The default format is \s-1PEM.\s0
.IP "\fB\-outform DER|PEM\fR" 4
.IX Item "-outform DER|PEM"
-This specifies the output format, the options have the same meaning as the
-\&\fB\-inform\fR option.
+This specifies the output format, the options have the same meaning and default
+as the \fB\-inform\fR option.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read a key from or standard input if this
@@ -173,7 +179,7 @@ option is not specified. If the key is encrypted a pass phrase will be
prompted for.
.IP "\fB\-passin arg\fR" 4
.IX Item "-passin arg"
-the input file password source. For more information about the format of \fBarg\fR
+The input file password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
@@ -183,37 +189,50 @@ will be prompted for. The output filename should \fBnot\fR be the same as the in
filename.
.IP "\fB\-passout password\fR" 4
.IX Item "-passout password"
-the output file password source. For more information about the format of \fBarg\fR
+The output file password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
-.IP "\fB\-cipher\fR" 4
+.IP "\fB\-traditional\fR" 4
+.IX Item "-traditional"
+Normally a private key is written using standard format: this is PKCS#8 form
+with the appropriate encryption algorithm (if any). If the \fB\-traditional\fR
+option is specified then the older \*(L"traditional\*(R" format is used instead.
+.IP "\fB\-\f(BIcipher\fB\fR" 4
.IX Item "-cipher"
These options encrypt the private key with the supplied cipher. Any algorithm
name accepted by \fIEVP_get_cipherbyname()\fR is acceptable such as \fBdes3\fR.
.IP "\fB\-text\fR" 4
.IX Item "-text"
-prints out the various public or private key components in
+Prints out the various public or private key components in
plain text in addition to the encoded version.
.IP "\fB\-text_pub\fR" 4
.IX Item "-text_pub"
-print out only public key components even if a private key is being processed.
+Print out only public key components even if a private key is being processed.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-do not output the encoded version of the key.
+Do not output the encoded version of the key.
.IP "\fB\-pubin\fR" 4
.IX Item "-pubin"
-by default a private key is read from the input file: with this
+By default a private key is read from the input file: with this
option a public key is read instead.
.IP "\fB\-pubout\fR" 4
.IX Item "-pubout"
-by default a private key is output: with this option a public
+By default a private key is output: with this option a public
key will be output instead. This option is automatically set if
the input is a public key.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBpkey\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBpkey\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
+.IP "\fB\-check\fR" 4
+.IX Item "-check"
+This option checks the consistency of a key pair for both public and private
+components.
+.IP "\fB\-pubcheck\fR" 4
+.IX Item "-pubcheck"
+This option checks the correctness of either a public key or the public component
+of a key pair.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
To remove the pass phrase on an \s-1RSA\s0 private key:
@@ -255,3 +274,11 @@ To just output the public part of a private key:
.IX Header "SEE ALSO"
\&\fIgenpkey\fR\|(1), \fIrsa\fR\|(1), \fIpkcs8\fR\|(1),
\&\fIdsa\fR\|(1), \fIgenrsa\fR\|(1), \fIgendsa\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2006\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/pkeyparam.1 b/secure/usr.bin/openssl/man/pkeyparam.1
index f93976eb16fa..e4ee8bd9a013 100644
--- a/secure/usr.bin/openssl/man/pkeyparam.1
+++ b/secure/usr.bin/openssl/man/pkeyparam.1
@@ -129,28 +129,32 @@
.\" ========================================================================
.\"
.IX Title "PKEYPARAM 1"
-.TH PKEYPARAM 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH PKEYPARAM 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-pkeyparam,
-pkeyparam \- public key algorithm parameter processing tool
+openssl\-pkeyparam, pkeyparam \- public key algorithm parameter processing tool
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBpkeyparam\fR
+[\fB\-help\fR]
[\fB\-in filename\fR]
[\fB\-out filename\fR]
[\fB\-text\fR]
[\fB\-noout\fR]
[\fB\-engine id\fR]
+[\fB\-check\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
-The \fBpkey\fR command processes public or private keys. They can be converted
-between various forms and their components printed out.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+The \fBpkeyparam\fR command processes public key algorithm parameters.
+They can be checked for correctness and their components printed out.
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read parameters from or standard input if
@@ -161,16 +165,19 @@ This specifies the output filename to write parameters to or standard output if
this option is not specified.
.IP "\fB\-text\fR" 4
.IX Item "-text"
-prints out the parameters in plain text in addition to the encoded version.
+Prints out the parameters in plain text in addition to the encoded version.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-do not output the encoded version of the parameters.
+Do not output the encoded version of the parameters.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBpkeyparam\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBpkeyparam\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
+.IP "\fB\-check\fR" 4
+.IX Item "-check"
+This option checks the correctness of parameters.
.SH "EXAMPLE"
.IX Header "EXAMPLE"
Print out text version of parameters:
@@ -186,3 +193,11 @@ There are no \fB\-inform\fR or \fB\-outform\fR options for this command because
.IX Header "SEE ALSO"
\&\fIgenpkey\fR\|(1), \fIrsa\fR\|(1), \fIpkcs8\fR\|(1),
\&\fIdsa\fR\|(1), \fIgenrsa\fR\|(1), \fIgendsa\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2006\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/pkeyutl.1 b/secure/usr.bin/openssl/man/pkeyutl.1
index c51a1170cbf3..bd5bbde52353 100644
--- a/secure/usr.bin/openssl/man/pkeyutl.1
+++ b/secure/usr.bin/openssl/man/pkeyutl.1
@@ -129,25 +129,25 @@
.\" ========================================================================
.\"
.IX Title "PKEYUTL 1"
-.TH PKEYUTL 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH PKEYUTL 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-pkeyutl,
-pkeyutl \- public key algorithm utility
+openssl\-pkeyutl, pkeyutl \- public key algorithm utility
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBpkeyutl\fR
+[\fB\-help\fR]
[\fB\-in file\fR]
[\fB\-out file\fR]
[\fB\-sigfile file\fR]
[\fB\-inkey file\fR]
-[\fB\-keyform PEM|DER\fR]
+[\fB\-keyform PEM|DER|ENGINE\fR]
[\fB\-passin arg\fR]
[\fB\-peerkey file\fR]
-[\fB\-peerform PEM|DER\fR]
+[\fB\-peerform PEM|DER|ENGINE\fR]
[\fB\-pubin\fR]
[\fB\-certin\fR]
[\fB\-rev\fR]
@@ -157,83 +157,123 @@ pkeyutl \- public key algorithm utility
[\fB\-encrypt\fR]
[\fB\-decrypt\fR]
[\fB\-derive\fR]
+[\fB\-kdf algorithm\fR]
+[\fB\-kdflen length\fR]
[\fB\-pkeyopt opt:value\fR]
[\fB\-hexdump\fR]
[\fB\-asn1parse\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-engine id\fR]
+[\fB\-engine_impl\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
-The \fBpkeyutl\fR command can be used to perform public key operations using
-any supported algorithm.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+The \fBpkeyutl\fR command can be used to perform low level public key operations
+using any supported algorithm.
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read data from or standard input
if this option is not specified.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-specifies the output filename to write to or standard output by
+Specifies the output filename to write to or standard output by
default.
+.IP "\fB\-sigfile file\fR" 4
+.IX Item "-sigfile file"
+Signature file, required for \fBverify\fR operations only
.IP "\fB\-inkey file\fR" 4
.IX Item "-inkey file"
-the input key file, by default it should be a private key.
-.IP "\fB\-keyform PEM|DER\fR" 4
-.IX Item "-keyform PEM|DER"
-the key format \s-1PEM, DER\s0 or \s-1ENGINE.\s0
+The input key file, by default it should be a private key.
+.IP "\fB\-keyform PEM|DER|ENGINE\fR" 4
+.IX Item "-keyform PEM|DER|ENGINE"
+The key format \s-1PEM, DER\s0 or \s-1ENGINE.\s0 Default is \s-1PEM.\s0
.IP "\fB\-passin arg\fR" 4
.IX Item "-passin arg"
-the input key password source. For more information about the format of \fBarg\fR
+The input key password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
.IP "\fB\-peerkey file\fR" 4
.IX Item "-peerkey file"
-the peer key file, used by key derivation (agreement) operations.
-.IP "\fB\-peerform PEM|DER\fR" 4
-.IX Item "-peerform PEM|DER"
-the peer key format \s-1PEM, DER\s0 or \s-1ENGINE.\s0
-.IP "\fB\-engine id\fR" 4
-.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBpkeyutl\fR
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
+The peer key file, used by key derivation (agreement) operations.
+.IP "\fB\-peerform PEM|DER|ENGINE\fR" 4
+.IX Item "-peerform PEM|DER|ENGINE"
+The peer key format \s-1PEM, DER\s0 or \s-1ENGINE.\s0 Default is \s-1PEM.\s0
.IP "\fB\-pubin\fR" 4
.IX Item "-pubin"
-the input file is a public key.
+The input file is a public key.
.IP "\fB\-certin\fR" 4
.IX Item "-certin"
-the input is a certificate containing a public key.
+The input is a certificate containing a public key.
.IP "\fB\-rev\fR" 4
.IX Item "-rev"
-reverse the order of the input buffer. This is useful for some libraries
+Reverse the order of the input buffer. This is useful for some libraries
(such as CryptoAPI) which represent the buffer in little endian format.
.IP "\fB\-sign\fR" 4
.IX Item "-sign"
-sign the input data and output the signed result. This requires
-a private key.
+Sign the input data (which must be a hash) and output the signed result. This
+requires a private key.
.IP "\fB\-verify\fR" 4
.IX Item "-verify"
-verify the input data against the signature file and indicate if the
-verification succeeded or failed.
+Verify the input data (which must be a hash) against the signature file and
+indicate if the verification succeeded or failed.
.IP "\fB\-verifyrecover\fR" 4
.IX Item "-verifyrecover"
-verify the input data and output the recovered data.
+Verify the input data (which must be a hash) and output the recovered data.
.IP "\fB\-encrypt\fR" 4
.IX Item "-encrypt"
-encrypt the input data using a public key.
+Encrypt the input data using a public key.
.IP "\fB\-decrypt\fR" 4
.IX Item "-decrypt"
-decrypt the input data using a private key.
+Decrypt the input data using a private key.
.IP "\fB\-derive\fR" 4
.IX Item "-derive"
-derive a shared secret using the peer key.
+Derive a shared secret using the peer key.
+.IP "\fB\-kdf algorithm\fR" 4
+.IX Item "-kdf algorithm"
+Use key derivation function \fBalgorithm\fR. The supported algorithms are
+at present \fB\s-1TLS1\-PRF\s0\fR and \fB\s-1HKDF\s0\fR.
+Note: additional parameters and the \s-1KDF\s0 output length will normally have to be
+set for this to work.
+See \fIEVP_PKEY_CTX_set_hkdf_md\fR\|(3) and \fIEVP_PKEY_CTX_set_tls1_prf_md\fR\|(3)
+for the supported string parameters of each algorithm.
+.IP "\fB\-kdflen length\fR" 4
+.IX Item "-kdflen length"
+Set the output length for \s-1KDF.\s0
+.IP "\fB\-pkeyopt opt:value\fR" 4
+.IX Item "-pkeyopt opt:value"
+Public key options specified as opt:value. See \s-1NOTES\s0 below for more details.
.IP "\fB\-hexdump\fR" 4
.IX Item "-hexdump"
hex dump the output data.
.IP "\fB\-asn1parse\fR" 4
.IX Item "-asn1parse"
-asn1parse the output data, this is useful when combined with the
+Parse the \s-1ASN.1\s0 output data, this is useful when combined with the
\&\fB\-verifyrecover\fR option when an \s-1ASN1\s0 structure is signed.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
+The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
+all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
+.IP "\fB\-engine id\fR" 4
+.IX Item "-engine id"
+Specifying an engine (by its unique \fBid\fR string) will cause \fBpkeyutl\fR
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+.IP "\fB\-engine_impl\fR" 4
+.IX Item "-engine_impl"
+When used with the \fB\-engine\fR option, it specifies to also use
+engine \fBid\fR for crypto operations.
.SH "NOTES"
.IX Header "NOTES"
The operations and options supported vary according to the key algorithm
@@ -242,37 +282,43 @@ and its implementation. The OpenSSL operations and options are indicated below.
Unless otherwise mentioned all algorithms support the \fBdigest:alg\fR option
which specifies the digest in use for sign, verify and verifyrecover operations.
The value \fBalg\fR should represent a digest name as used in the
-\&\fIEVP_get_digestbyname()\fR function for example \fBsha1\fR.
-This value is used only for sanity-checking the lengths of data passed in to
-the \fBpkeyutl\fR and for creating the structures that make up the signature
-(e.g. \fBDigestInfo\fR in \s-1RSASSA\s0 PKCS#1 v1.5 signatures).
-In case of \s-1RSA, ECDSA\s0 and \s-1DSA\s0 signatures, this utility
-will not perform hashing on input data but rather use the data directly as
-input of signature algorithm. Depending on key type, signature type and mode
-of padding, the maximum acceptable lengths of input data differ. In general,
-with \s-1RSA\s0 the signed data can't be longer than the key modulus, in case of \s-1ECDSA\s0
-and \s-1DSA\s0 the data shouldn't be longer than field size, otherwise it will be
-silently truncated to field size.
+\&\fIEVP_get_digestbyname()\fR function for example \fBsha1\fR. This value is not used to
+hash the input data. It is used (by some algorithms) for sanity-checking the
+lengths of data passed in to the \fBpkeyutl\fR and for creating the structures that
+make up the signature (e.g. \fBDigestInfo\fR in \s-1RSASSA\s0 PKCS#1 v1.5 signatures).
+.PP
+This utility does not hash the input data but rather it will use the data
+directly as input to the signature algorithm. Depending on the key type,
+signature type, and mode of padding, the maximum acceptable lengths of input
+data differ. The signed data can't be longer than the key modulus with \s-1RSA.\s0 In
+case of \s-1ECDSA\s0 and \s-1DSA\s0 the data shouldn't be longer than the field
+size, otherwise it will be silently truncated to the field size. In any event
+the input size must not be larger than the largest supported digest size.
.PP
-In other words, if the value of digest is \fBsha1\fR the input should be 20 bytes
-long binary encoding of \s-1SHA\-1\s0 hash function output.
+In other words, if the value of digest is \fBsha1\fR the input should be the 20
+bytes long binary encoding of the \s-1SHA\-1\s0 hash function output.
+.PP
+The Ed25519 and Ed448 signature algorithms are not supported by this utility.
+They accept non-hashed input, but this utility can only be used to sign hashed
+input.
.SH "RSA ALGORITHM"
.IX Header "RSA ALGORITHM"
-The \s-1RSA\s0 algorithm supports encrypt, decrypt, sign, verify and verifyrecover
-operations in general. Some padding modes only support some of these
-operations however.
-.IP "\-\fBrsa_padding_mode:mode\fR" 4
-.IX Item "-rsa_padding_mode:mode"
+The \s-1RSA\s0 algorithm generally supports the encrypt, decrypt, sign,
+verify and verifyrecover operations. However, some padding modes
+support only a subset of these operations. The following additional
+\&\fBpkeyopt\fR values are supported:
+.IP "\fBrsa_padding_mode:mode\fR" 4
+.IX Item "rsa_padding_mode:mode"
This sets the \s-1RSA\s0 padding mode. Acceptable values for \fBmode\fR are \fBpkcs1\fR for
PKCS#1 padding, \fBsslv23\fR for SSLv23 padding, \fBnone\fR for no padding, \fBoaep\fR
for \fB\s-1OAEP\s0\fR mode, \fBx931\fR for X9.31 mode and \fBpss\fR for \s-1PSS.\s0
.Sp
-In PKCS#1 padding if the message digest is not set then the supplied data is
+In PKCS#1 padding if the message digest is not set then the supplied data is
signed or verified directly instead of using a \fBDigestInfo\fR structure. If a
digest is set then the a \fBDigestInfo\fR structure is used and its the length
must correspond to the digest type.
.Sp
-For \fBoeap\fR mode only encryption and decryption is supported.
+For \fBoaep\fR mode only encryption and decryption is supported.
.Sp
For \fBx931\fR if the digest type is set it is used to format the block data
otherwise the first byte is used to specify the X9.31 digest \s-1ID.\s0 Sign,
@@ -282,11 +328,30 @@ For \fBpss\fR mode only sign and verify are supported and the digest type must b
specified.
.IP "\fBrsa_pss_saltlen:len\fR" 4
.IX Item "rsa_pss_saltlen:len"
-For \fBpss\fR mode only this option specifies the salt length. Two special values
-are supported: \-1 sets the salt length to the digest length. When signing \-2
-sets the salt length to the maximum permissible value. When verifying \-2 causes
-the salt length to be automatically determined based on the \fB\s-1PSS\s0\fR block
-structure.
+For \fBpss\fR mode only this option specifies the salt length. Three special
+values are supported: \*(L"digest\*(R" sets the salt length to the digest length,
+\&\*(L"max\*(R" sets the salt length to the maximum permissible value. When verifying
+\&\*(L"auto\*(R" causes the salt length to be automatically determined based on the
+\&\fB\s-1PSS\s0\fR block structure.
+.IP "\fBrsa_mgf1_md:digest\fR" 4
+.IX Item "rsa_mgf1_md:digest"
+For \s-1PSS\s0 and \s-1OAEP\s0 padding sets the \s-1MGF1\s0 digest. If the \s-1MGF1\s0 digest is not
+explicitly set in \s-1PSS\s0 mode then the signing digest is used.
+.SH "RSA-PSS ALGORITHM"
+.IX Header "RSA-PSS ALGORITHM"
+The RSA-PSS algorithm is a restricted version of the \s-1RSA\s0 algorithm which only
+supports the sign and verify operations with \s-1PSS\s0 padding. The following
+additional \fBpkeyopt\fR values are supported:
+.IP "\fBrsa_padding_mode:mode\fR, \fBrsa_pss_saltlen:len\fR, \fBrsa_mgf1_md:digest\fR" 4
+.IX Item "rsa_padding_mode:mode, rsa_pss_saltlen:len, rsa_mgf1_md:digest"
+These have the same meaning as the \fB\s-1RSA\s0\fR algorithm with some additional
+restrictions. The padding mode can only be set to \fBpss\fR which is the
+default value.
+.Sp
+If the key has parameter restrictions than the digest, \s-1MGF1\s0
+digest and salt length are set to the values specified in the parameters.
+The digest and \s-1MG\s0 cannot be changed and the salt length cannot be set to a
+value less than the minimum restriction.
.SH "DSA ALGORITHM"
.IX Header "DSA ALGORITHM"
The \s-1DSA\s0 algorithm supports signing and verification operations only. Currently
@@ -302,6 +367,10 @@ The \s-1EC\s0 algorithm supports sign, verify and derive operations. The sign an
verify operations use \s-1ECDSA\s0 and derive uses \s-1ECDH.\s0 Currently there are no
additional options other than \fBdigest\fR. Only the \s-1SHA1\s0 digest can be used and
this digest is assumed by default.
+.SH "X25519 and X448 ALGORITHMS"
+.IX Header "X25519 and X448 ALGORITHMS"
+The X25519 and X448 algorithms support key derivation only. Currently there are
+no additional options.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
Sign some data using a private key:
@@ -333,7 +402,24 @@ Derive a shared secret value:
.Vb 1
\& openssl pkeyutl \-derive \-inkey key.pem \-peerkey pubkey.pem \-out secret
.Ve
+.PP
+Hexdump 48 bytes of \s-1TLS1 PRF\s0 using digest \fB\s-1SHA256\s0\fR and shared secret and
+seed consisting of the single byte 0xFF:
+.PP
+.Vb 2
+\& openssl pkeyutl \-kdf TLS1\-PRF \-kdflen 48 \-pkeyopt md:SHA256 \e
+\& \-pkeyopt hexsecret:ff \-pkeyopt hexseed:ff \-hexdump
+.Ve
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIgenpkey\fR\|(1), \fIpkey\fR\|(1), \fIrsautl\fR\|(1)
-\&\fIdgst\fR\|(1), \fIrsa\fR\|(1), \fIgenrsa\fR\|(1)
+\&\fIdgst\fR\|(1), \fIrsa\fR\|(1), \fIgenrsa\fR\|(1),
+\&\fIEVP_PKEY_CTX_set_hkdf_md\fR\|(3), \fIEVP_PKEY_CTX_set_tls1_prf_md\fR\|(3)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2006\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/prime.1 b/secure/usr.bin/openssl/man/prime.1
new file mode 100644
index 000000000000..0a073a027128
--- /dev/null
+++ b/secure/usr.bin/openssl/man/prime.1
@@ -0,0 +1,185 @@
+.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
+.\"
+.\" Standard preamble:
+.\" ========================================================================
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Vb \" Begin verbatim text
+.ft CW
+.nf
+.ne \\$1
+..
+.de Ve \" End verbatim text
+.ft R
+.fi
+..
+.\" Set up some character translations and predefined strings. \*(-- will
+.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
+.\" double quote, and \*(R" will give a right double quote. \*(C+ will
+.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
+.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
+.\" nothing in troff, for use with C<>.
+.tr \(*W-
+.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
+.ie n \{\
+. ds -- \(*W-
+. ds PI pi
+. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
+. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
+. ds L" ""
+. ds R" ""
+. ds C` ""
+. ds C' ""
+'br\}
+.el\{\
+. ds -- \|\(em\|
+. ds PI \(*p
+. ds L" ``
+. ds R" ''
+. ds C`
+. ds C'
+'br\}
+.\"
+.\" Escape single quotes in literal strings from groff's Unicode transform.
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\"
+.\" If the F register is >0, we'll generate index entries on stderr for
+.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
+.\" entries marked with X<> in POD. Of course, you'll have to process the
+.\" output yourself in some meaningful fashion.
+.\"
+.\" Avoid warning from groff about undefined register 'F'.
+.de IX
+..
+.if !\nF .nr F 0
+.if \nF>0 \{\
+. de IX
+. tm Index:\\$1\t\\n%\t"\\$2"
+..
+. if !\nF==2 \{\
+. nr % 0
+. nr F 2
+. \}
+.\}
+.\"
+.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
+.\" Fear. Run. Save yourself. No user-serviceable parts.
+. \" fudge factors for nroff and troff
+.if n \{\
+. ds #H 0
+. ds #V .8m
+. ds #F .3m
+. ds #[ \f1
+. ds #] \fP
+.\}
+.if t \{\
+. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
+. ds #V .6m
+. ds #F 0
+. ds #[ \&
+. ds #] \&
+.\}
+. \" simple accents for nroff and troff
+.if n \{\
+. ds ' \&
+. ds ` \&
+. ds ^ \&
+. ds , \&
+. ds ~ ~
+. ds /
+.\}
+.if t \{\
+. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
+. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
+. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
+. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
+. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
+. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
+.\}
+. \" troff and (daisy-wheel) nroff accents
+.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
+.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
+.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
+.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
+.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
+.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
+.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
+.ds ae a\h'-(\w'a'u*4/10)'e
+.ds Ae A\h'-(\w'A'u*4/10)'E
+. \" corrections for vroff
+.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
+.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
+. \" for low resolution devices (crt and lpr)
+.if \n(.H>23 .if \n(.V>19 \
+\{\
+. ds : e
+. ds 8 ss
+. ds o a
+. ds d- d\h'-1'\(ga
+. ds D- D\h'-1'\(hy
+. ds th \o'bp'
+. ds Th \o'LP'
+. ds ae ae
+. ds Ae AE
+.\}
+.rm #[ #] #H #V #F C
+.\" ========================================================================
+.\"
+.IX Title "PRIME 1"
+.TH PRIME 1 "2018-09-11" "1.1.1" "OpenSSL"
+.\" For nroff, turn off justification. Always turn off hyphenation; it makes
+.\" way too many mistakes in technical documents.
+.if n .ad l
+.nh
+.SH "NAME"
+openssl\-prime, prime \- compute prime numbers
+.SH "SYNOPSIS"
+.IX Header "SYNOPSIS"
+\&\fBopenssl prime\fR
+[\fB\-help\fR]
+[\fB\-hex\fR]
+[\fB\-generate\fR]
+[\fB\-bits\fR]
+[\fB\-safe\fR]
+[\fB\-checks\fR]
+[\fInumber...\fR]
+.SH "DESCRIPTION"
+.IX Header "DESCRIPTION"
+The \fBprime\fR command checks if the specified numbers are prime.
+.PP
+If no numbers are given on the command line, the \fB\-generate\fR flag should
+be used to generate primes according to the requirements specified by the
+rest of the flags.
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "[\fB\-help\fR]" 4
+.IX Item "[-help]"
+Display an option summary.
+.IP "[\fB\-hex\fR]" 4
+.IX Item "[-hex]"
+Generate hex output.
+.IP "[\fB\-generate\fR]" 4
+.IX Item "[-generate]"
+Generate a prime number.
+.IP "[\fB\-bits num\fR]" 4
+.IX Item "[-bits num]"
+Generate a prime with \fBnum\fR bits.
+.IP "[\fB\-safe\fR]" 4
+.IX Item "[-safe]"
+When used with \fB\-generate\fR, generates a \*(L"safe\*(R" prime. If the number
+generated is \fBn\fR, then check that \fB(n\-1)/2\fR is also prime.
+.IP "[\fB\-checks num\fR]" 4
+.IX Item "[-checks num]"
+Perform the checks \fBnum\fR times to see that the generated number
+is prime. The default is 20.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/rand.1 b/secure/usr.bin/openssl/man/rand.1
index b3ce4d20b719..c2c1191737cd 100644
--- a/secure/usr.bin/openssl/man/rand.1
+++ b/secure/usr.bin/openssl/man/rand.1
@@ -129,19 +129,20 @@
.\" ========================================================================
.\"
.IX Title "RAND 1"
-.TH RAND 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH RAND 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-rand,
-rand \- generate pseudo\-random bytes
+openssl\-rand, rand \- generate pseudo\-random bytes
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl rand\fR
+[\fB\-help\fR]
[\fB\-out\fR \fIfile\fR]
-[\fB\-rand\fR \fIfile(s)\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-base64\fR]
[\fB\-hex\fR]
\&\fInum\fR
@@ -155,16 +156,23 @@ in addition to the files given in the \fB\-rand\fR option. A new
seeding was obtained from these sources.
.SH "OPTIONS"
.IX Header "OPTIONS"
-.IP "\fB\-out\fR \fIfile\fR" 4
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
+.IP "\fB\-out file\fR" 4
.IX Item "-out file"
Write to \fIfile\fR instead of standard output.
-.IP "\fB\-rand\fR \fIfile(s)\fR" 4
-.IX Item "-rand file(s)"
-Use specified file or files or \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3))
-for seeding the random number generator.
-Multiple files can be specified separated by a OS-dependent character.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fB\-base64\fR" 4
.IX Item "-base64"
Perform base64 encoding on the output.
@@ -174,3 +182,11 @@ Show the output as a hex string.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIRAND_bytes\fR\|(3)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2016 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/req.1 b/secure/usr.bin/openssl/man/req.1
index a2e8660a86a4..afc45dce57a4 100644
--- a/secure/usr.bin/openssl/man/req.1
+++ b/secure/usr.bin/openssl/man/req.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "REQ 1"
-.TH REQ 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH REQ 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-req,
-req \- PKCS#10 certificate request and certificate generating utility.
+openssl\-req, req \- PKCS#10 certificate request and certificate generating utility
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBreq\fR
+[\fB\-help\fR]
[\fB\-inform PEM|DER\fR]
[\fB\-outform PEM|DER\fR]
[\fB\-in filename\fR]
@@ -152,7 +152,8 @@ req \- PKCS#10 certificate request and certificate generating utility.
[\fB\-verify\fR]
[\fB\-modulus\fR]
[\fB\-new\fR]
-[\fB\-rand file(s)\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-newkey rsa:bits\fR]
[\fB\-newkey alg:file\fR]
[\fB\-nodes\fR]
@@ -160,17 +161,17 @@ req \- PKCS#10 certificate request and certificate generating utility.
[\fB\-keyform PEM|DER\fR]
[\fB\-keyout filename\fR]
[\fB\-keygen_engine id\fR]
-[\fB\-[digest]\fR]
+[\fB\-\f(BIdigest\fB\fR]
[\fB\-config filename\fR]
[\fB\-multivalue\-rdn\fR]
[\fB\-x509\fR]
[\fB\-days n\fR]
[\fB\-set_serial n\fR]
-[\fB\-asn1\-kludge\fR]
-[\fB\-no\-asn1\-kludge\fR]
[\fB\-newhdr\fR]
+[\fB\-addext ext\fR]
[\fB\-extensions section\fR]
[\fB\-reqexts section\fR]
+[\fB\-precert\fR]
[\fB\-utf8\fR]
[\fB\-nameopt\fR]
[\fB\-reqopt\fR]
@@ -184,8 +185,11 @@ req \- PKCS#10 certificate request and certificate generating utility.
The \fBreq\fR command primarily creates and processes certificate requests
in PKCS#10 format. It can additionally create self signed certificates
for use as root CAs for example.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform DER|PEM\fR" 4
.IX Item "-inform DER|PEM"
This specifies the input format. The \fB\s-1DER\s0\fR option uses an \s-1ASN1 DER\s0 encoded
@@ -194,8 +198,8 @@ consists of the \fB\s-1DER\s0\fR format base64 encoded with additional header an
footer lines.
.IP "\fB\-outform DER|PEM\fR" 4
.IX Item "-outform DER|PEM"
-This specifies the output format, the options have the same meaning as the
-\&\fB\-inform\fR option.
+This specifies the output format, the options have the same meaning and default
+as the \fB\-inform\fR option.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read a request from or standard input
@@ -203,7 +207,7 @@ if this option is not specified. A request is only read if the creation
options (\fB\-new\fR and \fB\-newkey\fR) are not specified.
.IP "\fB\-passin arg\fR" 4
.IX Item "-passin arg"
-the input file password source. For more information about the format of \fBarg\fR
+The input file password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
@@ -211,53 +215,51 @@ This specifies the output filename to write to or standard output by
default.
.IP "\fB\-passout arg\fR" 4
.IX Item "-passout arg"
-the output file password source. For more information about the format of \fBarg\fR
+The output file password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
.IP "\fB\-text\fR" 4
.IX Item "-text"
-prints out the certificate request in text form.
+Prints out the certificate request in text form.
.IP "\fB\-subject\fR" 4
.IX Item "-subject"
-prints out the request subject (or certificate subject if \fB\-x509\fR is
+Prints out the request subject (or certificate subject if \fB\-x509\fR is
specified)
.IP "\fB\-pubkey\fR" 4
.IX Item "-pubkey"
-outputs the public key.
+Outputs the public key.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-this option prevents output of the encoded version of the request.
+This option prevents output of the encoded version of the request.
.IP "\fB\-modulus\fR" 4
.IX Item "-modulus"
-this option prints out the value of the modulus of the public key
+This option prints out the value of the modulus of the public key
contained in the request.
.IP "\fB\-verify\fR" 4
.IX Item "-verify"
-verifies the signature on the request.
+Verifies the signature on the request.
.IP "\fB\-new\fR" 4
.IX Item "-new"
-this option generates a new certificate request. It will prompt
+This option generates a new certificate request. It will prompt
the user for the relevant field values. The actual fields
prompted for and their maximum and minimum sizes are specified
in the configuration file and any requested extensions.
.Sp
If the \fB\-key\fR option is not used it will generate a new \s-1RSA\s0 private
key using information specified in the configuration file.
-.IP "\fB\-subj arg\fR" 4
-.IX Item "-subj arg"
-Replaces subject field of input request with specified data and outputs
-modified request. The arg must be formatted as
-\&\fI/type0=value0/type1=value1/type2=...\fR,
-characters may be escaped by \e (backslash), no spaces are skipped.
-.IP "\fB\-rand file(s)\fR" 4
-.IX Item "-rand file(s)"
-a file or files containing random data used to seed the random number
-generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
-Multiple files can be specified separated by a OS-dependent character.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fB\-newkey arg\fR" 4
.IX Item "-newkey arg"
-this option creates a new certificate request and a new private
+This option creates a new certificate request and a new private
key. The argument takes one of several forms. \fBrsa:nbits\fR, where
\&\fBnbits\fR is the number of bits, generates an \s-1RSA\s0 key \fBnbits\fR
in size. If \fBnbits\fR is omitted, i.e. \fB\-newkey rsa\fR specified,
@@ -265,13 +267,13 @@ the default key size, specified in the configuration file is used.
.Sp
All other algorithms support the \fB\-newkey alg:file\fR form, where file may be
an algorithm parameter file, created by the \fBgenpkey \-genparam\fR command
-or and X.509 certificate for a key with approriate algorithm.
+or and X.509 certificate for a key with appropriate algorithm.
.Sp
\&\fBparam:file\fR generates a key using the parameter file or certificate \fBfile\fR,
the algorithm is determined by the parameters. \fBalgname:file\fR use algorithm
\&\fBalgname\fR and parameter file \fBfile\fR: the two algorithms must match or an
error occurs. \fBalgname\fR just uses algorithm \fBalgname\fR, and parameters,
-if neccessary should be specified via \fB\-pkeyopt\fR parameter.
+if necessary should be specified via \fB\-pkeyopt\fR parameter.
.Sp
\&\fBdsa:filename\fR generates a \s-1DSA\s0 key using the parameters
in the file \fBfilename\fR. \fBec:filename\fR generates \s-1EC\s0 key (usable both with
@@ -281,7 +283,7 @@ file). If just \fBgost2001\fR is specified a parameter set should be
specified by \fB\-pkeyopt paramset:X\fR
.IP "\fB\-pkeyopt opt:value\fR" 4
.IX Item "-pkeyopt opt:value"
-set the public key algorithm option \fBopt\fR to \fBvalue\fR. The precise set of
+Set the public key algorithm option \fBopt\fR to \fBvalue\fR. The precise set of
options supported depends on the public key algorithm used and its
implementation. See \fB\s-1KEY GENERATION OPTIONS\s0\fR in the \fBgenpkey\fR manual page
for more details.
@@ -291,40 +293,41 @@ This specifies the file to read the private key from. It also
accepts PKCS#8 format private keys for \s-1PEM\s0 format files.
.IP "\fB\-keyform PEM|DER\fR" 4
.IX Item "-keyform PEM|DER"
-the format of the private key file specified in the \fB\-key\fR
+The format of the private key file specified in the \fB\-key\fR
argument. \s-1PEM\s0 is the default.
.IP "\fB\-keyout filename\fR" 4
.IX Item "-keyout filename"
-this gives the filename to write the newly created private key to.
+This gives the filename to write the newly created private key to.
If this option is not specified then the filename present in the
configuration file is used.
.IP "\fB\-nodes\fR" 4
.IX Item "-nodes"
-if this option is specified then if a private key is created it
+If this option is specified then if a private key is created it
will not be encrypted.
-.IP "\fB\-[digest]\fR" 4
-.IX Item "-[digest]"
-this specifies the message digest to sign the request with (such as
-\&\fB\-md5\fR, \fB\-sha1\fR). This overrides the digest algorithm specified in
+.IP "\fB\-\f(BIdigest\fB\fR" 4
+.IX Item "-digest"
+This specifies the message digest to sign the request.
+Any digest supported by the OpenSSL \fBdgst\fR command can be used.
+This overrides the digest algorithm specified in
the configuration file.
.Sp
Some public key algorithms may override this choice. For instance, \s-1DSA\s0
signatures always use \s-1SHA1, GOST R 34.10\s0 signatures always use
-\&\s-1GOST R 34.11\-94\s0 (\fB\-md_gost94\fR).
+\&\s-1GOST R 34.11\-94\s0 (\fB\-md_gost94\fR), Ed25519 and Ed448 never use any digest.
.IP "\fB\-config filename\fR" 4
.IX Item "-config filename"
-this allows an alternative configuration file to be specified,
-this overrides the compile time filename or any specified in
-the \fB\s-1OPENSSL_CONF\s0\fR environment variable.
+This allows an alternative configuration file to be specified.
+Optional; for a description of the default value,
+see \*(L"\s-1COMMAND SUMMARY\*(R"\s0 in \fIopenssl\fR\|(1).
.IP "\fB\-subj arg\fR" 4
.IX Item "-subj arg"
-sets subject name for new request or supersedes the subject name
+Sets subject name for new request or supersedes the subject name
when processing a request.
The arg must be formatted as \fI/type0=value0/type1=value1/type2=...\fR,
characters may be escaped by \e (backslash), no spaces are skipped.
.IP "\fB\-multivalue\-rdn\fR" 4
.IX Item "-multivalue-rdn"
-this option causes the \-subj argument to be interpreted with full
+This option causes the \-subj argument to be interpreted with full
support for multivalued RDNs. Example:
.Sp
\&\fI/DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe\fR
@@ -332,7 +335,7 @@ support for multivalued RDNs. Example:
If \-multi\-rdn is not used then the \s-1UID\s0 value is \fI123456+CN=John Doe\fR.
.IP "\fB\-x509\fR" 4
.IX Item "-x509"
-this option outputs a self signed certificate instead of a certificate
+This option outputs a self signed certificate instead of a certificate
request. This is typically used to generate a test certificate or
a self signed root \s-1CA.\s0 The extensions added to the certificate
(if any) are specified in the configuration file. Unless specified
@@ -343,79 +346,78 @@ If existing request is specified with the \fB\-in\fR option, it is converted
to the self signed certificate otherwise new request is created.
.IP "\fB\-days n\fR" 4
.IX Item "-days n"
-when the \fB\-x509\fR option is being used this specifies the number of
-days to certify the certificate for. The default is 30 days.
+When the \fB\-x509\fR option is being used this specifies the number of
+days to certify the certificate for, otherwise it is ignored. \fBn\fR should
+be a positive integer. The default is 30 days.
.IP "\fB\-set_serial n\fR" 4
.IX Item "-set_serial n"
-serial number to use when outputting a self signed certificate. This
+Serial number to use when outputting a self signed certificate. This
may be specified as a decimal value or a hex value if preceded by \fB0x\fR.
-It is possible to use negative serial numbers but this is not recommended.
+.IP "\fB\-addext ext\fR" 4
+.IX Item "-addext ext"
+Add a specific extension to the certificate (if the \fB\-x509\fR option is
+present) or certificate request. The argument must have the form of
+a key=value pair as it would appear in a config file.
+.Sp
+This option can be given multiple times.
.IP "\fB\-extensions section\fR" 4
.IX Item "-extensions section"
.PD 0
.IP "\fB\-reqexts section\fR" 4
.IX Item "-reqexts section"
.PD
-these options specify alternative sections to include certificate
+These options specify alternative sections to include certificate
extensions (if the \fB\-x509\fR option is present) or certificate
request extensions. This allows several different sections to
be used in the same configuration file to specify requests for
a variety of purposes.
+.IP "\fB\-precert\fR" 4
+.IX Item "-precert"
+A poison extension will be added to the certificate, making it a
+\&\*(L"pre-certificate\*(R" (see \s-1RFC6962\s0). This can be submitted to Certificate
+Transparency logs in order to obtain signed certificate timestamps (SCTs).
+These SCTs can then be embedded into the pre-certificate as an extension, before
+removing the poison and signing the certificate.
+.Sp
+This implies the \fB\-new\fR flag.
.IP "\fB\-utf8\fR" 4
.IX Item "-utf8"
-this option causes field values to be interpreted as \s-1UTF8\s0 strings, by
+This option causes field values to be interpreted as \s-1UTF8\s0 strings, by
default they are interpreted as \s-1ASCII.\s0 This means that the field
values, whether prompted from a terminal or obtained from a
configuration file, must be valid \s-1UTF8\s0 strings.
.IP "\fB\-nameopt option\fR" 4
.IX Item "-nameopt option"
-option which determines how the subject or issuer names are displayed. The
+Option which determines how the subject or issuer names are displayed. The
\&\fBoption\fR argument can be a single option or multiple options separated by
commas. Alternatively the \fB\-nameopt\fR switch may be used more than once to
set multiple options. See the \fIx509\fR\|(1) manual page for details.
.IP "\fB\-reqopt\fR" 4
.IX Item "-reqopt"
-customise the output format used with \fB\-text\fR. The \fBoption\fR argument can be
+Customise the output format used with \fB\-text\fR. The \fBoption\fR argument can be
a single option or multiple options separated by commas.
.Sp
-See discission of the \fB\-certopt\fR parameter in the \fBx509\fR
+See discussion of the \fB\-certopt\fR parameter in the \fIx509\fR\|(1)
command.
-.IP "\fB\-asn1\-kludge\fR" 4
-.IX Item "-asn1-kludge"
-by default the \fBreq\fR command outputs certificate requests containing
-no attributes in the correct PKCS#10 format. However certain CAs will only
-accept requests containing no attributes in an invalid form: this
-option produces this invalid format.
-.Sp
-More precisely the \fBAttributes\fR in a PKCS#10 certificate request
-are defined as a \fB\s-1SET OF\s0 Attribute\fR. They are \fBnot \s-1OPTIONAL\s0\fR so
-if no attributes are present then they should be encoded as an
-empty \fB\s-1SET OF\s0\fR. The invalid form does not include the empty
-\&\fB\s-1SET OF\s0\fR whereas the correct form does.
-.Sp
-It should be noted that very few CAs still require the use of this option.
-.IP "\fB\-no\-asn1\-kludge\fR" 4
-.IX Item "-no-asn1-kludge"
-Reverses effect of \fB\-asn1\-kludge\fR
.IP "\fB\-newhdr\fR" 4
.IX Item "-newhdr"
Adds the word \fB\s-1NEW\s0\fR to the \s-1PEM\s0 file header and footer lines on the outputted
request. Some software (Netscape certificate server) and some CAs need this.
.IP "\fB\-batch\fR" 4
.IX Item "-batch"
-non-interactive mode.
+Non-interactive mode.
.IP "\fB\-verbose\fR" 4
.IX Item "-verbose"
-print extra details about the operations being performed.
+Print extra details about the operations being performed.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBreq\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBreq\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
.IP "\fB\-keygen_engine id\fR" 4
.IX Item "-keygen_engine id"
-specifies an engine (by its unique \fBid\fR string) which would be used
+Specifies an engine (by its unique \fBid\fR string) which would be used
for key generation operations.
.SH "CONFIGURATION FILE FORMAT"
.IX Header "CONFIGURATION FILE FORMAT"
@@ -458,8 +460,8 @@ object identifier followed by \fB=\fR and the numerical form. The short
and long names are the same when this option is used.
.IP "\fB\s-1RANDFILE\s0\fR" 4
.IX Item "RANDFILE"
-This specifies a filename in which random number seed information is
-placed and read from, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
+At startup the specified file is loaded into the random number generator,
+and at exit 256 bytes will be written to it.
It is used for private key generation.
.IP "\fBencrypt_key\fR" 4
.IX Item "encrypt_key"
@@ -468,16 +470,17 @@ If this is set to \fBno\fR then if a private key is generated it is
option. For compatibility \fBencrypt_rsa_key\fR is an equivalent option.
.IP "\fBdefault_md\fR" 4
.IX Item "default_md"
-This option specifies the digest algorithm to use. Possible values
-include \fBmd5 sha1 mdc2\fR. If not present then \s-1MD5\s0 is used. This
-option can be overridden on the command line.
+This option specifies the digest algorithm to use. Any digest supported by the
+OpenSSL \fBdgst\fR command can be used. This option can be overridden on the
+command line. Certain signing algorithms (i.e. Ed25519 and Ed448) will ignore
+any digest that has been set.
.IP "\fBstring_mask\fR" 4
.IX Item "string_mask"
This option masks out the use of certain string types in certain
fields. Most users will not need to change this option.
.Sp
It can be set to several values \fBdefault\fR which is also the default
-option uses PrintableStrings, T61Strings and BMPStrings if the
+option uses PrintableStrings, T61Strings and BMPStrings if the
\&\fBpkix\fR value is used then only PrintableStrings and BMPStrings will
be used. This follows the \s-1PKIX\s0 recommendation in \s-1RFC2459.\s0 If the
\&\fButf8only\fR option is used then only UTF8Strings will be used: this
@@ -486,30 +489,30 @@ option just uses PrintableStrings and T61Strings: certain software has
problems with BMPStrings and UTF8Strings: in particular Netscape.
.IP "\fBreq_extensions\fR" 4
.IX Item "req_extensions"
-this specifies the configuration file section containing a list of
+This specifies the configuration file section containing a list of
extensions to add to the certificate request. It can be overridden
-by the \fB\-reqexts\fR command line switch. See the
+by the \fB\-reqexts\fR command line switch. See the
\&\fIx509v3_config\fR\|(5) manual page for details of the
extension section format.
.IP "\fBx509_extensions\fR" 4
.IX Item "x509_extensions"
-this specifies the configuration file section containing a list of
+This specifies the configuration file section containing a list of
extensions to add to certificate generated when the \fB\-x509\fR switch
is used. It can be overridden by the \fB\-extensions\fR command line switch.
.IP "\fBprompt\fR" 4
.IX Item "prompt"
-if set to the value \fBno\fR this disables prompting of certificate fields
+If set to the value \fBno\fR this disables prompting of certificate fields
and just takes values from the config file directly. It also changes the
expected format of the \fBdistinguished_name\fR and \fBattributes\fR sections.
.IP "\fButf8\fR" 4
.IX Item "utf8"
-if set to the value \fByes\fR then field values to be interpreted as \s-1UTF8\s0
+If set to the value \fByes\fR then field values to be interpreted as \s-1UTF8\s0
strings, by default they are interpreted as \s-1ASCII.\s0 This means that
the field values, whether prompted from a terminal or obtained from a
configuration file, must be valid \s-1UTF8\s0 strings.
.IP "\fBattributes\fR" 4
.IX Item "attributes"
-this specifies the section containing any request attributes: its format
+This specifies the section containing any request attributes: its format
is the same as \fBdistinguished_name\fR. Typically these may contain the
challengePassword or unstructuredName types. They are currently ignored
by OpenSSL's request signing utilities but some CAs might want them.
@@ -622,7 +625,7 @@ Sample configuration file prompting for field values:
\& default_keyfile = privkey.pem
\& distinguished_name = req_distinguished_name
\& attributes = req_attributes
-\& x509_extensions = v3_ca
+\& req_extensions = v3_ca
\&
\& dirstring_type = nobmp
\&
@@ -651,7 +654,7 @@ Sample configuration file prompting for field values:
\&
\& subjectKeyIdentifier=hash
\& authorityKeyIdentifier=keyid:always,issuer:always
-\& basicConstraints = CA:true
+\& basicConstraints = critical, CA:true
.Ve
.PP
Sample configuration containing all field values:
@@ -679,6 +682,16 @@ Sample configuration containing all field values:
\& [ req_attributes ]
\& challengePassword = A challenge password
.Ve
+.PP
+Example of giving the most common attributes (subject and extensions)
+on the command line:
+.PP
+.Vb 4
+\& openssl req \-new \-subj "/C=GB/CN=foo" \e
+\& \-addext "subjectAltName = DNS:foo.co.uk" \e
+\& \-addext "certificatePolicies = 1.2.3.4" \e
+\& \-newkey rsa:2048 \-keyout key.pem \-out req.pem
+.Ve
.SH "NOTES"
.IX Header "NOTES"
The header and footer lines in the \fB\s-1PEM\s0\fR format are normally:
@@ -742,12 +755,6 @@ the correct empty \fB\s-1SET OF\s0\fR structure (the \s-1DER\s0 encoding of whic
then the \fB\s-1SET OF\s0\fR is missing and the encoding is technically invalid (but
it is tolerated). See the description of the command line option \fB\-asn1\-kludge\fR
for more information.
-.SH "ENVIRONMENT VARIABLES"
-.IX Header "ENVIRONMENT VARIABLES"
-The variable \fB\s-1OPENSSL_CONF\s0\fR if defined allows an alternative configuration
-file location to be specified, it will be overridden by the \fB\-config\fR command
-line switch if it is present. For compatibility reasons the \fB\s-1SSLEAY_CONF\s0\fR
-environment variable serves the same purpose but its use is discouraged.
.SH "BUGS"
.IX Header "BUGS"
OpenSSL's handling of T61Strings (aka TeletexStrings) is broken: it effectively
@@ -769,3 +776,11 @@ address in subjectAltName should be input by the user.
\&\fIx509\fR\|(1), \fIca\fR\|(1), \fIgenrsa\fR\|(1),
\&\fIgendsa\fR\|(1), \fIconfig\fR\|(5),
\&\fIx509v3_config\fR\|(5)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/rsa.1 b/secure/usr.bin/openssl/man/rsa.1
index 59adddec669f..1f1c8644f3bb 100644
--- a/secure/usr.bin/openssl/man/rsa.1
+++ b/secure/usr.bin/openssl/man/rsa.1
@@ -129,27 +129,29 @@
.\" ========================================================================
.\"
.IX Title "RSA 1"
-.TH RSA 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH RSA 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-rsa,
-rsa \- RSA key processing tool
+openssl\-rsa, rsa \- RSA key processing tool
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBrsa\fR
+[\fB\-help\fR]
[\fB\-inform PEM|NET|DER\fR]
[\fB\-outform PEM|NET|DER\fR]
[\fB\-in filename\fR]
[\fB\-passin arg\fR]
[\fB\-out filename\fR]
[\fB\-passout arg\fR]
-[\fB\-sgckey\fR]
[\fB\-aes128\fR]
[\fB\-aes192\fR]
[\fB\-aes256\fR]
+[\fB\-aria128\fR]
+[\fB\-aria192\fR]
+[\fB\-aria256\fR]
[\fB\-camellia128\fR]
[\fB\-camellia192\fR]
[\fB\-camellia256\fR]
@@ -172,8 +174,11 @@ forms and their components printed out. \fBNote\fR this command uses the
traditional SSLeay compatible format for private key encryption: newer
applications should use the more secure PKCS#8 format using the \fBpkcs8\fR
utility.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform DER|NET|PEM\fR" 4
.IX Item "-inform DER|NET|PEM"
This specifies the input format. The \fB\s-1DER\s0\fR option uses an \s-1ASN1 DER\s0 encoded
@@ -184,8 +189,8 @@ keys are also accepted. The \fB\s-1NET\s0\fR form is a format is described in th
section.
.IP "\fB\-outform DER|NET|PEM\fR" 4
.IX Item "-outform DER|NET|PEM"
-This specifies the output format, the options have the same meaning as the
-\&\fB\-inform\fR option.
+This specifies the output format, the options have the same meaning and default
+as the \fB\-inform\fR option.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read a key from or standard input if this
@@ -193,7 +198,7 @@ option is not specified. If the key is encrypted a pass phrase will be
prompted for.
.IP "\fB\-passin arg\fR" 4
.IX Item "-passin arg"
-the input file password source. For more information about the format of \fBarg\fR
+The input file password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
@@ -203,14 +208,10 @@ will be prompted for. The output filename should \fBnot\fR be the same as the in
filename.
.IP "\fB\-passout password\fR" 4
.IX Item "-passout password"
-the output file password source. For more information about the format of \fBarg\fR
+The output file password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
-.IP "\fB\-sgckey\fR" 4
-.IX Item "-sgckey"
-use the modified \s-1NET\s0 algorithm used with some versions of Microsoft \s-1IIS\s0 and \s-1SGC\s0
-keys.
-.IP "\fB\-aes128|\-aes192|\-aes256|\-camellia128|\-camellia192|\-camellia256|\-des|\-des3|\-idea\fR" 4
-.IX Item "-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea"
+.IP "\fB\-aes128\fR, \fB\-aes192\fR, \fB\-aes256\fR, \fB\-aria128\fR, \fB\-aria192\fR, \fB\-aria256\fR, \fB\-camellia128\fR, \fB\-camellia192\fR, \fB\-camellia256\fR, \fB\-des\fR, \fB\-des3\fR, \fB\-idea\fR" 4
+.IX Item "-aes128, -aes192, -aes256, -aria128, -aria192, -aria256, -camellia128, -camellia192, -camellia256, -des, -des3, -idea"
These options encrypt the private key with the specified
cipher before outputting it. A pass phrase is prompted for.
If none of these options is specified the key is written in plain text. This
@@ -220,32 +221,32 @@ setting the encryption options it can be use to add or change the pass phrase.
These options can only be used with \s-1PEM\s0 format output files.
.IP "\fB\-text\fR" 4
.IX Item "-text"
-prints out the various public or private key components in
+Prints out the various public or private key components in
plain text in addition to the encoded version.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-this option prevents output of the encoded version of the key.
+This option prevents output of the encoded version of the key.
.IP "\fB\-modulus\fR" 4
.IX Item "-modulus"
-this option prints out the value of the modulus of the key.
+This option prints out the value of the modulus of the key.
.IP "\fB\-check\fR" 4
.IX Item "-check"
-this option checks the consistency of an \s-1RSA\s0 private key.
+This option checks the consistency of an \s-1RSA\s0 private key.
.IP "\fB\-pubin\fR" 4
.IX Item "-pubin"
-by default a private key is read from the input file: with this
+By default a private key is read from the input file: with this
option a public key is read instead.
.IP "\fB\-pubout\fR" 4
.IX Item "-pubout"
-by default a private key is output: with this option a public
+By default a private key is output: with this option a public
key will be output instead. This option is automatically set if
the input is a public key.
.IP "\fB\-RSAPublicKey_in\fR, \fB\-RSAPublicKey_out\fR" 4
.IX Item "-RSAPublicKey_in, -RSAPublicKey_out"
-like \fB\-pubin\fR and \fB\-pubout\fR except \fBRSAPublicKey\fR format is used instead.
+Like \fB\-pubin\fR and \fB\-pubout\fR except \fBRSAPublicKey\fR format is used instead.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBrsa\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBrsa\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
@@ -281,8 +282,7 @@ files. To use these with the utility, view the file with a binary editor
and look for the string \*(L"private-key\*(R", then trace back to the byte
sequence 0x30, 0x82 (this is an \s-1ASN1 SEQUENCE\s0). Copy all the data
from this point onwards to another file and use that as the input
-to the \fBrsa\fR utility with the \fB\-inform \s-1NET\s0\fR option. If you get
-an error after entering the password try the \fB\-sgckey\fR option.
+to the \fBrsa\fR utility with the \fB\-inform \s-1NET\s0\fR option.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
To remove the pass phrase on an \s-1RSA\s0 private key:
@@ -331,3 +331,11 @@ without having to manually edit them.
.IX Header "SEE ALSO"
\&\fIpkcs8\fR\|(1), \fIdsa\fR\|(1), \fIgenrsa\fR\|(1),
\&\fIgendsa\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/rsautl.1 b/secure/usr.bin/openssl/man/rsautl.1
index fc1a0da59a7e..9a2183296025 100644
--- a/secure/usr.bin/openssl/man/rsautl.1
+++ b/secure/usr.bin/openssl/man/rsautl.1
@@ -129,26 +129,29 @@
.\" ========================================================================
.\"
.IX Title "RSAUTL 1"
-.TH RSAUTL 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH RSAUTL 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-rsautl,
-rsautl \- RSA utility
+openssl\-rsautl, rsautl \- RSA utility
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBrsautl\fR
+[\fB\-help\fR]
[\fB\-in file\fR]
[\fB\-out file\fR]
[\fB\-inkey file\fR]
+[\fB\-keyform PEM|DER|ENGINE\fR]
[\fB\-pubin\fR]
[\fB\-certin\fR]
[\fB\-sign\fR]
[\fB\-verify\fR]
[\fB\-encrypt\fR]
[\fB\-decrypt\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-pkcs\fR]
[\fB\-ssl\fR]
[\fB\-raw\fR]
@@ -158,50 +161,67 @@ rsautl \- RSA utility
.IX Header "DESCRIPTION"
The \fBrsautl\fR command can be used to sign, verify, encrypt and decrypt
data using the \s-1RSA\s0 algorithm.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read data from or standard input
if this option is not specified.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-specifies the output filename to write to or standard output by
+Specifies the output filename to write to or standard output by
default.
.IP "\fB\-inkey file\fR" 4
.IX Item "-inkey file"
-the input key file, by default it should be an \s-1RSA\s0 private key.
+The input key file, by default it should be an \s-1RSA\s0 private key.
+.IP "\fB\-keyform PEM|DER|ENGINE\fR" 4
+.IX Item "-keyform PEM|DER|ENGINE"
+The key format \s-1PEM, DER\s0 or \s-1ENGINE.\s0
.IP "\fB\-pubin\fR" 4
.IX Item "-pubin"
-the input file is an \s-1RSA\s0 public key.
+The input file is an \s-1RSA\s0 public key.
.IP "\fB\-certin\fR" 4
.IX Item "-certin"
-the input is a certificate containing an \s-1RSA\s0 public key.
+The input is a certificate containing an \s-1RSA\s0 public key.
.IP "\fB\-sign\fR" 4
.IX Item "-sign"
-sign the input data and output the signed result. This requires
-and \s-1RSA\s0 private key.
+Sign the input data and output the signed result. This requires
+an \s-1RSA\s0 private key.
.IP "\fB\-verify\fR" 4
.IX Item "-verify"
-verify the input data and output the recovered data.
+Verify the input data and output the recovered data.
.IP "\fB\-encrypt\fR" 4
.IX Item "-encrypt"
-encrypt the input data using an \s-1RSA\s0 public key.
+Encrypt the input data using an \s-1RSA\s0 public key.
.IP "\fB\-decrypt\fR" 4
.IX Item "-decrypt"
-decrypt the input data using an \s-1RSA\s0 private key.
+Decrypt the input data using an \s-1RSA\s0 private key.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
+The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
+all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fB\-pkcs, \-oaep, \-ssl, \-raw\fR" 4
.IX Item "-pkcs, -oaep, -ssl, -raw"
-the padding to use: PKCS#1 v1.5 (the default), PKCS#1 \s-1OAEP,\s0
+The padding to use: PKCS#1 v1.5 (the default), PKCS#1 \s-1OAEP,\s0
special padding used in \s-1SSL\s0 v2 backwards compatible handshakes,
or no padding, respectively.
For signatures, only \fB\-pkcs\fR and \fB\-raw\fR can be used.
.IP "\fB\-hexdump\fR" 4
.IX Item "-hexdump"
-hex dump the output data.
+Hex dump the output data.
.IP "\fB\-asn1parse\fR" 4
.IX Item "-asn1parse"
-asn1parse the output data, this is useful when combined with the
+Parse the \s-1ASN.1\s0 output data, this is useful when combined with the
\&\fB\-verify\fR option.
.SH "NOTES"
.IX Header "NOTES"
@@ -247,23 +267,23 @@ example in certs/pca\-cert.pem . Running \fBasn1parse\fR as follows yields:
.Vb 1
\& openssl asn1parse \-in pca\-cert.pem
\&
-\& 0:d=0 hl=4 l= 742 cons: SEQUENCE
-\& 4:d=1 hl=4 l= 591 cons: SEQUENCE
-\& 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+\& 0:d=0 hl=4 l= 742 cons: SEQUENCE
+\& 4:d=1 hl=4 l= 591 cons: SEQUENCE
+\& 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
\& 10:d=3 hl=2 l= 1 prim: INTEGER :02
\& 13:d=2 hl=2 l= 1 prim: INTEGER :00
-\& 16:d=2 hl=2 l= 13 cons: SEQUENCE
+\& 16:d=2 hl=2 l= 13 cons: SEQUENCE
\& 18:d=3 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption
-\& 29:d=3 hl=2 l= 0 prim: NULL
-\& 31:d=2 hl=2 l= 92 cons: SEQUENCE
-\& 33:d=3 hl=2 l= 11 cons: SET
-\& 35:d=4 hl=2 l= 9 cons: SEQUENCE
+\& 29:d=3 hl=2 l= 0 prim: NULL
+\& 31:d=2 hl=2 l= 92 cons: SEQUENCE
+\& 33:d=3 hl=2 l= 11 cons: SET
+\& 35:d=4 hl=2 l= 9 cons: SEQUENCE
\& 37:d=5 hl=2 l= 3 prim: OBJECT :countryName
\& 42:d=5 hl=2 l= 2 prim: PRINTABLESTRING :AU
\& ....
-\& 599:d=1 hl=2 l= 13 cons: SEQUENCE
+\& 599:d=1 hl=2 l= 13 cons: SEQUENCE
\& 601:d=2 hl=2 l= 9 prim: OBJECT :md5WithRSAEncryption
-\& 612:d=2 hl=2 l= 0 prim: NULL
+\& 612:d=2 hl=2 l= 0 prim: NULL
\& 614:d=1 hl=3 l= 129 prim: BIT STRING
.Ve
.PP
@@ -284,11 +304,11 @@ The signature can be analysed with:
.Vb 1
\& openssl rsautl \-in sig \-verify \-asn1parse \-inkey pubkey.pem \-pubin
\&
-\& 0:d=0 hl=2 l= 32 cons: SEQUENCE
-\& 2:d=1 hl=2 l= 12 cons: SEQUENCE
+\& 0:d=0 hl=2 l= 32 cons: SEQUENCE
+\& 2:d=1 hl=2 l= 12 cons: SEQUENCE
\& 4:d=2 hl=2 l= 8 prim: OBJECT :md5
-\& 14:d=2 hl=2 l= 0 prim: NULL
-\& 16:d=1 hl=2 l= 16 prim: OCTET STRING
+\& 14:d=2 hl=2 l= 0 prim: NULL
+\& 16:d=1 hl=2 l= 16 prim: OCTET STRING
\& 0000 \- f3 46 9e aa 1a 4a 73 c9\-37 ea 93 00 48 25 08 b5 .F...Js.7...H%..
.Ve
.PP
@@ -311,3 +331,11 @@ which it can be seen agrees with the recovered value above.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIdgst\fR\|(1), \fIrsa\fR\|(1), \fIgenrsa\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/s_client.1 b/secure/usr.bin/openssl/man/s_client.1
index a02eab0c33a1..79283319546f 100644
--- a/secure/usr.bin/openssl/man/s_client.1
+++ b/secure/usr.bin/openssl/man/s_client.1
@@ -129,31 +129,81 @@
.\" ========================================================================
.\"
.IX Title "S_CLIENT 1"
-.TH S_CLIENT 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH S_CLIENT 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-s_client,
-s_client \- SSL/TLS client program
+openssl\-s_client, s_client \- SSL/TLS client program
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBs_client\fR
+[\fB\-help\fR]
[\fB\-connect host:port\fR]
+[\fB\-bind host:port\fR]
+[\fB\-proxy host:port\fR]
+[\fB\-unix path\fR]
+[\fB\-4\fR]
+[\fB\-6\fR]
[\fB\-servername name\fR]
+[\fB\-noservername\fR]
[\fB\-verify depth\fR]
[\fB\-verify_return_error\fR]
[\fB\-cert filename\fR]
[\fB\-certform DER|PEM\fR]
[\fB\-key filename\fR]
[\fB\-keyform DER|PEM\fR]
+[\fB\-cert_chain filename\fR]
+[\fB\-build_chain\fR]
+[\fB\-xkey\fR]
+[\fB\-xcert\fR]
+[\fB\-xchain\fR]
+[\fB\-xchain_build\fR]
+[\fB\-xcertform PEM|DER\fR]
+[\fB\-xkeyform PEM|DER\fR]
[\fB\-pass arg\fR]
[\fB\-CApath directory\fR]
[\fB\-CAfile filename\fR]
+[\fB\-chainCApath directory\fR]
+[\fB\-chainCAfile filename\fR]
+[\fB\-no\-CAfile\fR]
+[\fB\-no\-CApath\fR]
+[\fB\-requestCAfile filename\fR]
+[\fB\-dane_tlsa_domain domain\fR]
+[\fB\-dane_tlsa_rrdata rrdata\fR]
+[\fB\-dane_ee_no_namechecks\fR]
+[\fB\-attime timestamp\fR]
+[\fB\-check_ss_sig\fR]
+[\fB\-crl_check\fR]
+[\fB\-crl_check_all\fR]
+[\fB\-explicit_policy\fR]
+[\fB\-extended_crl\fR]
+[\fB\-ignore_critical\fR]
+[\fB\-inhibit_any\fR]
+[\fB\-inhibit_map\fR]
+[\fB\-no_check_time\fR]
+[\fB\-partial_chain\fR]
+[\fB\-policy arg\fR]
+[\fB\-policy_check\fR]
+[\fB\-policy_print\fR]
+[\fB\-purpose purpose\fR]
+[\fB\-suiteB_128\fR]
+[\fB\-suiteB_128_only\fR]
+[\fB\-suiteB_192\fR]
+[\fB\-trusted_first\fR]
[\fB\-no_alt_chains\fR]
+[\fB\-use_deltas\fR]
+[\fB\-auth_level num\fR]
+[\fB\-nameopt option\fR]
+[\fB\-verify_depth num\fR]
+[\fB\-verify_email email\fR]
+[\fB\-verify_hostname hostname\fR]
+[\fB\-verify_ip ip\fR]
+[\fB\-verify_name name\fR]
+[\fB\-build_chain\fR]
+[\fB\-x509_strict\fR]
[\fB\-reconnect\fR]
-[\fB\-pause\fR]
[\fB\-showcerts\fR]
[\fB\-debug\fR]
[\fB\-msg\fR]
@@ -163,32 +213,60 @@ s_client \- SSL/TLS client program
[\fB\-crlf\fR]
[\fB\-ign_eof\fR]
[\fB\-no_ign_eof\fR]
+[\fB\-psk_identity identity\fR]
+[\fB\-psk key\fR]
+[\fB\-psk_session file\fR]
[\fB\-quiet\fR]
-[\fB\-ssl2\fR]
[\fB\-ssl3\fR]
[\fB\-tls1\fR]
-[\fB\-no_ssl2\fR]
+[\fB\-tls1_1\fR]
+[\fB\-tls1_2\fR]
+[\fB\-tls1_3\fR]
[\fB\-no_ssl3\fR]
[\fB\-no_tls1\fR]
[\fB\-no_tls1_1\fR]
[\fB\-no_tls1_2\fR]
+[\fB\-no_tls1_3\fR]
+[\fB\-dtls\fR]
+[\fB\-dtls1\fR]
+[\fB\-dtls1_2\fR]
+[\fB\-sctp\fR]
[\fB\-fallback_scsv\fR]
+[\fB\-async\fR]
+[\fB\-max_send_frag\fR]
+[\fB\-split_send_frag\fR]
+[\fB\-max_pipelines\fR]
+[\fB\-read_buf\fR]
[\fB\-bugs\fR]
+[\fB\-comp\fR]
+[\fB\-no_comp\fR]
+[\fB\-allow_no_dhe_kex\fR]
[\fB\-sigalgs sigalglist\fR]
[\fB\-curves curvelist\fR]
[\fB\-cipher cipherlist\fR]
+[\fB\-ciphersuites val\fR]
[\fB\-serverpref\fR]
[\fB\-starttls protocol\fR]
+[\fB\-xmpphost hostname\fR]
+[\fB\-name hostname\fR]
[\fB\-engine id\fR]
[\fB\-tlsextdebug\fR]
[\fB\-no_ticket\fR]
[\fB\-sess_out filename\fR]
[\fB\-sess_in filename\fR]
-[\fB\-rand file(s)\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-serverinfo types\fR]
[\fB\-status\fR]
[\fB\-alpn protocols\fR]
[\fB\-nextprotoneg protocols\fR]
+[\fB\-ct\fR]
+[\fB\-noct\fR]
+[\fB\-ctlogfile\fR]
+[\fB\-keylogfile file\fR]
+[\fB\-early_data file\fR]
+[\fB\-enable_pha\fR]
+[\fBtarget\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBs_client\fR command implements a generic \s-1SSL/TLS\s0 client which connects
@@ -196,13 +274,54 @@ to a remote host using \s-1SSL/TLS.\s0 It is a \fIvery\fR useful diagnostic tool
\&\s-1SSL\s0 servers.
.SH "OPTIONS"
.IX Header "OPTIONS"
+In addition to the options below the \fBs_client\fR utility also supports the
+common and client only options documented in the
+in the \*(L"Supported Command Line Commands\*(R" section of the \fISSL_CONF_cmd\fR\|(3)
+manual page.
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-connect host:port\fR" 4
.IX Item "-connect host:port"
-This specifies the host and optional port to connect to. If not specified
-then an attempt is made to connect to the local host on port 4433.
+This specifies the host and optional port to connect to. It is possible to
+select the host and port using the optional target positional argument instead.
+If neither this nor the target positional argument are specified then an attempt
+is made to connect to the local host on port 4433.
+.IP "\fB\-bind host:port\fR]" 4
+.IX Item "-bind host:port]"
+This specifies the host address and or port to bind as the source for the
+connection. For Unix-domain sockets the port is ignored and the host is
+used as the source socket address.
+.IP "\fB\-proxy host:port\fR" 4
+.IX Item "-proxy host:port"
+When used with the \fB\-connect\fR flag, the program uses the host and port
+specified with this flag and issues an \s-1HTTP CONNECT\s0 command to connect
+to the desired server.
+.IP "\fB\-unix path\fR" 4
+.IX Item "-unix path"
+Connect over the specified Unix-domain socket.
+.IP "\fB\-4\fR" 4
+.IX Item "-4"
+Use IPv4 only.
+.IP "\fB\-6\fR" 4
+.IX Item "-6"
+Use IPv6 only.
.IP "\fB\-servername name\fR" 4
.IX Item "-servername name"
-Set the \s-1TLS SNI\s0 (Server Name Indication) extension in the ClientHello message.
+Set the \s-1TLS SNI\s0 (Server Name Indication) extension in the ClientHello message to
+the given value. If both this option and the \fB\-noservername\fR are not given, the
+\&\s-1TLS SNI\s0 extension is still set to the hostname provided to the \fB\-connect\fR option,
+or \*(L"localhost\*(R" if \fB\-connect\fR has not been supplied. This is default since OpenSSL
+1.1.1.
+.Sp
+Even though \s-1SNI\s0 name should normally be a \s-1DNS\s0 name and not an \s-1IP\s0 address, this
+option will not make the distinction when parsing \fB\-connect\fR and will send
+\&\s-1IP\s0 address if one passed.
+.IP "\fB\-noservername\fR" 4
+.IX Item "-noservername"
+Suppresses sending of the \s-1SNI\s0 (Server Name Indication) extension in the
+ClientHello message. Cannot be used in conjunction with the \fB\-servername\fR or
+<\-dane_tlsa_domain> options.
.IP "\fB\-cert certname\fR" 4
.IX Item "-cert certname"
The certificate to use, if one is requested by the server. The default is
@@ -217,6 +336,29 @@ be used.
.IP "\fB\-keyform format\fR" 4
.IX Item "-keyform format"
The private format to use: \s-1DER\s0 or \s-1PEM. PEM\s0 is the default.
+.IP "\fB\-cert_chain\fR" 4
+.IX Item "-cert_chain"
+A file containing trusted certificates to use when attempting to build the
+client/server certificate chain related to the certificate specified via the
+\&\fB\-cert\fR option.
+.IP "\fB\-build_chain\fR" 4
+.IX Item "-build_chain"
+Specify whether the application should build the certificate chain to be
+provided to the server.
+.IP "\fB\-xkey infile\fR, \fB\-xcert infile\fR, \fB\-xchain\fR" 4
+.IX Item "-xkey infile, -xcert infile, -xchain"
+Specify an extra certificate, private key and certificate chain. These behave
+in the same manner as the \fB\-cert\fR, \fB\-key\fR and \fB\-cert_chain\fR options. When
+specified, the callback returning the first valid chain will be in use by the
+client.
+.IP "\fB\-xchain_build\fR" 4
+.IX Item "-xchain_build"
+Specify whether the application should build the certificate chain to be
+provided to the server for the extra certificates provided via \fB\-xkey infile\fR,
+\&\fB\-xcert infile\fR, \fB\-xchain\fR options.
+.IP "\fB\-xcertform PEM|DER\fR, \fB\-xkeyform PEM|DER\fR" 4
+.IX Item "-xcertform PEM|DER, -xkeyform PEM|DER"
+Extra certificate and private key format respectively.
.IP "\fB\-pass arg\fR" 4
.IX Item "-pass arg"
the private key password source. For more information about the format of \fBarg\fR
@@ -232,26 +374,103 @@ will never fail due to a server certificate verify failure.
.IX Item "-verify_return_error"
Return verification errors instead of continuing. This will typically
abort the handshake with a fatal error.
+.IP "\fB\-nameopt option\fR" 4
+.IX Item "-nameopt option"
+Option which determines how the subject or issuer names are displayed. The
+\&\fBoption\fR argument can be a single option or multiple options separated by
+commas. Alternatively the \fB\-nameopt\fR switch may be used more than once to
+set multiple options. See the \fIx509\fR\|(1) manual page for details.
.IP "\fB\-CApath directory\fR" 4
.IX Item "-CApath directory"
The directory to use for server certificate verification. This directory
-must be in \*(L"hash format\*(R", see \fBverify\fR for more information. These are
+must be in \*(L"hash format\*(R", see \fIverify\fR\|(1) for more information. These are
also used when building the client certificate chain.
.IP "\fB\-CAfile file\fR" 4
.IX Item "-CAfile file"
A file containing trusted certificates to use during server authentication
and to use when attempting to build the client certificate chain.
-.IP "\fB\-purpose, \-ignore_critical, \-issuer_checks, \-crl_check, \-crl_check_all, \-policy_check, \-extended_crl, \-x509_strict, \-policy \-check_ss_sig \-no_alt_chains\fR" 4
-.IX Item "-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains"
-Set various certificate chain valiadition option. See the
-\&\fBverify\fR manual page for details.
+.IP "\fB\-chainCApath directory\fR" 4
+.IX Item "-chainCApath directory"
+The directory to use for building the chain provided to the server. This
+directory must be in \*(L"hash format\*(R", see \fIverify\fR\|(1) for more information.
+.IP "\fB\-chainCAfile file\fR" 4
+.IX Item "-chainCAfile file"
+A file containing trusted certificates to use when attempting to build the
+client certificate chain.
+.IP "\fB\-no\-CAfile\fR" 4
+.IX Item "-no-CAfile"
+Do not load the trusted \s-1CA\s0 certificates from the default file location
+.IP "\fB\-no\-CApath\fR" 4
+.IX Item "-no-CApath"
+Do not load the trusted \s-1CA\s0 certificates from the default directory location
+.IP "\fB\-requestCAfile file\fR" 4
+.IX Item "-requestCAfile file"
+A file containing a list of certificates whose subject names will be sent
+to the server in the \fBcertificate_authorities\fR extension. Only supported
+for \s-1TLS 1.3\s0
+.IP "\fB\-dane_tlsa_domain domain\fR" 4
+.IX Item "-dane_tlsa_domain domain"
+Enable \s-1RFC6698/RFC7671 DANE TLSA\s0 authentication and specify the
+\&\s-1TLSA\s0 base domain which becomes the default \s-1SNI\s0 hint and the primary
+reference identifier for hostname checks. This must be used in
+combination with at least one instance of the \fB\-dane_tlsa_rrdata\fR
+option below.
+.Sp
+When \s-1DANE\s0 authentication succeeds, the diagnostic output will include
+the lowest (closest to 0) depth at which a \s-1TLSA\s0 record authenticated
+a chain certificate. When that \s-1TLSA\s0 record is a \*(L"2 1 0\*(R" trust
+anchor public key that signed (rather than matched) the top-most
+certificate of the chain, the result is reported as \*(L"\s-1TA\s0 public key
+verified\*(R". Otherwise, either the \s-1TLSA\s0 record \*(L"matched \s-1TA\s0 certificate\*(R"
+at a positive depth or else \*(L"matched \s-1EE\s0 certificate\*(R" at depth 0.
+.IP "\fB\-dane_tlsa_rrdata rrdata\fR" 4
+.IX Item "-dane_tlsa_rrdata rrdata"
+Use one or more times to specify the \s-1RRDATA\s0 fields of the \s-1DANE TLSA\s0
+RRset associated with the target service. The \fBrrdata\fR value is
+specied in \*(L"presentation form\*(R", that is four whitespace separated
+fields that specify the usage, selector, matching type and associated
+data, with the last of these encoded in hexadecimal. Optional
+whitespace is ignored in the associated data field. For example:
+.Sp
+.Vb 12
+\& $ openssl s_client \-brief \-starttls smtp \e
+\& \-connect smtp.example.com:25 \e
+\& \-dane_tlsa_domain smtp.example.com \e
+\& \-dane_tlsa_rrdata "2 1 1
+\& B111DD8A1C2091A89BD4FD60C57F0716CCE50FEEFF8137CDBEE0326E 02CF362B" \e
+\& \-dane_tlsa_rrdata "2 1 1
+\& 60B87575447DCBA2A36B7D11AC09FB24A9DB406FEE12D2CC90180517 616E8A18"
+\& ...
+\& Verification: OK
+\& Verified peername: smtp.example.com
+\& DANE TLSA 2 1 1 ...ee12d2cc90180517616e8a18 matched TA certificate at depth 1
+\& ...
+.Ve
+.IP "\fB\-dane_ee_no_namechecks\fR" 4
+.IX Item "-dane_ee_no_namechecks"
+This disables server name checks when authenticating via \s-1\fIDANE\-EE\s0\fR\|(3) \s-1TLSA\s0
+records.
+For some applications, primarily web browsers, it is not safe to disable name
+checks due to \*(L"unknown key share\*(R" attacks, in which a malicious server can
+convince a client that a connection to a victim server is instead a secure
+connection to the malicious server.
+The malicious server may then be able to violate cross-origin scripting
+restrictions.
+Thus, despite the text of \s-1RFC7671,\s0 name checks are by default enabled for
+\&\s-1\fIDANE\-EE\s0\fR\|(3) \s-1TLSA\s0 records, and can be disabled in applications where it is safe
+to do so.
+In particular, \s-1SMTP\s0 and \s-1XMPP\s0 clients should set this option as \s-1SRV\s0 and \s-1MX\s0
+records already make it possible for a remote domain to redirect client
+connections to any server of its choice, and in any case \s-1SMTP\s0 and \s-1XMPP\s0 clients
+do not execute scripts downloaded from remote servers.
+.IP "\fB\-attime\fR, \fB\-check_ss_sig\fR, \fB\-crl_check\fR, \fB\-crl_check_all\fR, \fB\-explicit_policy\fR, \fB\-extended_crl\fR, \fB\-ignore_critical\fR, \fB\-inhibit_any\fR, \fB\-inhibit_map\fR, \fB\-no_alt_chains\fR, \fB\-no_check_time\fR, \fB\-partial_chain\fR, \fB\-policy\fR, \fB\-policy_check\fR, \fB\-policy_print\fR, \fB\-purpose\fR, \fB\-suiteB_128\fR, \fB\-suiteB_128_only\fR, \fB\-suiteB_192\fR, \fB\-trusted_first\fR, \fB\-use_deltas\fR, \fB\-auth_level\fR, \fB\-verify_depth\fR, \fB\-verify_email\fR, \fB\-verify_hostname\fR, \fB\-verify_ip\fR, \fB\-verify_name\fR, \fB\-x509_strict\fR" 4
+.IX Item "-attime, -check_ss_sig, -crl_check, -crl_check_all, -explicit_policy, -extended_crl, -ignore_critical, -inhibit_any, -inhibit_map, -no_alt_chains, -no_check_time, -partial_chain, -policy, -policy_check, -policy_print, -purpose, -suiteB_128, -suiteB_128_only, -suiteB_192, -trusted_first, -use_deltas, -auth_level, -verify_depth, -verify_email, -verify_hostname, -verify_ip, -verify_name, -x509_strict"
+Set various certificate chain validation options. See the
+\&\fIverify\fR\|(1) manual page for details.
.IP "\fB\-reconnect\fR" 4
.IX Item "-reconnect"
-reconnects to the same server 5 times using the same session \s-1ID,\s0 this can
+Reconnects to the same server 5 times using the same session \s-1ID,\s0 this can
be used as a test that session caching is working.
-.IP "\fB\-pause\fR" 4
-.IX Item "-pause"
-pauses 1 second between each read and write call.
.IP "\fB\-showcerts\fR" 4
.IX Item "-showcerts"
Displays the server certificate list as sent by the server: it only consists of
@@ -259,7 +478,7 @@ certificates the server has sent (in the order the server has sent them). It is
\&\fBnot\fR a verified chain.
.IP "\fB\-prexit\fR" 4
.IX Item "-prexit"
-print session information when the program exits. This will always attempt
+Print session information when the program exits. This will always attempt
to print out information even if the connection fails. Normally information
will only be printed out once if the connection succeeds. This option is useful
because the cipher in use may be renegotiated or the connection may fail
@@ -269,34 +488,41 @@ option is not always accurate because a connection might never have been
established.
.IP "\fB\-state\fR" 4
.IX Item "-state"
-prints out the \s-1SSL\s0 session states.
+Prints out the \s-1SSL\s0 session states.
.IP "\fB\-debug\fR" 4
.IX Item "-debug"
-print extensive debugging information including a hex dump of all traffic.
+Print extensive debugging information including a hex dump of all traffic.
.IP "\fB\-msg\fR" 4
.IX Item "-msg"
-show all protocol messages with hex dump.
+Show all protocol messages with hex dump.
+.IP "\fB\-trace\fR" 4
+.IX Item "-trace"
+Show verbose trace output of protocol messages. OpenSSL needs to be compiled
+with \fBenable-ssl-trace\fR for this option to work.
+.IP "\fB\-msgfile\fR" 4
+.IX Item "-msgfile"
+File to send output of \fB\-msg\fR or \fB\-trace\fR to, default standard output.
.IP "\fB\-nbio_test\fR" 4
.IX Item "-nbio_test"
-tests non-blocking I/O
+Tests non-blocking I/O
.IP "\fB\-nbio\fR" 4
.IX Item "-nbio"
-turns on non-blocking I/O
+Turns on non-blocking I/O
.IP "\fB\-crlf\fR" 4
.IX Item "-crlf"
-this option translated a line feed from the terminal into \s-1CR+LF\s0 as required
+This option translated a line feed from the terminal into \s-1CR+LF\s0 as required
by some servers.
.IP "\fB\-ign_eof\fR" 4
.IX Item "-ign_eof"
-inhibit shutting down the connection when end of file is reached in the
+Inhibit shutting down the connection when end of file is reached in the
input.
.IP "\fB\-quiet\fR" 4
.IX Item "-quiet"
-inhibit printing of session and certificate information. This implicitly
+Inhibit printing of session and certificate information. This implicitly
turns on \fB\-ign_eof\fR as well.
.IP "\fB\-no_ign_eof\fR" 4
.IX Item "-no_ign_eof"
-shut down the connection when end of file is reached in the input.
+Shut down the connection when end of file is reached in the input.
Can be used to override the implicit \fB\-ign_eof\fR after \fB\-quiet\fR.
.IP "\fB\-psk_identity identity\fR" 4
.IX Item "-psk_identity identity"
@@ -308,18 +534,82 @@ Use the \s-1PSK\s0 key \fBkey\fR when using a \s-1PSK\s0 cipher suite. The key i
given as a hexadecimal number without leading 0x, for example \-psk
1a2b3c4d.
This option must be provided in order to use a \s-1PSK\s0 cipher.
-.IP "\fB\-ssl2\fR, \fB\-ssl3\fR, \fB\-tls1\fR, \fB\-tls1_1\fR, \fB\-tls1_2\fR, \fB\-no_ssl2\fR, \fB\-no_ssl3\fR, \fB\-no_tls1\fR, \fB\-no_tls1_1\fR, \fB\-no_tls1_2\fR" 4
-.IX Item "-ssl2, -ssl3, -tls1, -tls1_1, -tls1_2, -no_ssl2, -no_ssl3, -no_tls1, -no_tls1_1, -no_tls1_2"
+.IP "\fB\-psk_session file\fR" 4
+.IX Item "-psk_session file"
+Use the pem encoded \s-1SSL_SESSION\s0 data stored in \fBfile\fR as the basis of a \s-1PSK.\s0
+Note that this will only work if TLSv1.3 is negotiated.
+.IP "\fB\-ssl3\fR, \fB\-tls1\fR, \fB\-tls1_1\fR, \fB\-tls1_2\fR, \fB\-tls1_3\fR, \fB\-no_ssl3\fR, \fB\-no_tls1\fR, \fB\-no_tls1_1\fR, \fB\-no_tls1_2\fR, \fB\-no_tls1_3\fR" 4
+.IX Item "-ssl3, -tls1, -tls1_1, -tls1_2, -tls1_3, -no_ssl3, -no_tls1, -no_tls1_1, -no_tls1_2, -no_tls1_3"
These options require or disable the use of the specified \s-1SSL\s0 or \s-1TLS\s0 protocols.
-By default the initial handshake uses a \fIversion-flexible\fR method which will
-negotiate the highest mutually supported protocol version.
+By default \fBs_client\fR will negotiate the highest mutually supported protocol
+version.
+When a specific \s-1TLS\s0 version is required, only that version will be offered to
+and accepted from the server.
+Note that not all protocols and flags may be available, depending on how
+OpenSSL was built.
+.IP "\fB\-dtls\fR, \fB\-dtls1\fR, \fB\-dtls1_2\fR" 4
+.IX Item "-dtls, -dtls1, -dtls1_2"
+These options make \fBs_client\fR use \s-1DTLS\s0 protocols instead of \s-1TLS.\s0
+With \fB\-dtls\fR, \fBs_client\fR will negotiate any supported \s-1DTLS\s0 protocol version,
+whilst \fB\-dtls1\fR and \fB\-dtls1_2\fR will only support \s-1DTLS1.0\s0 and \s-1DTLS1.2\s0
+respectively.
+.IP "\fB\-sctp\fR" 4
+.IX Item "-sctp"
+Use \s-1SCTP\s0 for the transport protocol instead of \s-1UDP\s0 in \s-1DTLS.\s0 Must be used in
+conjunction with \fB\-dtls\fR, \fB\-dtls1\fR or \fB\-dtls1_2\fR. This option is only
+available where OpenSSL has support for \s-1SCTP\s0 enabled.
.IP "\fB\-fallback_scsv\fR" 4
.IX Item "-fallback_scsv"
Send \s-1TLS_FALLBACK_SCSV\s0 in the ClientHello.
+.IP "\fB\-async\fR" 4
+.IX Item "-async"
+Switch on asynchronous mode. Cryptographic operations will be performed
+asynchronously. This will only have an effect if an asynchronous capable engine
+is also used via the \fB\-engine\fR option. For test purposes the dummy async engine
+(dasync) can be used (if available).
+.IP "\fB\-max_send_frag int\fR" 4
+.IX Item "-max_send_frag int"
+The maximum size of data fragment to send.
+See \fISSL_CTX_set_max_send_fragment\fR\|(3) for further information.
+.IP "\fB\-split_send_frag int\fR" 4
+.IX Item "-split_send_frag int"
+The size used to split data for encrypt pipelines. If more data is written in
+one go than this value then it will be split into multiple pipelines, up to the
+maximum number of pipelines defined by max_pipelines. This only has an effect if
+a suitable cipher suite has been negotiated, an engine that supports pipelining
+has been loaded, and max_pipelines is greater than 1. See
+\&\fISSL_CTX_set_split_send_fragment\fR\|(3) for further information.
+.IP "\fB\-max_pipelines int\fR" 4
+.IX Item "-max_pipelines int"
+The maximum number of encrypt/decrypt pipelines to be used. This will only have
+an effect if an engine has been loaded that supports pipelining (e.g. the dasync
+engine) and a suitable cipher suite has been negotiated. The default value is 1.
+See \fISSL_CTX_set_max_pipelines\fR\|(3) for further information.
+.IP "\fB\-read_buf int\fR" 4
+.IX Item "-read_buf int"
+The default read buffer size to be used for connections. This will only have an
+effect if the buffer size is larger than the size that would otherwise be used
+and pipelining is in use (see \fISSL_CTX_set_default_read_buffer_len\fR\|(3) for
+further information).
.IP "\fB\-bugs\fR" 4
.IX Item "-bugs"
-there are several known bug in \s-1SSL\s0 and \s-1TLS\s0 implementations. Adding this
+There are several known bug in \s-1SSL\s0 and \s-1TLS\s0 implementations. Adding this
option enables various workarounds.
+.IP "\fB\-comp\fR" 4
+.IX Item "-comp"
+Enables support for \s-1SSL/TLS\s0 compression.
+This option was introduced in OpenSSL 1.1.0.
+\&\s-1TLS\s0 compression is not recommended and is off by default as of
+OpenSSL 1.1.0.
+.IP "\fB\-no_comp\fR" 4
+.IX Item "-no_comp"
+Disables support for \s-1SSL/TLS\s0 compression.
+\&\s-1TLS\s0 compression is not recommended and is off by default as of
+OpenSSL 1.1.0.
+.IP "\fB\-brief\fR" 4
+.IX Item "-brief"
+Only provide a brief summary of connection parameters instead of the
+normal verbose output.
.IP "\fB\-sigalgs sigalglist\fR" 4
.IX Item "-sigalgs sigalglist"
Specifies the list of signature algorithms that are sent by the client.
@@ -328,83 +618,162 @@ For example strings, see \fISSL_CTX_set1_sigalgs\fR\|(3)
.IP "\fB\-curves curvelist\fR" 4
.IX Item "-curves curvelist"
Specifies the list of supported curves to be sent by the client. The curve is
-is ultimately selected by the server. For a list of all curves, use:
+ultimately selected by the server. For a list of all curves, use:
.Sp
.Vb 1
\& $ openssl ecparam \-list_curves
.Ve
.IP "\fB\-cipher cipherlist\fR" 4
.IX Item "-cipher cipherlist"
-this allows the cipher list sent by the client to be modified. Although
-the server determines which cipher suite is used it should take the first
-supported cipher in the list sent by the client. See the \fBciphers\fR
-command for more information.
-.IP "\fB\-serverpref\fR" 4
-.IX Item "-serverpref"
-use the server's cipher preferences; only used for \s-1SSLV2.\s0
+This allows the TLSv1.2 and below cipher list sent by the client to be modified.
+This list will be combined with any TLSv1.3 ciphersuites that have been
+configured. Although the server determines which ciphersuite is used it should
+take the first supported cipher in the list sent by the client. See the
+\&\fBciphers\fR command for more information.
+.IP "\fB\-ciphersuites val\fR" 4
+.IX Item "-ciphersuites val"
+This allows the TLSv1.3 ciphersuites sent by the client to be modified. This
+list will be combined with any TLSv1.2 and below ciphersuites that have been
+configured. Although the server determines which cipher suite is used it should
+take the first supported cipher in the list sent by the client. See the
+\&\fBciphers\fR command for more information. The format for this list is a simple
+colon (\*(L":\*(R") separated list of TLSv1.3 ciphersuite names.
.IP "\fB\-starttls protocol\fR" 4
.IX Item "-starttls protocol"
-send the protocol-specific message(s) to switch to \s-1TLS\s0 for communication.
+Send the protocol-specific message(s) to switch to \s-1TLS\s0 for communication.
\&\fBprotocol\fR is a keyword for the intended protocol. Currently, the only
-supported keywords are \*(L"smtp\*(R", \*(L"pop3\*(R", \*(L"imap\*(R", \*(L"ftp\*(R" and \*(L"xmpp\*(R".
+supported keywords are \*(L"smtp\*(R", \*(L"pop3\*(R", \*(L"imap\*(R", \*(L"ftp\*(R", \*(L"xmpp\*(R", \*(L"xmpp-server\*(R",
+\&\*(L"irc\*(R", \*(L"postgres\*(R", \*(L"mysql\*(R", \*(L"lmtp\*(R", \*(L"nntp\*(R", \*(L"sieve\*(R" and \*(L"ldap\*(R".
+.IP "\fB\-xmpphost hostname\fR" 4
+.IX Item "-xmpphost hostname"
+This option, when used with \*(L"\-starttls xmpp\*(R" or \*(L"\-starttls xmpp-server\*(R",
+specifies the host for the \*(L"to\*(R" attribute of the stream element.
+If this option is not specified, then the host specified with \*(L"\-connect\*(R"
+will be used.
+.Sp
+This option is an alias of the \fB\-name\fR option for \*(L"xmpp\*(R" and \*(L"xmpp-server\*(R".
+.IP "\fB\-name hostname\fR" 4
+.IX Item "-name hostname"
+This option is used to specify hostname information for various protocols
+used with \fB\-starttls\fR option. Currently only \*(L"xmpp\*(R", \*(L"xmpp-server\*(R",
+\&\*(L"smtp\*(R" and \*(L"lmtp\*(R" can utilize this \fB\-name\fR option.
+.Sp
+If this option is used with \*(L"\-starttls xmpp\*(R" or \*(L"\-starttls xmpp-server\*(R",
+if specifies the host for the \*(L"to\*(R" attribute of the stream element. If this
+option is not specified, then the host specified with \*(L"\-connect\*(R" will be used.
+.Sp
+If this option is used with \*(L"\-starttls lmtp\*(R" or \*(L"\-starttls smtp\*(R", it specifies
+the name to use in the \*(L"\s-1LMTP LHLO\*(R"\s0 or \*(L"\s-1SMTP EHLO\*(R"\s0 message, respectively. If
+this option is not specified, then \*(L"mail.example.com\*(R" will be used.
.IP "\fB\-tlsextdebug\fR" 4
.IX Item "-tlsextdebug"
-print out a hex dump of any \s-1TLS\s0 extensions received from the server.
+Print out a hex dump of any \s-1TLS\s0 extensions received from the server.
.IP "\fB\-no_ticket\fR" 4
.IX Item "-no_ticket"
-disable RFC4507bis session ticket support.
+Disable RFC4507bis session ticket support.
.IP "\fB\-sess_out filename\fR" 4
.IX Item "-sess_out filename"
-output \s-1SSL\s0 session to \fBfilename\fR
+Output \s-1SSL\s0 session to \fBfilename\fR.
.IP "\fB\-sess_in sess.pem\fR" 4
.IX Item "-sess_in sess.pem"
-load \s-1SSL\s0 session from \fBfilename\fR. The client will attempt to resume a
+Load \s-1SSL\s0 session from \fBfilename\fR. The client will attempt to resume a
connection from this session.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBs_client\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBs_client\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
-.IP "\fB\-rand file(s)\fR" 4
-.IX Item "-rand file(s)"
-a file or files containing random data used to seed the random number
-generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
-Multiple files can be specified separated by a OS-dependent character.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fB\-serverinfo types\fR" 4
.IX Item "-serverinfo types"
-a list of comma-separated \s-1TLS\s0 Extension Types (numbers between 0 and
+A list of comma-separated \s-1TLS\s0 Extension Types (numbers between 0 and
65535). Each type will be sent as an empty ClientHello \s-1TLS\s0 Extension.
The server's response (if any) will be encoded and displayed as a \s-1PEM\s0
file.
.IP "\fB\-status\fR" 4
.IX Item "-status"
-sends a certificate status request to the server (\s-1OCSP\s0 stapling). The server
+Sends a certificate status request to the server (\s-1OCSP\s0 stapling). The server
response (if any) is printed out.
.IP "\fB\-alpn protocols\fR, \fB\-nextprotoneg protocols\fR" 4
.IX Item "-alpn protocols, -nextprotoneg protocols"
-these flags enable the
-Enable the Application-Layer Protocol Negotiation or Next Protocol
-Negotiation extension, respectively. \s-1ALPN\s0 is the \s-1IETF\s0 standard and
-replaces \s-1NPN.\s0
-The \fBprotocols\fR list is a
-comma-separated protocol names that the client should advertise
-support for. The list should contain most wanted protocols first.
-Protocol names are printable \s-1ASCII\s0 strings, for example \*(L"http/1.1\*(R" or
-\&\*(L"spdy/3\*(R".
-Empty list of protocols is treated specially and will cause the client to
-advertise support for the \s-1TLS\s0 extension but disconnect just after
-reciving ServerHello with a list of server supported protocols.
+These flags enable the Enable the Application-Layer Protocol Negotiation
+or Next Protocol Negotiation (\s-1NPN\s0) extension, respectively. \s-1ALPN\s0 is the
+\&\s-1IETF\s0 standard and replaces \s-1NPN.\s0
+The \fBprotocols\fR list is a comma-separated list of protocol names that
+the client should advertise support for. The list should contain the most
+desirable protocols first. Protocol names are printable \s-1ASCII\s0 strings,
+for example \*(L"http/1.1\*(R" or \*(L"spdy/3\*(R".
+An empty list of protocols is treated specially and will cause the
+client to advertise support for the \s-1TLS\s0 extension but disconnect just
+after receiving ServerHello with a list of server supported protocols.
+The flag \fB\-nextprotoneg\fR cannot be specified if \fB\-tls1_3\fR is used.
+.IP "\fB\-ct\fR, \fB\-noct\fR" 4
+.IX Item "-ct, -noct"
+Use one of these two options to control whether Certificate Transparency (\s-1CT\s0)
+is enabled (\fB\-ct\fR) or disabled (\fB\-noct\fR).
+If \s-1CT\s0 is enabled, signed certificate timestamps (SCTs) will be requested from
+the server and reported at handshake completion.
+.Sp
+Enabling \s-1CT\s0 also enables \s-1OCSP\s0 stapling, as this is one possible delivery method
+for SCTs.
+.IP "\fB\-ctlogfile\fR" 4
+.IX Item "-ctlogfile"
+A file containing a list of known Certificate Transparency logs. See
+\&\fISSL_CTX_set_ctlog_list_file\fR\|(3) for the expected file format.
+.IP "\fB\-keylogfile file\fR" 4
+.IX Item "-keylogfile file"
+Appends \s-1TLS\s0 secrets to the specified keylog file such that external programs
+(like Wireshark) can decrypt \s-1TLS\s0 connections.
+.IP "\fB\-early_data file\fR" 4
+.IX Item "-early_data file"
+Reads the contents of the specified file and attempts to send it as early data
+to the server. This will only work with resumed sessions that support early
+data and when the server accepts the early data.
+.IP "\fB\-enable_pha\fR" 4
+.IX Item "-enable_pha"
+For TLSv1.3 only, send the Post-Handshake Authentication extension. This will
+happen whether or not a certificate has been provided via \fB\-cert\fR.
+.IP "\fB[target]\fR" 4
+.IX Item "[target]"
+Rather than providing \fB\-connect\fR, the target hostname and optional port may
+be provided as a single positional argument after all options. If neither this
+nor \fB\-connect\fR are provided, falls back to attempting to connect to localhost
+on port 4433.
.SH "CONNECTED COMMANDS"
.IX Header "CONNECTED COMMANDS"
If a connection is established with an \s-1SSL\s0 server then any data received
from the server is displayed and any key presses will be sent to the
-server. When used interactively (which means neither \fB\-quiet\fR nor \fB\-ign_eof\fR
-have been given), the session will be renegotiated if the line begins with an
-\&\fBR\fR, and if the line begins with a \fBQ\fR or if end of file is reached, the
-connection will be closed down.
+server. If end of file is reached then the connection will be closed down. When
+used interactively (which means neither \fB\-quiet\fR nor \fB\-ign_eof\fR have been
+given), then certain commands are also recognized which perform special
+operations. These commands are a letter which must appear at the start of a
+line. They are listed below.
+.IP "\fBQ\fR" 4
+.IX Item "Q"
+End the current \s-1SSL\s0 connection and exit.
+.IP "\fBR\fR" 4
+.IX Item "R"
+Renegotiate the \s-1SSL\s0 session (TLSv1.2 and below only).
+.IP "\fBB\fR" 4
+.IX Item "B"
+Send a heartbeat message to the server (\s-1DTLS\s0 only)
+.IP "\fBk\fR" 4
+.IX Item "k"
+Send a key update message to the server (TLSv1.3 only)
+.IP "\fBK\fR" 4
+.IX Item "K"
+Send a key update message to the server and request one back (TLSv1.3 only)
.SH "NOTES"
.IX Header "NOTES"
\&\fBs_client\fR can be used to debug \s-1SSL\s0 servers. To connect to an \s-1SSL HTTP\s0
@@ -418,8 +787,8 @@ would typically be used (https uses port 443). If the connection succeeds
then an \s-1HTTP\s0 command can be given such as \*(L"\s-1GET /\*(R"\s0 to retrieve a web page.
.PP
If the handshake fails then there are several possible causes, if it is
-nothing obvious like no client certificate then the \fB\-bugs\fR, \fB\-ssl2\fR,
-\&\fB\-ssl3\fR, \fB\-tls1\fR, \fB\-no_ssl2\fR, \fB\-no_ssl3\fR, \fB\-no_tls1\fR options can be tried
+nothing obvious like no client certificate then the \fB\-bugs\fR,
+\&\fB\-ssl3\fR, \fB\-tls1\fR, \fB\-no_ssl3\fR, \fB\-no_tls1\fR options can be tried
in case it is a buggy server. In particular you should play with these
options \fBbefore\fR submitting a bug report to an OpenSSL mailing list.
.PP
@@ -442,28 +811,38 @@ If there are problems verifying a server certificate then the
\&\fB\-showcerts\fR option can be used to show all the certificates sent by the
server.
.PP
-Since the SSLv23 client hello cannot include compression methods or extensions
-these will only be supported if its use is disabled, for example by using the
-\&\fB\-no_sslv2\fR option.
-.PP
The \fBs_client\fR utility is a test tool and is designed to continue the
handshake after any certificate verification errors. As a result it will
accept any certificate chain (trusted or not) sent by the peer. None test
applications should \fBnot\fR do this as it makes them vulnerable to a \s-1MITM\s0
attack. This behaviour can be changed by with the \fB\-verify_return_error\fR
option: any verify errors are then returned aborting the handshake.
+.PP
+The \fB\-bind\fR option may be useful if the server or a firewall requires
+connections to come from some particular address and or port.
.SH "BUGS"
.IX Header "BUGS"
-Because this program has a lot of options and also because some of
-the techniques used are rather old, the C source of s_client is rather
-hard to read and not a model of how things should be done. A typical
-\&\s-1SSL\s0 client program would be much simpler.
+Because this program has a lot of options and also because some of the
+techniques used are rather old, the C source of \fBs_client\fR is rather hard to
+read and not a model of how things should be done.
+A typical \s-1SSL\s0 client program would be much simpler.
.PP
The \fB\-prexit\fR option is a bit of a hack. We should really report
information whenever a session is renegotiated.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
-\&\fIsess_id\fR\|(1), \fIs_server\fR\|(1), \fIciphers\fR\|(1)
+\&\fISSL_CONF_cmd\fR\|(3), \fIsess_id\fR\|(1), \fIs_server\fR\|(1), \fIciphers\fR\|(1),
+\&\fISSL_CTX_set_max_send_fragment\fR\|(3), \fISSL_CTX_set_split_send_fragment\fR\|(3),
+\&\fISSL_CTX_set_max_pipelines\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
-The \-no_alt_chains options was first added to OpenSSL 1.0.2b.
+The \fB\-no_alt_chains\fR option was first added to OpenSSL 1.1.0.
+The \fB\-name\fR option was added in OpenSSL 1.1.1.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/s_server.1 b/secure/usr.bin/openssl/man/s_server.1
index 9e3198ad82a9..109d65719f85 100644
--- a/secure/usr.bin/openssl/man/s_server.1
+++ b/secure/usr.bin/openssl/man/s_server.1
@@ -129,111 +129,284 @@
.\" ========================================================================
.\"
.IX Title "S_SERVER 1"
-.TH S_SERVER 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH S_SERVER 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-s_server,
-s_server \- SSL/TLS server program
+openssl\-s_server, s_server \- SSL/TLS server program
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBs_server\fR
-[\fB\-accept port\fR]
-[\fB\-context id\fR]
-[\fB\-verify depth\fR]
-[\fB\-Verify depth\fR]
-[\fB\-crl_check\fR]
-[\fB\-crl_check_all\fR]
-[\fB\-cert filename\fR]
-[\fB\-certform DER|PEM\fR]
-[\fB\-key keyfile\fR]
-[\fB\-keyform DER|PEM\fR]
-[\fB\-pass arg\fR]
-[\fB\-dcert filename\fR]
-[\fB\-dcertform DER|PEM\fR]
-[\fB\-dkey keyfile\fR]
-[\fB\-dkeyform DER|PEM\fR]
-[\fB\-dpass arg\fR]
-[\fB\-dhparam filename\fR]
-[\fB\-nbio\fR]
+[\fB\-help\fR]
+[\fB\-port +int\fR]
+[\fB\-accept val\fR]
+[\fB\-unix val\fR]
+[\fB\-4\fR]
+[\fB\-6\fR]
+[\fB\-unlink\fR]
+[\fB\-context val\fR]
+[\fB\-verify int\fR]
+[\fB\-Verify int\fR]
+[\fB\-cert infile\fR]
+[\fB\-nameopt val\fR]
+[\fB\-naccept +int\fR]
+[\fB\-serverinfo val\fR]
+[\fB\-certform PEM|DER\fR]
+[\fB\-key infile\fR]
+[\fB\-keyform format\fR]
+[\fB\-pass val\fR]
+[\fB\-dcert infile\fR]
+[\fB\-dcertform PEM|DER\fR]
+[\fB\-dkey infile\fR]
+[\fB\-dkeyform PEM|DER\fR]
+[\fB\-dpass val\fR]
[\fB\-nbio_test\fR]
[\fB\-crlf\fR]
[\fB\-debug\fR]
[\fB\-msg\fR]
+[\fB\-msgfile outfile\fR]
[\fB\-state\fR]
-[\fB\-CApath directory\fR]
-[\fB\-CAfile filename\fR]
-[\fB\-no_alt_chains\fR]
+[\fB\-CAfile infile\fR]
+[\fB\-CApath dir\fR]
+[\fB\-no\-CAfile\fR]
+[\fB\-no\-CApath\fR]
[\fB\-nocert\fR]
-[\fB\-client_sigalgs sigalglist\fR]
-[\fB\-named_curve curve\fR]
-[\fB\-cipher cipherlist\fR]
-[\fB\-serverpref\fR]
[\fB\-quiet\fR]
-[\fB\-no_tmp_rsa\fR]
-[\fB\-ssl2\fR]
-[\fB\-ssl3\fR]
-[\fB\-tls1\fR]
-[\fB\-no_ssl2\fR]
-[\fB\-no_ssl3\fR]
-[\fB\-no_tls1\fR]
-[\fB\-no_dhe\fR]
-[\fB\-bugs\fR]
-[\fB\-hack\fR]
+[\fB\-no_resume_ephemeral\fR]
[\fB\-www\fR]
[\fB\-WWW\fR]
-[\fB\-HTTP\fR]
-[\fB\-engine id\fR]
+[\fB\-servername\fR]
+[\fB\-servername_fatal\fR]
+[\fB\-cert2 infile\fR]
+[\fB\-key2 infile\fR]
[\fB\-tlsextdebug\fR]
-[\fB\-no_ticket\fR]
-[\fB\-id_prefix arg\fR]
-[\fB\-rand file(s)\fR]
-[\fB\-serverinfo file\fR]
-[\fB\-no_resumption_on_reneg\fR]
+[\fB\-HTTP\fR]
+[\fB\-id_prefix val\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
+[\fB\-keymatexport val\fR]
+[\fB\-keymatexportlen +int\fR]
+[\fB\-CRL infile\fR]
+[\fB\-crl_download\fR]
+[\fB\-cert_chain infile\fR]
+[\fB\-dcert_chain infile\fR]
+[\fB\-chainCApath dir\fR]
+[\fB\-verifyCApath dir\fR]
+[\fB\-no_cache\fR]
+[\fB\-ext_cache\fR]
+[\fB\-CRLform PEM|DER\fR]
+[\fB\-verify_return_error\fR]
+[\fB\-verify_quiet\fR]
+[\fB\-build_chain\fR]
+[\fB\-chainCAfile infile\fR]
+[\fB\-verifyCAfile infile\fR]
+[\fB\-ign_eof\fR]
+[\fB\-no_ign_eof\fR]
[\fB\-status\fR]
[\fB\-status_verbose\fR]
-[\fB\-status_timeout nsec\fR]
-[\fB\-status_url url\fR]
-[\fB\-alpn protocols\fR]
-[\fB\-nextprotoneg protocols\fR]
+[\fB\-status_timeout int\fR]
+[\fB\-status_url val\fR]
+[\fB\-status_file infile\fR]
+[\fB\-trace\fR]
+[\fB\-security_debug\fR]
+[\fB\-security_debug_verbose\fR]
+[\fB\-brief\fR]
+[\fB\-rev\fR]
+[\fB\-async\fR]
+[\fB\-ssl_config val\fR]
+[\fB\-max_send_frag +int\fR]
+[\fB\-split_send_frag +int\fR]
+[\fB\-max_pipelines +int\fR]
+[\fB\-read_buf +int\fR]
+[\fB\-no_ssl3\fR]
+[\fB\-no_tls1\fR]
+[\fB\-no_tls1_1\fR]
+[\fB\-no_tls1_2\fR]
+[\fB\-no_tls1_3\fR]
+[\fB\-bugs\fR]
+[\fB\-no_comp\fR]
+[\fB\-comp\fR]
+[\fB\-no_ticket\fR]
+[\fB\-serverpref\fR]
+[\fB\-legacy_renegotiation\fR]
+[\fB\-no_renegotiation\fR]
+[\fB\-legacy_server_connect\fR]
+[\fB\-no_resumption_on_reneg\fR]
+[\fB\-no_legacy_server_connect\fR]
+[\fB\-allow_no_dhe_kex\fR]
+[\fB\-prioritize_chacha\fR]
+[\fB\-strict\fR]
+[\fB\-sigalgs val\fR]
+[\fB\-client_sigalgs val\fR]
+[\fB\-groups val\fR]
+[\fB\-curves val\fR]
+[\fB\-named_curve val\fR]
+[\fB\-cipher val\fR]
+[\fB\-ciphersuites val\fR]
+[\fB\-dhparam infile\fR]
+[\fB\-record_padding val\fR]
+[\fB\-debug_broken_protocol\fR]
+[\fB\-policy val\fR]
+[\fB\-purpose val\fR]
+[\fB\-verify_name val\fR]
+[\fB\-verify_depth int\fR]
+[\fB\-auth_level int\fR]
+[\fB\-attime intmax\fR]
+[\fB\-verify_hostname val\fR]
+[\fB\-verify_email val\fR]
+[\fB\-verify_ip\fR]
+[\fB\-ignore_critical\fR]
+[\fB\-issuer_checks\fR]
+[\fB\-crl_check\fR]
+[\fB\-crl_check_all\fR]
+[\fB\-policy_check\fR]
+[\fB\-explicit_policy\fR]
+[\fB\-inhibit_any\fR]
+[\fB\-inhibit_map\fR]
+[\fB\-x509_strict\fR]
+[\fB\-extended_crl\fR]
+[\fB\-use_deltas\fR]
+[\fB\-policy_print\fR]
+[\fB\-check_ss_sig\fR]
+[\fB\-trusted_first\fR]
+[\fB\-suiteB_128_only\fR]
+[\fB\-suiteB_128\fR]
+[\fB\-suiteB_192\fR]
+[\fB\-partial_chain\fR]
+[\fB\-no_alt_chains\fR]
+[\fB\-no_check_time\fR]
+[\fB\-allow_proxy_certs\fR]
+[\fB\-xkey\fR]
+[\fB\-xcert\fR]
+[\fB\-xchain\fR]
+[\fB\-xchain_build\fR]
+[\fB\-xcertform PEM|DER\fR]
+[\fB\-xkeyform PEM|DER\fR]
+[\fB\-nbio\fR]
+[\fB\-psk_identity val\fR]
+[\fB\-psk_hint val\fR]
+[\fB\-psk val\fR]
+[\fB\-psk_session file\fR]
+[\fB\-srpvfile infile\fR]
+[\fB\-srpuserseed val\fR]
+[\fB\-ssl3\fR]
+[\fB\-tls1\fR]
+[\fB\-tls1_1\fR]
+[\fB\-tls1_2\fR]
+[\fB\-tls1_3\fR]
+[\fB\-dtls\fR]
+[\fB\-timeout\fR]
+[\fB\-mtu +int\fR]
+[\fB\-listen\fR]
+[\fB\-dtls1\fR]
+[\fB\-dtls1_2\fR]
+[\fB\-sctp\fR]
+[\fB\-no_dhe\fR]
+[\fB\-nextprotoneg val\fR]
+[\fB\-use_srtp val\fR]
+[\fB\-alpn val\fR]
+[\fB\-engine val\fR]
+[\fB\-keylogfile outfile\fR]
+[\fB\-max_early_data int\fR]
+[\fB\-early_data\fR]
+[\fB\-anti_replay\fR]
+[\fB\-no_anti_replay\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBs_server\fR command implements a generic \s-1SSL/TLS\s0 server which listens
for connections on a given port using \s-1SSL/TLS.\s0
.SH "OPTIONS"
.IX Header "OPTIONS"
-.IP "\fB\-accept port\fR" 4
-.IX Item "-accept port"
-the \s-1TCP\s0 port to listen on for connections. If not specified 4433 is used.
-.IP "\fB\-context id\fR" 4
-.IX Item "-context id"
-sets the \s-1SSL\s0 context id. It can be given any string value. If this option
+In addition to the options below the \fBs_server\fR utility also supports the
+common and server only options documented in the
+in the \*(L"Supported Command Line Commands\*(R" section of the \fISSL_CONF_cmd\fR\|(3)
+manual page.
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
+.IP "\fB\-port +int\fR" 4
+.IX Item "-port +int"
+The \s-1TCP\s0 port to listen on for connections. If not specified 4433 is used.
+.IP "\fB\-accept val\fR" 4
+.IX Item "-accept val"
+The optional \s-1TCP\s0 host and port to listen on for connections. If not specified, *:4433 is used.
+.IP "\fB\-unix val\fR" 4
+.IX Item "-unix val"
+Unix domain socket to accept on.
+.IP "\fB\-4\fR" 4
+.IX Item "-4"
+Use IPv4 only.
+.IP "\fB\-6\fR" 4
+.IX Item "-6"
+Use IPv6 only.
+.IP "\fB\-unlink\fR" 4
+.IX Item "-unlink"
+For \-unix, unlink any existing socket first.
+.IP "\fB\-context val\fR" 4
+.IX Item "-context val"
+Sets the \s-1SSL\s0 context id. It can be given any string value. If this option
is not present a default value will be used.
-.IP "\fB\-cert certname\fR" 4
-.IX Item "-cert certname"
+.IP "\fB\-verify int\fR, \fB\-Verify int\fR" 4
+.IX Item "-verify int, -Verify int"
+The verify depth to use. This specifies the maximum length of the
+client certificate chain and makes the server request a certificate from
+the client. With the \fB\-verify\fR option a certificate is requested but the
+client does not have to send one, with the \fB\-Verify\fR option the client
+must supply a certificate or an error occurs.
+.Sp
+If the cipher suite cannot request a client certificate (for example an
+anonymous cipher suite or \s-1PSK\s0) this option has no effect.
+.IP "\fB\-cert infile\fR" 4
+.IX Item "-cert infile"
The certificate to use, most servers cipher suites require the use of a
certificate and some require a certificate with a certain public key type:
for example the \s-1DSS\s0 cipher suites require a certificate containing a \s-1DSS\s0
(\s-1DSA\s0) key. If not specified then the filename \*(L"server.pem\*(R" will be used.
-.IP "\fB\-certform format\fR" 4
-.IX Item "-certform format"
+.IP "\fB\-cert_chain\fR" 4
+.IX Item "-cert_chain"
+A file containing trusted certificates to use when attempting to build the
+client/server certificate chain related to the certificate specified via the
+\&\fB\-cert\fR option.
+.IP "\fB\-build_chain\fR" 4
+.IX Item "-build_chain"
+Specify whether the application should build the certificate chain to be
+provided to the client.
+.IP "\fB\-nameopt val\fR" 4
+.IX Item "-nameopt val"
+Option which determines how the subject or issuer names are displayed. The
+\&\fBval\fR argument can be a single option or multiple options separated by
+commas. Alternatively the \fB\-nameopt\fR switch may be used more than once to
+set multiple options. See the \fIx509\fR\|(1) manual page for details.
+.IP "\fB\-naccept +int\fR" 4
+.IX Item "-naccept +int"
+The server will exit after receiving the specified number of connections,
+default unlimited.
+.IP "\fB\-serverinfo val\fR" 4
+.IX Item "-serverinfo val"
+A file containing one or more blocks of \s-1PEM\s0 data. Each \s-1PEM\s0 block
+must encode a \s-1TLS\s0 ServerHello extension (2 bytes type, 2 bytes length,
+followed by \*(L"length\*(R" bytes of extension data). If the client sends
+an empty \s-1TLS\s0 ClientHello extension matching the type, the corresponding
+ServerHello extension will be returned.
+.IP "\fB\-certform PEM|DER\fR" 4
+.IX Item "-certform PEM|DER"
The certificate format to use: \s-1DER\s0 or \s-1PEM. PEM\s0 is the default.
-.IP "\fB\-key keyfile\fR" 4
-.IX Item "-key keyfile"
+.IP "\fB\-key infile\fR" 4
+.IX Item "-key infile"
The private key to use. If not specified then the certificate file will
be used.
.IP "\fB\-keyform format\fR" 4
.IX Item "-keyform format"
The private format to use: \s-1DER\s0 or \s-1PEM. PEM\s0 is the default.
-.IP "\fB\-pass arg\fR" 4
-.IX Item "-pass arg"
-the private key password source. For more information about the format of \fBarg\fR
+.IP "\fB\-pass val\fR" 4
+.IX Item "-pass val"
+The private key password source. For more information about the format of \fBval\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
-.IP "\fB\-dcert filename\fR, \fB\-dkey keyname\fR" 4
-.IX Item "-dcert filename, -dkey keyname"
-specify an additional certificate and private key, these behave in the
+.IP "\fB\-dcert infile\fR, \fB\-dkey infile\fR" 4
+.IX Item "-dcert infile, -dkey infile"
+Specify an additional certificate and private key, these behave in the
same manner as the \fB\-cert\fR and \fB\-key\fR options except there is no default
if they are not specified (no additional certificate and key is used). As
noted above some cipher suites require a certificate containing a key of
@@ -241,228 +414,387 @@ a certain type. Some cipher suites need a certificate carrying an \s-1RSA\s0 key
and some a \s-1DSS\s0 (\s-1DSA\s0) key. By using \s-1RSA\s0 and \s-1DSS\s0 certificates and keys
a server can support clients which only support \s-1RSA\s0 or \s-1DSS\s0 cipher suites
by using an appropriate certificate.
-.IP "\fB\-dcertform format\fR, \fB\-dkeyform format\fR, \fB\-dpass arg\fR" 4
-.IX Item "-dcertform format, -dkeyform format, -dpass arg"
-additional certificate and private key format and passphrase respectively.
-.IP "\fB\-nocert\fR" 4
-.IX Item "-nocert"
-if this option is set then no certificate is used. This restricts the
-cipher suites available to the anonymous ones (currently just anonymous
-\&\s-1DH\s0).
-.IP "\fB\-dhparam filename\fR" 4
-.IX Item "-dhparam filename"
-the \s-1DH\s0 parameter file to use. The ephemeral \s-1DH\s0 cipher suites generate keys
-using a set of \s-1DH\s0 parameters. If not specified then an attempt is made to
-load the parameters from the server certificate file. If this fails then
-a static set of parameters hard coded into the s_server program will be used.
-.IP "\fB\-no_dhe\fR" 4
-.IX Item "-no_dhe"
-if this option is set then no \s-1DH\s0 parameters will be loaded effectively
-disabling the ephemeral \s-1DH\s0 cipher suites.
-.IP "\fB\-no_tmp_rsa\fR" 4
-.IX Item "-no_tmp_rsa"
-certain export cipher suites sometimes use a temporary \s-1RSA\s0 key, this option
-disables temporary \s-1RSA\s0 key generation.
-.IP "\fB\-verify depth\fR, \fB\-Verify depth\fR" 4
-.IX Item "-verify depth, -Verify depth"
-The verify depth to use. This specifies the maximum length of the
-client certificate chain and makes the server request a certificate from
-the client. With the \fB\-verify\fR option a certificate is requested but the
-client does not have to send one, with the \fB\-Verify\fR option the client
-must supply a certificate or an error occurs.
-.Sp
-If the ciphersuite cannot request a client certificate (for example an
-anonymous ciphersuite or \s-1PSK\s0) this option has no effect.
-.IP "\fB\-crl_check\fR, \fB\-crl_check_all\fR" 4
-.IX Item "-crl_check, -crl_check_all"
-Check the peer certificate has not been revoked by its \s-1CA.\s0
-The \s-1CRL\s0(s) are appended to the certificate file. With the \fB\-crl_check_all\fR
-option all CRLs of all CAs in the chain are checked.
-.IP "\fB\-CApath directory\fR" 4
-.IX Item "-CApath directory"
-The directory to use for client certificate verification. This directory
-must be in \*(L"hash format\*(R", see \fBverify\fR for more information. These are
-also used when building the server certificate chain.
-.IP "\fB\-CAfile file\fR" 4
-.IX Item "-CAfile file"
-A file containing trusted certificates to use during client authentication
-and to use when attempting to build the server certificate chain. The list
-is also used in the list of acceptable client CAs passed to the client when
-a certificate is requested.
-.IP "\fB\-no_alt_chains\fR" 4
-.IX Item "-no_alt_chains"
-See the \fBverify\fR manual page for details.
-.IP "\fB\-state\fR" 4
-.IX Item "-state"
-prints out the \s-1SSL\s0 session states.
-.IP "\fB\-debug\fR" 4
-.IX Item "-debug"
-print extensive debugging information including a hex dump of all traffic.
-.IP "\fB\-msg\fR" 4
-.IX Item "-msg"
-show all protocol messages with hex dump.
+.IP "\fB\-dcert_chain\fR" 4
+.IX Item "-dcert_chain"
+A file containing trusted certificates to use when attempting to build the
+server certificate chain when a certificate specified via the \fB\-dcert\fR option
+is in use.
+.IP "\fB\-dcertform PEM|DER\fR, \fB\-dkeyform PEM|DER\fR, \fB\-dpass val\fR" 4
+.IX Item "-dcertform PEM|DER, -dkeyform PEM|DER, -dpass val"
+Additional certificate and private key format and passphrase respectively.
+.IP "\fB\-xkey infile\fR, \fB\-xcert infile\fR, \fB\-xchain\fR" 4
+.IX Item "-xkey infile, -xcert infile, -xchain"
+Specify an extra certificate, private key and certificate chain. These behave
+in the same manner as the \fB\-cert\fR, \fB\-key\fR and \fB\-cert_chain\fR options. When
+specified, the callback returning the first valid chain will be in use by
+the server.
+.IP "\fB\-xchain_build\fR" 4
+.IX Item "-xchain_build"
+Specify whether the application should build the certificate chain to be
+provided to the client for the extra certificates provided via \fB\-xkey infile\fR,
+\&\fB\-xcert infile\fR, \fB\-xchain\fR options.
+.IP "\fB\-xcertform PEM|DER\fR, \fB\-xkeyform PEM|DER\fR" 4
+.IX Item "-xcertform PEM|DER, -xkeyform PEM|DER"
+Extra certificate and private key format respectively.
.IP "\fB\-nbio_test\fR" 4
.IX Item "-nbio_test"
-tests non blocking I/O
-.IP "\fB\-nbio\fR" 4
-.IX Item "-nbio"
-turns on non blocking I/O
+Tests non blocking I/O.
.IP "\fB\-crlf\fR" 4
.IX Item "-crlf"
-this option translated a line feed from the terminal into \s-1CR+LF.\s0
+This option translated a line feed from the terminal into \s-1CR+LF.\s0
+.IP "\fB\-debug\fR" 4
+.IX Item "-debug"
+Print extensive debugging information including a hex dump of all traffic.
+.IP "\fB\-msg\fR" 4
+.IX Item "-msg"
+Show all protocol messages with hex dump.
+.IP "\fB\-msgfile outfile\fR" 4
+.IX Item "-msgfile outfile"
+File to send output of \fB\-msg\fR or \fB\-trace\fR to, default standard output.
+.IP "\fB\-state\fR" 4
+.IX Item "-state"
+Prints the \s-1SSL\s0 session states.
+.IP "\fB\-CAfile infile\fR" 4
+.IX Item "-CAfile infile"
+A file containing trusted certificates to use during client authentication
+and to use when attempting to build the server certificate chain. The list
+is also used in the list of acceptable client CAs passed to the client when
+a certificate is requested.
+.IP "\fB\-CApath dir\fR" 4
+.IX Item "-CApath dir"
+The directory to use for client certificate verification. This directory
+must be in \*(L"hash format\*(R", see \fIverify\fR\|(1) for more information. These are
+also used when building the server certificate chain.
+.IP "\fB\-chainCApath dir\fR" 4
+.IX Item "-chainCApath dir"
+The directory to use for building the chain provided to the client. This
+directory must be in \*(L"hash format\*(R", see \fIverify\fR\|(1) for more information.
+.IP "\fB\-chainCAfile file\fR" 4
+.IX Item "-chainCAfile file"
+A file containing trusted certificates to use when attempting to build the
+server certificate chain.
+.IP "\fB\-no\-CAfile\fR" 4
+.IX Item "-no-CAfile"
+Do not load the trusted \s-1CA\s0 certificates from the default file location.
+.IP "\fB\-no\-CApath\fR" 4
+.IX Item "-no-CApath"
+Do not load the trusted \s-1CA\s0 certificates from the default directory location.
+.IP "\fB\-nocert\fR" 4
+.IX Item "-nocert"
+If this option is set then no certificate is used. This restricts the
+cipher suites available to the anonymous ones (currently just anonymous
+\&\s-1DH\s0).
.IP "\fB\-quiet\fR" 4
.IX Item "-quiet"
-inhibit printing of session and certificate information.
-.IP "\fB\-psk_hint hint\fR" 4
-.IX Item "-psk_hint hint"
-Use the \s-1PSK\s0 identity hint \fBhint\fR when using a \s-1PSK\s0 cipher suite.
-.IP "\fB\-psk key\fR" 4
-.IX Item "-psk key"
-Use the \s-1PSK\s0 key \fBkey\fR when using a \s-1PSK\s0 cipher suite. The key is
-given as a hexadecimal number without leading 0x, for example \-psk
-1a2b3c4d.
-This option must be provided in order to use a \s-1PSK\s0 cipher.
-.IP "\fB\-ssl2\fR, \fB\-ssl3\fR, \fB\-tls1\fR, \fB\-tls1_1\fR, \fB\-tls1_2\fR, \fB\-no_ssl2\fR, \fB\-no_ssl3\fR, \fB\-no_tls1\fR, \fB\-no_tls1_1\fR, \fB\-no_tls1_2\fR" 4
-.IX Item "-ssl2, -ssl3, -tls1, -tls1_1, -tls1_2, -no_ssl2, -no_ssl3, -no_tls1, -no_tls1_1, -no_tls1_2"
-These options require or disable the use of the specified \s-1SSL\s0 or \s-1TLS\s0 protocols.
-By default the initial handshake uses a \fIversion-flexible\fR method which will
-negotiate the highest mutually supported protocol version.
-.IP "\fB\-bugs\fR" 4
-.IX Item "-bugs"
-there are several known bug in \s-1SSL\s0 and \s-1TLS\s0 implementations. Adding this
-option enables various workarounds.
-.IP "\fB\-hack\fR" 4
-.IX Item "-hack"
-this option enables a further workaround for some some early Netscape
-\&\s-1SSL\s0 code (?).
-.IP "\fB\-client_sigalgs sigalglist\fR" 4
-.IX Item "-client_sigalgs sigalglist"
-Signature algorithms to support for client certificate authentication
-(colon-separated list)
-.IP "\fB\-named_curve curve\fR" 4
-.IX Item "-named_curve curve"
-Specifies the elliptic curve to use. \s-1NOTE:\s0 this is single curve, not a list.
-For a list of all possible curves, use:
-.Sp
-.Vb 1
-\& $ openssl ecparam \-list_curves
-.Ve
-.IP "\fB\-cipher cipherlist\fR" 4
-.IX Item "-cipher cipherlist"
-this allows the cipher list used by the server to be modified. When
-the client sends a list of supported ciphers the first client cipher
-also included in the server list is used. Because the client specifies
-the preference order, the order of the server cipherlist irrelevant. See
-the \fBciphers\fR command for more information.
-.IP "\fB\-serverpref\fR" 4
-.IX Item "-serverpref"
-use the server's cipher preferences, rather than the client's preferences.
-.IP "\fB\-tlsextdebug\fR" 4
-.IX Item "-tlsextdebug"
-print out a hex dump of any \s-1TLS\s0 extensions received from the server.
-.IP "\fB\-no_ticket\fR" 4
-.IX Item "-no_ticket"
-disable RFC4507bis session ticket support.
+Inhibit printing of session and certificate information.
.IP "\fB\-www\fR" 4
.IX Item "-www"
-sends a status message back to the client when it connects. This includes
-lots of information about the ciphers used and various session parameters.
+Sends a status message back to the client when it connects. This includes
+information about the ciphers used and various session parameters.
The output is in \s-1HTML\s0 format so this option will normally be used with a
web browser.
.IP "\fB\-WWW\fR" 4
.IX Item "-WWW"
-emulates a simple web server. Pages will be resolved relative to the
+Emulates a simple web server. Pages will be resolved relative to the
current directory, for example if the \s-1URL\s0 https://myhost/page.html is
requested the file ./page.html will be loaded.
+.IP "\fB\-tlsextdebug\fR" 4
+.IX Item "-tlsextdebug"
+Print a hex dump of any \s-1TLS\s0 extensions received from the server.
.IP "\fB\-HTTP\fR" 4
.IX Item "-HTTP"
-emulates a simple web server. Pages will be resolved relative to the
+Emulates a simple web server. Pages will be resolved relative to the
current directory, for example if the \s-1URL\s0 https://myhost/page.html is
requested the file ./page.html will be loaded. The files loaded are
assumed to contain a complete and correct \s-1HTTP\s0 response (lines that
are part of the \s-1HTTP\s0 response line and headers must end with \s-1CRLF\s0).
-.IP "\fB\-engine id\fR" 4
-.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBs_server\fR
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-.IP "\fB\-id_prefix arg\fR" 4
-.IX Item "-id_prefix arg"
-generate \s-1SSL/TLS\s0 session IDs prefixed by \fBarg\fR. This is mostly useful
+.IP "\fB\-id_prefix val\fR" 4
+.IX Item "-id_prefix val"
+Generate \s-1SSL/TLS\s0 session IDs prefixed by \fBval\fR. This is mostly useful
for testing any \s-1SSL/TLS\s0 code (eg. proxies) that wish to deal with multiple
servers, when each of which might be generating a unique range of session
IDs (eg. with a certain prefix).
-.IP "\fB\-rand file(s)\fR" 4
-.IX Item "-rand file(s)"
-a file or files containing random data used to seed the random number
-generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
-Multiple files can be specified separated by a OS-dependent character.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
-.IP "\fB\-serverinfo file\fR" 4
-.IX Item "-serverinfo file"
-a file containing one or more blocks of \s-1PEM\s0 data. Each \s-1PEM\s0 block
-must encode a \s-1TLS\s0 ServerHello extension (2 bytes type, 2 bytes length,
-followed by \*(L"length\*(R" bytes of extension data). If the client sends
-an empty \s-1TLS\s0 ClientHello extension matching the type, the corresponding
-ServerHello extension will be returned.
-.IP "\fB\-no_resumption_on_reneg\fR" 4
-.IX Item "-no_resumption_on_reneg"
-set \s-1SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION\s0 flag.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
+.IP "\fB\-verify_return_error\fR" 4
+.IX Item "-verify_return_error"
+Verification errors normally just print a message but allow the
+connection to continue, for debugging purposes.
+If this option is used, then verification errors close the connection.
.IP "\fB\-status\fR" 4
.IX Item "-status"
-enables certificate status request support (aka \s-1OCSP\s0 stapling).
+Enables certificate status request support (aka \s-1OCSP\s0 stapling).
.IP "\fB\-status_verbose\fR" 4
.IX Item "-status_verbose"
-enables certificate status request support (aka \s-1OCSP\s0 stapling) and gives
+Enables certificate status request support (aka \s-1OCSP\s0 stapling) and gives
a verbose printout of the \s-1OCSP\s0 response.
-.IP "\fB\-status_timeout nsec\fR" 4
-.IX Item "-status_timeout nsec"
-sets the timeout for \s-1OCSP\s0 response to \fBnsec\fR seconds.
-.IP "\fB\-status_url url\fR" 4
-.IX Item "-status_url url"
-sets a fallback responder \s-1URL\s0 to use if no responder \s-1URL\s0 is present in the
+.IP "\fB\-status_timeout int\fR" 4
+.IX Item "-status_timeout int"
+Sets the timeout for \s-1OCSP\s0 response to \fBint\fR seconds.
+.IP "\fB\-status_url val\fR" 4
+.IX Item "-status_url val"
+Sets a fallback responder \s-1URL\s0 to use if no responder \s-1URL\s0 is present in the
server certificate. Without this option an error is returned if the server
certificate does not contain a responder address.
-.IP "\fB\-alpn protocols\fR, \fB\-nextprotoneg protocols\fR" 4
-.IX Item "-alpn protocols, -nextprotoneg protocols"
-these flags enable the
-Enable the Application-Layer Protocol Negotiation or Next Protocol
-Negotiation extension, respectively. \s-1ALPN\s0 is the \s-1IETF\s0 standard and
-replaces \s-1NPN.\s0
-The \fBprotocols\fR list is a
-comma-separated list of supported protocol names.
-The list should contain most wanted protocols first.
+.IP "\fB\-status_file infile\fR" 4
+.IX Item "-status_file infile"
+Overrides any \s-1OCSP\s0 responder URLs from the certificate and always provides the
+\&\s-1OCSP\s0 Response stored in the file. The file must be in \s-1DER\s0 format.
+.IP "\fB\-trace\fR" 4
+.IX Item "-trace"
+Show verbose trace output of protocol messages. OpenSSL needs to be compiled
+with \fBenable-ssl-trace\fR for this option to work.
+.IP "\fB\-brief\fR" 4
+.IX Item "-brief"
+Provide a brief summary of connection parameters instead of the normal verbose
+output.
+.IP "\fB\-rev\fR" 4
+.IX Item "-rev"
+Simple test server which just reverses the text received from the client
+and sends it back to the server. Also sets \fB\-brief\fR.
+.IP "\fB\-async\fR" 4
+.IX Item "-async"
+Switch on asynchronous mode. Cryptographic operations will be performed
+asynchronously. This will only have an effect if an asynchronous capable engine
+is also used via the \fB\-engine\fR option. For test purposes the dummy async engine
+(dasync) can be used (if available).
+.IP "\fB\-max_send_frag +int\fR" 4
+.IX Item "-max_send_frag +int"
+The maximum size of data fragment to send.
+See \fISSL_CTX_set_max_send_fragment\fR\|(3) for further information.
+.IP "\fB\-split_send_frag +int\fR" 4
+.IX Item "-split_send_frag +int"
+The size used to split data for encrypt pipelines. If more data is written in
+one go than this value then it will be split into multiple pipelines, up to the
+maximum number of pipelines defined by max_pipelines. This only has an effect if
+a suitable cipher suite has been negotiated, an engine that supports pipelining
+has been loaded, and max_pipelines is greater than 1. See
+\&\fISSL_CTX_set_split_send_fragment\fR\|(3) for further information.
+.IP "\fB\-max_pipelines +int\fR" 4
+.IX Item "-max_pipelines +int"
+The maximum number of encrypt/decrypt pipelines to be used. This will only have
+an effect if an engine has been loaded that supports pipelining (e.g. the dasync
+engine) and a suitable cipher suite has been negotiated. The default value is 1.
+See \fISSL_CTX_set_max_pipelines\fR\|(3) for further information.
+.IP "\fB\-read_buf +int\fR" 4
+.IX Item "-read_buf +int"
+The default read buffer size to be used for connections. This will only have an
+effect if the buffer size is larger than the size that would otherwise be used
+and pipelining is in use (see \fISSL_CTX_set_default_read_buffer_len\fR\|(3) for
+further information).
+.IP "\fB\-ssl2\fR, \fB\-ssl3\fR, \fB\-tls1\fR, \fB\-tls1_1\fR, \fB\-tls1_2\fR, \fB\-tls1_3\fR, \fB\-no_ssl2\fR, \fB\-no_ssl3\fR, \fB\-no_tls1\fR, \fB\-no_tls1_1\fR, \fB\-no_tls1_2\fR, \fB\-no_tls1_3\fR" 4
+.IX Item "-ssl2, -ssl3, -tls1, -tls1_1, -tls1_2, -tls1_3, -no_ssl2, -no_ssl3, -no_tls1, -no_tls1_1, -no_tls1_2, -no_tls1_3"
+These options require or disable the use of the specified \s-1SSL\s0 or \s-1TLS\s0 protocols.
+By default \fBs_server\fR will negotiate the highest mutually supported protocol
+version.
+When a specific \s-1TLS\s0 version is required, only that version will be accepted
+from the client.
+Note that not all protocols and flags may be available, depending on how
+OpenSSL was built.
+.IP "\fB\-bugs\fR" 4
+.IX Item "-bugs"
+There are several known bug in \s-1SSL\s0 and \s-1TLS\s0 implementations. Adding this
+option enables various workarounds.
+.IP "\fB\-no_comp\fR" 4
+.IX Item "-no_comp"
+Disable negotiation of \s-1TLS\s0 compression.
+\&\s-1TLS\s0 compression is not recommended and is off by default as of
+OpenSSL 1.1.0.
+.IP "\fB\-comp\fR" 4
+.IX Item "-comp"
+Enable negotiation of \s-1TLS\s0 compression.
+This option was introduced in OpenSSL 1.1.0.
+\&\s-1TLS\s0 compression is not recommended and is off by default as of
+OpenSSL 1.1.0.
+.IP "\fB\-no_ticket\fR" 4
+.IX Item "-no_ticket"
+Disable RFC4507bis session ticket support.
+.IP "\fB\-serverpref\fR" 4
+.IX Item "-serverpref"
+Use the server's cipher preferences, rather than the client's preferences.
+.IP "\fB\-prioritize_chacha\fR" 4
+.IX Item "-prioritize_chacha"
+Prioritize ChaCha ciphers when preferred by clients. Requires \fB\-serverpref\fR.
+.IP "\fB\-no_resumption_on_reneg\fR" 4
+.IX Item "-no_resumption_on_reneg"
+Set the \fB\s-1SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION\s0\fR option.
+.IP "\fB\-client_sigalgs val\fR" 4
+.IX Item "-client_sigalgs val"
+Signature algorithms to support for client certificate authentication
+(colon-separated list).
+.IP "\fB\-named_curve val\fR" 4
+.IX Item "-named_curve val"
+Specifies the elliptic curve to use. \s-1NOTE:\s0 this is single curve, not a list.
+For a list of all possible curves, use:
+.Sp
+.Vb 1
+\& $ openssl ecparam \-list_curves
+.Ve
+.IP "\fB\-cipher val\fR" 4
+.IX Item "-cipher val"
+This allows the list of TLSv1.2 and below ciphersuites used by the server to be
+modified. This list is combined with any TLSv1.3 ciphersuites that have been
+configured. When the client sends a list of supported ciphers the first client
+cipher also included in the server list is used. Because the client specifies
+the preference order, the order of the server cipherlist is irrelevant. See
+the \fBciphers\fR command for more information.
+.IP "\fB\-ciphersuites val\fR" 4
+.IX Item "-ciphersuites val"
+This allows the list of TLSv1.3 ciphersuites used by the server to be modified.
+This list is combined with any TLSv1.2 and below ciphersuites that have been
+configured. When the client sends a list of supported ciphers the first client
+cipher also included in the server list is used. Because the client specifies
+the preference order, the order of the server cipherlist is irrelevant. See
+the \fBciphers\fR command for more information. The format for this list is a
+simple colon (\*(L":\*(R") separated list of TLSv1.3 ciphersuite names.
+.IP "\fB\-dhparam infile\fR" 4
+.IX Item "-dhparam infile"
+The \s-1DH\s0 parameter file to use. The ephemeral \s-1DH\s0 cipher suites generate keys
+using a set of \s-1DH\s0 parameters. If not specified then an attempt is made to
+load the parameters from the server certificate file.
+If this fails then a static set of parameters hard coded into the \fBs_server\fR
+program will be used.
+.IP "\fB\-attime\fR, \fB\-check_ss_sig\fR, \fB\-crl_check\fR, \fB\-crl_check_all\fR, \fB\-explicit_policy\fR, \fB\-extended_crl\fR, \fB\-ignore_critical\fR, \fB\-inhibit_any\fR, \fB\-inhibit_map\fR, \fB\-no_alt_chains\fR, \fB\-no_check_time\fR, \fB\-partial_chain\fR, \fB\-policy\fR, \fB\-policy_check\fR, \fB\-policy_print\fR, \fB\-purpose\fR, \fB\-suiteB_128\fR, \fB\-suiteB_128_only\fR, \fB\-suiteB_192\fR, \fB\-trusted_first\fR, \fB\-use_deltas\fR, \fB\-auth_level\fR, \fB\-verify_depth\fR, \fB\-verify_email\fR, \fB\-verify_hostname\fR, \fB\-verify_ip\fR, \fB\-verify_name\fR, \fB\-x509_strict\fR" 4
+.IX Item "-attime, -check_ss_sig, -crl_check, -crl_check_all, -explicit_policy, -extended_crl, -ignore_critical, -inhibit_any, -inhibit_map, -no_alt_chains, -no_check_time, -partial_chain, -policy, -policy_check, -policy_print, -purpose, -suiteB_128, -suiteB_128_only, -suiteB_192, -trusted_first, -use_deltas, -auth_level, -verify_depth, -verify_email, -verify_hostname, -verify_ip, -verify_name, -x509_strict"
+Set different peer certificate verification options.
+See the \fIverify\fR\|(1) manual page for details.
+.IP "\fB\-crl_check\fR, \fB\-crl_check_all\fR" 4
+.IX Item "-crl_check, -crl_check_all"
+Check the peer certificate has not been revoked by its \s-1CA.\s0
+The \s-1CRL\s0(s) are appended to the certificate file. With the \fB\-crl_check_all\fR
+option all CRLs of all CAs in the chain are checked.
+.IP "\fB\-nbio\fR" 4
+.IX Item "-nbio"
+Turns on non blocking I/O.
+.IP "\fB\-psk_identity val\fR" 4
+.IX Item "-psk_identity val"
+Expect the client to send \s-1PSK\s0 identity \fBval\fR when using a \s-1PSK\s0
+cipher suite, and warn if they do not. By default, the expected \s-1PSK\s0
+identity is the string \*(L"Client_identity\*(R".
+.IP "\fB\-psk_hint val\fR" 4
+.IX Item "-psk_hint val"
+Use the \s-1PSK\s0 identity hint \fBval\fR when using a \s-1PSK\s0 cipher suite.
+.IP "\fB\-psk val\fR" 4
+.IX Item "-psk val"
+Use the \s-1PSK\s0 key \fBval\fR when using a \s-1PSK\s0 cipher suite. The key is
+given as a hexadecimal number without leading 0x, for example \-psk
+1a2b3c4d.
+This option must be provided in order to use a \s-1PSK\s0 cipher.
+.IP "\fB\-psk_session file\fR" 4
+.IX Item "-psk_session file"
+Use the pem encoded \s-1SSL_SESSION\s0 data stored in \fBfile\fR as the basis of a \s-1PSK.\s0
+Note that this will only work if TLSv1.3 is negotiated.
+.IP "\fB\-listen\fR" 4
+.IX Item "-listen"
+This option can only be used in conjunction with one of the \s-1DTLS\s0 options above.
+With this option \fBs_server\fR will listen on a \s-1UDP\s0 port for incoming connections.
+Any ClientHellos that arrive will be checked to see if they have a cookie in
+them or not.
+Any without a cookie will be responded to with a HelloVerifyRequest.
+If a ClientHello with a cookie is received then \fBs_server\fR will connect to
+that peer and complete the handshake.
+.IP "\fB\-dtls\fR, \fB\-dtls1\fR, \fB\-dtls1_2\fR" 4
+.IX Item "-dtls, -dtls1, -dtls1_2"
+These options make \fBs_server\fR use \s-1DTLS\s0 protocols instead of \s-1TLS.\s0
+With \fB\-dtls\fR, \fBs_server\fR will negotiate any supported \s-1DTLS\s0 protocol version,
+whilst \fB\-dtls1\fR and \fB\-dtls1_2\fR will only support DTLSv1.0 and DTLSv1.2
+respectively.
+.IP "\fB\-sctp\fR" 4
+.IX Item "-sctp"
+Use \s-1SCTP\s0 for the transport protocol instead of \s-1UDP\s0 in \s-1DTLS.\s0 Must be used in
+conjunction with \fB\-dtls\fR, \fB\-dtls1\fR or \fB\-dtls1_2\fR. This option is only
+available where OpenSSL has support for \s-1SCTP\s0 enabled.
+.IP "\fB\-no_dhe\fR" 4
+.IX Item "-no_dhe"
+If this option is set then no \s-1DH\s0 parameters will be loaded effectively
+disabling the ephemeral \s-1DH\s0 cipher suites.
+.IP "\fB\-alpn val\fR, \fB\-nextprotoneg val\fR" 4
+.IX Item "-alpn val, -nextprotoneg val"
+These flags enable the Enable the Application-Layer Protocol Negotiation
+or Next Protocol Negotiation (\s-1NPN\s0) extension, respectively. \s-1ALPN\s0 is the
+\&\s-1IETF\s0 standard and replaces \s-1NPN.\s0
+The \fBval\fR list is a comma-separated list of supported protocol
+names. The list should contain the most desirable protocols first.
Protocol names are printable \s-1ASCII\s0 strings, for example \*(L"http/1.1\*(R" or
\&\*(L"spdy/3\*(R".
+The flag \fB\-nextprotoneg\fR cannot be specified if \fB\-tls1_3\fR is used.
+.IP "\fB\-engine val\fR" 4
+.IX Item "-engine val"
+Specifying an engine (by its unique id string in \fBval\fR) will cause \fBs_server\fR
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+.IP "\fB\-keylogfile outfile\fR" 4
+.IX Item "-keylogfile outfile"
+Appends \s-1TLS\s0 secrets to the specified keylog file such that external programs
+(like Wireshark) can decrypt \s-1TLS\s0 connections.
+.IP "\fB\-max_early_data int\fR" 4
+.IX Item "-max_early_data int"
+Change the default maximum early data bytes that are specified for new sessions
+and any incoming early data (when used in conjunction with the \fB\-early_data\fR
+flag). The default value is approximately 16k. The argument must be an integer
+greater than or equal to 0.
+.IP "\fB\-early_data\fR" 4
+.IX Item "-early_data"
+Accept early data where possible.
+.IP "\fB\-anti_replay\fR, \fB\-no_anti_replay\fR" 4
+.IX Item "-anti_replay, -no_anti_replay"
+Switches replay protection on or off, respectively. Replay protection is on by
+default unless overridden by a configuration file. When it is on, OpenSSL will
+automatically detect if a session ticket has been used more than once, TLSv1.3
+has been negotiated, and early data is enabled on the server. A full handshake
+is forced if a session ticket is used a second or subsequent time. Any early
+data that was sent will be rejected.
.SH "CONNECTED COMMANDS"
.IX Header "CONNECTED COMMANDS"
If a connection request is established with an \s-1SSL\s0 client and neither the
\&\fB\-www\fR nor the \fB\-WWW\fR option has been used then normally any data received
from the client is displayed and any key presses will be sent to the client.
.PP
-Certain single letter commands are also recognized which perform special
-operations: these are listed below.
+Certain commands are also recognized which perform special operations. These
+commands are a letter which must appear at the start of a line. They are listed
+below.
.IP "\fBq\fR" 4
.IX Item "q"
-end the current \s-1SSL\s0 connection but still accept new connections.
+End the current \s-1SSL\s0 connection but still accept new connections.
.IP "\fBQ\fR" 4
.IX Item "Q"
-end the current \s-1SSL\s0 connection and exit.
+End the current \s-1SSL\s0 connection and exit.
.IP "\fBr\fR" 4
.IX Item "r"
-renegotiate the \s-1SSL\s0 session.
+Renegotiate the \s-1SSL\s0 session (TLSv1.2 and below only).
.IP "\fBR\fR" 4
.IX Item "R"
-renegotiate the \s-1SSL\s0 session and request a client certificate.
+Renegotiate the \s-1SSL\s0 session and request a client certificate (TLSv1.2 and below
+only).
.IP "\fBP\fR" 4
.IX Item "P"
-send some plain text down the underlying \s-1TCP\s0 connection: this should
+Send some plain text down the underlying \s-1TCP\s0 connection: this should
cause the client to disconnect due to a protocol violation.
.IP "\fBS\fR" 4
.IX Item "S"
-print out some session cache status information.
+Print out some session cache status information.
+.IP "\fBB\fR" 4
+.IX Item "B"
+Send a heartbeat message to the client (\s-1DTLS\s0 only)
+.IP "\fBk\fR" 4
+.IX Item "k"
+Send a key update message to the client (TLSv1.3 only)
+.IP "\fBK\fR" 4
+.IX Item "K"
+Send a key update message to the client and request one back (TLSv1.3 only)
+.IP "\fBc\fR" 4
+.IX Item "c"
+Send a certificate request to the client (TLSv1.3 only)
.SH "NOTES"
.IX Header "NOTES"
\&\fBs_server\fR can be used to debug \s-1SSL\s0 clients. To accept connections from
@@ -481,10 +813,10 @@ mean any \s-1CA\s0 is acceptable. This is useful for debugging purposes.
The session parameters can printed out using the \fBsess_id\fR program.
.SH "BUGS"
.IX Header "BUGS"
-Because this program has a lot of options and also because some of
-the techniques used are rather old, the C source of s_server is rather
-hard to read and not a model of how things should be done. A typical
-\&\s-1SSL\s0 server program would be much simpler.
+Because this program has a lot of options and also because some of the
+techniques used are rather old, the C source of \fBs_server\fR is rather hard to
+read and not a model of how things should be done.
+A typical \s-1SSL\s0 server program would be much simpler.
.PP
The output of common ciphers is wrong: it just gives the list of ciphers that
OpenSSL recognizes and the client supports.
@@ -493,7 +825,21 @@ There should be a way for the \fBs_server\fR program to print out details of any
unknown cipher suites a client says it supports.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
-\&\fIsess_id\fR\|(1), \fIs_client\fR\|(1), \fIciphers\fR\|(1)
+\&\fISSL_CONF_cmd\fR\|(3), \fIsess_id\fR\|(1), \fIs_client\fR\|(1), \fIciphers\fR\|(1)
+\&\fISSL_CTX_set_max_send_fragment\fR\|(3),
+\&\fISSL_CTX_set_split_send_fragment\fR\|(3),
+\&\fISSL_CTX_set_max_pipelines\fR\|(3)
.SH "HISTORY"
.IX Header "HISTORY"
-The \-no_alt_chains options was first added to OpenSSL 1.0.2b.
+The \-no_alt_chains option was first added to OpenSSL 1.1.0.
+.PP
+The \-allow\-no\-dhe\-kex and \-prioritize_chacha options were first added to
+OpenSSL 1.1.1.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/s_time.1 b/secure/usr.bin/openssl/man/s_time.1
index dace18071052..220b5e4b4486 100644
--- a/secure/usr.bin/openssl/man/s_time.1
+++ b/secure/usr.bin/openssl/man/s_time.1
@@ -129,32 +129,34 @@
.\" ========================================================================
.\"
.IX Title "S_TIME 1"
-.TH S_TIME 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH S_TIME 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-s_time,
-s_time \- SSL/TLS performance timing program
+openssl\-s_time, s_time \- SSL/TLS performance timing program
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBs_time\fR
+[\fB\-help\fR]
[\fB\-connect host:port\fR]
[\fB\-www page\fR]
[\fB\-cert filename\fR]
[\fB\-key filename\fR]
[\fB\-CApath directory\fR]
-[\fB\-CAfile filename\fR]
+[\fB\-cafile filename\fR]
+[\fB\-no\-CAfile\fR]
+[\fB\-no\-CApath\fR]
[\fB\-reuse\fR]
[\fB\-new\fR]
[\fB\-verify depth\fR]
-[\fB\-nbio\fR]
+[\fB\-nameopt option\fR]
[\fB\-time seconds\fR]
-[\fB\-ssl2\fR]
[\fB\-ssl3\fR]
[\fB\-bugs\fR]
[\fB\-cipher cipherlist\fR]
+[\fB\-ciphersuites val\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBs_time\fR command implements a generic \s-1SSL/TLS\s0 client which connects to a
@@ -164,6 +166,9 @@ the number of connections within a given timeframe, the amount of data
transferred (if any), and calculates the average time spent for one connection.
.SH "OPTIONS"
.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-connect host:port\fR" 4
.IX Item "-connect host:port"
This specifies the host and optional port to connect to.
@@ -188,6 +193,12 @@ server certificate chain and turns on server certificate verification.
Currently the verify operation continues after errors so all the problems
with a certificate chain can be seen. As a side effect the connection
will never fail due to a server certificate verify failure.
+.IP "\fB\-nameopt option\fR" 4
+.IX Item "-nameopt option"
+Option which determines how the subject or issuer names are displayed. The
+\&\fBoption\fR argument can be a single option or multiple options separated by
+commas. Alternatively the \fB\-nameopt\fR switch may be used more than once to
+set multiple options. See the \fIx509\fR\|(1) manual page for details.
.IP "\fB\-CApath directory\fR" 4
.IX Item "-CApath directory"
The directory to use for server certificate verification. This directory
@@ -197,44 +208,58 @@ also used when building the client certificate chain.
.IX Item "-CAfile file"
A file containing trusted certificates to use during server authentication
and to use when attempting to build the client certificate chain.
+.IP "\fB\-no\-CAfile\fR" 4
+.IX Item "-no-CAfile"
+Do not load the trusted \s-1CA\s0 certificates from the default file location
+.IP "\fB\-no\-CApath\fR" 4
+.IX Item "-no-CApath"
+Do not load the trusted \s-1CA\s0 certificates from the default directory location
.IP "\fB\-new\fR" 4
.IX Item "-new"
-performs the timing test using a new session \s-1ID\s0 for each connection.
+Performs the timing test using a new session \s-1ID\s0 for each connection.
If neither \fB\-new\fR nor \fB\-reuse\fR are specified, they are both on by default
and executed in sequence.
.IP "\fB\-reuse\fR" 4
.IX Item "-reuse"
-performs the timing test using the same session \s-1ID\s0; this can be used as a test
+Performs the timing test using the same session \s-1ID\s0; this can be used as a test
that session caching is working. If neither \fB\-new\fR nor \fB\-reuse\fR are
specified, they are both on by default and executed in sequence.
-.IP "\fB\-nbio\fR" 4
-.IX Item "-nbio"
-turns on non-blocking I/O.
-.IP "\fB\-ssl2\fR, \fB\-ssl3\fR" 4
-.IX Item "-ssl2, -ssl3"
-these options disable the use of certain \s-1SSL\s0 or \s-1TLS\s0 protocols. By default
+.IP "\fB\-ssl3\fR" 4
+.IX Item "-ssl3"
+This option disables the use of \s-1SSL\s0 version 3. By default
the initial handshake uses a method which should be compatible with all
-servers and permit them to use \s-1SSL\s0 v3, \s-1SSL\s0 v2 or \s-1TLS\s0 as appropriate.
+servers and permit them to use \s-1SSL\s0 v3 or \s-1TLS\s0 as appropriate.
+.Sp
The timing program is not as rich in options to turn protocols on and off as
the \fIs_client\fR\|(1) program and may not connect to all servers.
-.Sp
Unfortunately there are a lot of ancient and broken servers in use which
cannot handle this technique and will fail to connect. Some servers only
-work if \s-1TLS\s0 is turned off with the \fB\-ssl3\fR option; others
-will only support \s-1SSL\s0 v2 and may need the \fB\-ssl2\fR option.
+work if \s-1TLS\s0 is turned off with the \fB\-ssl3\fR option.
+.Sp
+Note that this option may not be available, depending on how
+OpenSSL was built.
.IP "\fB\-bugs\fR" 4
.IX Item "-bugs"
-there are several known bug in \s-1SSL\s0 and \s-1TLS\s0 implementations. Adding this
+There are several known bug in \s-1SSL\s0 and \s-1TLS\s0 implementations. Adding this
option enables various workarounds.
.IP "\fB\-cipher cipherlist\fR" 4
.IX Item "-cipher cipherlist"
-this allows the cipher list sent by the client to be modified. Although
-the server determines which cipher suite is used it should take the first
-supported cipher in the list sent by the client.
-See the \fIciphers\fR\|(1) command for more information.
+This allows the TLSv1.2 and below cipher list sent by the client to be modified.
+This list will be combined with any TLSv1.3 ciphersuites that have been
+configured. Although the server determines which cipher suite is used it should
+take the first supported cipher in the list sent by the client. See
+\&\fIciphers\fR\|(1) for more information.
+.IP "\fB\-ciphersuites val\fR" 4
+.IX Item "-ciphersuites val"
+This allows the TLSv1.3 ciphersuites sent by the client to be modified. This
+list will be combined with any TLSv1.2 and below ciphersuites that have been
+configured. Although the server determines which cipher suite is used it should
+take the first supported cipher in the list sent by the client. See
+\&\fIciphers\fR\|(1) for more information. The format for this list is a simple
+colon (\*(L":\*(R") separated list of TLSv1.3 ciphersuite names.
.IP "\fB\-time length\fR" 4
.IX Item "-time length"
-specifies how long (in seconds) \fBs_time\fR should establish connections and
+Specifies how long (in seconds) \fBs_time\fR should establish connections and
optionally transfer payload data from a server. Server and client performance
and the link speed determine how many connections \fBs_time\fR can establish.
.SH "NOTES"
@@ -251,7 +276,7 @@ which both client and server can agree, see the \fIciphers\fR\|(1) command
for details.
.PP
If the handshake fails then there are several possible causes, if it is
-nothing obvious like no client certificate then the \fB\-bugs\fR, \fB\-ssl2\fR,
+nothing obvious like no client certificate then the \fB\-bugs\fR and
\&\fB\-ssl3\fR options can be tried
in case it is a buggy server. In particular you should play with these
options \fBbefore\fR submitting a bug report to an OpenSSL mailing list.
@@ -281,3 +306,11 @@ fails.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIs_client\fR\|(1), \fIs_server\fR\|(1), \fIciphers\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2004\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/sess_id.1 b/secure/usr.bin/openssl/man/sess_id.1
index 55e577da5e15..e13d2bea8639 100644
--- a/secure/usr.bin/openssl/man/sess_id.1
+++ b/secure/usr.bin/openssl/man/sess_id.1
@@ -129,19 +129,19 @@
.\" ========================================================================
.\"
.IX Title "SESS_ID 1"
-.TH SESS_ID 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH SESS_ID 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-sess_id,
-sess_id \- SSL/TLS session handling utility
+openssl\-sess_id, sess_id \- SSL/TLS session handling utility
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBsess_id\fR
+[\fB\-help\fR]
[\fB\-inform PEM|DER\fR]
-[\fB\-outform PEM|DER\fR]
+[\fB\-outform PEM|DER|NSS\fR]
[\fB\-in filename\fR]
[\fB\-out filename\fR]
[\fB\-text\fR]
@@ -154,16 +154,22 @@ and optionally prints out \s-1SSL\s0 session details (for example the \s-1SSL\s0
master key) in human readable format. Since this is a diagnostic tool that
needs some knowledge of the \s-1SSL\s0 protocol to use properly, most users will
not need to use it.
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform DER|PEM\fR" 4
.IX Item "-inform DER|PEM"
This specifies the input format. The \fB\s-1DER\s0\fR option uses an \s-1ASN1 DER\s0 encoded
format containing session details. The precise format can vary from one version
to the next. The \fB\s-1PEM\s0\fR form is the default format: it consists of the \fB\s-1DER\s0\fR
format base64 encoded with additional header and footer lines.
-.IP "\fB\-outform DER|PEM\fR" 4
-.IX Item "-outform DER|PEM"
-This specifies the output format, the options have the same meaning as the
-\&\fB\-inform\fR option.
+.IP "\fB\-outform DER|PEM|NSS\fR" 4
+.IX Item "-outform DER|PEM|NSS"
+This specifies the output format. The \fB\s-1PEM\s0\fR and \fB\s-1DER\s0\fR options have the same meaning
+and default as the \fB\-inform\fR option. The \fB\s-1NSS\s0\fR option outputs the session id and
+the master key in \s-1NSS\s0 keylog format.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read session information from or standard
@@ -174,19 +180,19 @@ This specifies the output filename to write session information to or standard
output if this option is not specified.
.IP "\fB\-text\fR" 4
.IX Item "-text"
-prints out the various public or private key components in
+Prints out the various public or private key components in
plain text in addition to the encoded version.
.IP "\fB\-cert\fR" 4
.IX Item "-cert"
-if a certificate is present in the session it will be output using this option,
+If a certificate is present in the session it will be output using this option,
if the \fB\-text\fR option is also present then it will be printed out in text form.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-this option prevents output of the encoded version of the session.
+This option prevents output of the encoded version of the session.
.IP "\fB\-context \s-1ID\s0\fR" 4
.IX Item "-context ID"
-this option can set the session id so the output session information uses the
-supplied \s-1ID.\s0 The \s-1ID\s0 can be any string of characters. This option wont normally
+This option can set the session id so the output session information uses the
+supplied \s-1ID.\s0 The \s-1ID\s0 can be any string of characters. This option won't normally
be used.
.SH "OUTPUT"
.IX Header "OUTPUT"
@@ -208,32 +214,30 @@ Typical output:
Theses are described below in more detail.
.IP "\fBProtocol\fR" 4
.IX Item "Protocol"
-this is the protocol in use TLSv1, SSLv3 or SSLv2.
+This is the protocol in use TLSv1.3, TLSv1.2, TLSv1.1, TLSv1 or SSLv3.
.IP "\fBCipher\fR" 4
.IX Item "Cipher"
-the cipher used this is the actual raw \s-1SSL\s0 or \s-1TLS\s0 cipher code, see the \s-1SSL\s0
+The cipher used this is the actual raw \s-1SSL\s0 or \s-1TLS\s0 cipher code, see the \s-1SSL\s0
or \s-1TLS\s0 specifications for more information.
.IP "\fBSession-ID\fR" 4
.IX Item "Session-ID"
-the \s-1SSL\s0 session \s-1ID\s0 in hex format.
+The \s-1SSL\s0 session \s-1ID\s0 in hex format.
.IP "\fBSession-ID-ctx\fR" 4
.IX Item "Session-ID-ctx"
-the session \s-1ID\s0 context in hex format.
+The session \s-1ID\s0 context in hex format.
.IP "\fBMaster-Key\fR" 4
.IX Item "Master-Key"
-this is the \s-1SSL\s0 session master key.
-.IP "\fBKey-Arg\fR" 4
-.IX Item "Key-Arg"
-the key argument, this is only used in \s-1SSL\s0 v2.
+This is the \s-1SSL\s0 session master key.
.IP "\fBStart Time\fR" 4
.IX Item "Start Time"
-this is the session start time represented as an integer in standard Unix format.
+This is the session start time represented as an integer in standard
+Unix format.
.IP "\fBTimeout\fR" 4
.IX Item "Timeout"
-the timeout in seconds.
+The timeout in seconds.
.IP "\fBVerify return code\fR" 4
.IX Item "Verify return code"
-this is the return code when an \s-1SSL\s0 client certificate is verified.
+This is the return code when an \s-1SSL\s0 client certificate is verified.
.SH "NOTES"
.IX Header "NOTES"
The \s-1PEM\s0 encoded session format uses the header and footer lines:
@@ -243,13 +247,22 @@ The \s-1PEM\s0 encoded session format uses the header and footer lines:
\& \-\-\-\-\-END SSL SESSION PARAMETERS\-\-\-\-\-
.Ve
.PP
-Since the \s-1SSL\s0 session output contains the master key it is possible to read the contents
-of an encrypted session using this information. Therefore appropriate security precautions
-should be taken if the information is being output by a \*(L"real\*(R" application. This is
-however strongly discouraged and should only be used for debugging purposes.
+Since the \s-1SSL\s0 session output contains the master key it is
+possible to read the contents of an encrypted session using this
+information. Therefore appropriate security precautions should be taken if
+the information is being output by a \*(L"real\*(R" application. This is however
+strongly discouraged and should only be used for debugging purposes.
.SH "BUGS"
.IX Header "BUGS"
The cipher and start time should be printed out in human readable form.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIciphers\fR\|(1), \fIs_server\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/smime.1 b/secure/usr.bin/openssl/man/smime.1
index d7d1423917d5..80dc532af552 100644
--- a/secure/usr.bin/openssl/man/smime.1
+++ b/secure/usr.bin/openssl/man/smime.1
@@ -129,32 +129,64 @@
.\" ========================================================================
.\"
.IX Title "SMIME 1"
-.TH SMIME 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH SMIME 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-smime,
-smime \- S/MIME utility
+openssl\-smime, smime \- S/MIME utility
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBsmime\fR
+[\fB\-help\fR]
[\fB\-encrypt\fR]
[\fB\-decrypt\fR]
[\fB\-sign\fR]
[\fB\-resign\fR]
[\fB\-verify\fR]
[\fB\-pk7out\fR]
-[\fB\-[cipher]\fR]
+[\fB\-binary\fR]
+[\fB\-crlfeol\fR]
+[\fB\-\f(BIcipher\fB\fR]
[\fB\-in file\fR]
+[\fB\-CAfile file\fR]
+[\fB\-CApath dir\fR]
+[\fB\-no\-CAfile\fR]
+[\fB\-no\-CApath\fR]
+[\fB\-attime timestamp\fR]
+[\fB\-check_ss_sig\fR]
+[\fB\-crl_check\fR]
+[\fB\-crl_check_all\fR]
+[\fB\-explicit_policy\fR]
+[\fB\-extended_crl\fR]
+[\fB\-ignore_critical\fR]
+[\fB\-inhibit_any\fR]
+[\fB\-inhibit_map\fR]
+[\fB\-partial_chain\fR]
+[\fB\-policy arg\fR]
+[\fB\-policy_check\fR]
+[\fB\-policy_print\fR]
+[\fB\-purpose purpose\fR]
+[\fB\-suiteB_128\fR]
+[\fB\-suiteB_128_only\fR]
+[\fB\-suiteB_192\fR]
+[\fB\-trusted_first\fR]
[\fB\-no_alt_chains\fR]
+[\fB\-use_deltas\fR]
+[\fB\-auth_level num\fR]
+[\fB\-verify_depth num\fR]
+[\fB\-verify_email email\fR]
+[\fB\-verify_hostname hostname\fR]
+[\fB\-verify_ip ip\fR]
+[\fB\-verify_name name\fR]
+[\fB\-x509_strict\fR]
[\fB\-certfile file\fR]
[\fB\-signer file\fR]
[\fB\-recip file\fR]
[\fB\-inform SMIME|PEM|DER\fR]
[\fB\-passin arg\fR]
-[\fB\-inkey file\fR]
+[\fB\-inkey file_or_id\fR]
[\fB\-out file\fR]
[\fB\-outform SMIME|PEM|DER\fR]
[\fB\-content file\fR]
@@ -165,51 +197,55 @@ smime \- S/MIME utility
[\fB\-indef\fR]
[\fB\-noindef\fR]
[\fB\-stream\fR]
-[\fB\-rand file(s)\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-md digest\fR]
[cert.pem]...
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBsmime\fR command handles S/MIME mail. It can encrypt, decrypt, sign and
verify S/MIME messages.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
There are six operation options that set the type of operation to be performed.
The meaning of the other options varies according to the operation type.
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-encrypt\fR" 4
.IX Item "-encrypt"
-encrypt mail for the given recipient certificates. Input file is the message
+Encrypt mail for the given recipient certificates. Input file is the message
to be encrypted. The output file is the encrypted mail in \s-1MIME\s0 format.
.Sp
Note that no revocation check is done for the recipient cert, so if that
key has been compromised, others may be able to decrypt the text.
.IP "\fB\-decrypt\fR" 4
.IX Item "-decrypt"
-decrypt mail using the supplied certificate and private key. Expects an
+Decrypt mail using the supplied certificate and private key. Expects an
encrypted mail message in \s-1MIME\s0 format for the input file. The decrypted mail
is written to the output file.
.IP "\fB\-sign\fR" 4
.IX Item "-sign"
-sign mail using the supplied certificate and private key. Input file is
+Sign mail using the supplied certificate and private key. Input file is
the message to be signed. The signed message in \s-1MIME\s0 format is written
to the output file.
.IP "\fB\-verify\fR" 4
.IX Item "-verify"
-verify signed mail. Expects a signed mail message on input and outputs
+Verify signed mail. Expects a signed mail message on input and outputs
the signed data. Both clear text and opaque signing is supported.
.IP "\fB\-pk7out\fR" 4
.IX Item "-pk7out"
-takes an input message and writes out a \s-1PEM\s0 encoded PKCS#7 structure.
+Takes an input message and writes out a \s-1PEM\s0 encoded PKCS#7 structure.
.IP "\fB\-resign\fR" 4
.IX Item "-resign"
-resign a message: take an existing message and one or more new signers.
+Resign a message: take an existing message and one or more new signers.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
-the input message to be encrypted or signed or the \s-1MIME\s0 message to
+The input message to be encrypted or signed or the \s-1MIME\s0 message to
be decrypted or verified.
.IP "\fB\-inform SMIME|PEM|DER\fR" 4
.IX Item "-inform SMIME|PEM|DER"
-this specifies the input format for the PKCS#7 structure. The default
+This specifies the input format for the PKCS#7 structure. The default
is \fB\s-1SMIME\s0\fR which reads an S/MIME format message. \fB\s-1PEM\s0\fR and \fB\s-1DER\s0\fR
format change this to expect \s-1PEM\s0 and \s-1DER\s0 format PKCS#7 structures
instead. This currently only affects the input format of the PKCS#7
@@ -217,11 +253,11 @@ structure, if no PKCS#7 structure is being input (for example with
\&\fB\-encrypt\fR or \fB\-sign\fR) this option has no effect.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-the message text that has been decrypted or verified or the output \s-1MIME\s0
+The message text that has been decrypted or verified or the output \s-1MIME\s0
format message that has been signed or verified.
.IP "\fB\-outform SMIME|PEM|DER\fR" 4
.IX Item "-outform SMIME|PEM|DER"
-this specifies the output format for the PKCS#7 structure. The default
+This specifies the output format for the PKCS#7 structure. The default
is \fB\s-1SMIME\s0\fR which write an S/MIME format message. \fB\s-1PEM\s0\fR and \fB\s-1DER\s0\fR
format change this to write \s-1PEM\s0 and \s-1DER\s0 format PKCS#7 structures
instead. This currently only affects the output format of the PKCS#7
@@ -229,7 +265,7 @@ structure, if no PKCS#7 structure is being output (for example with
\&\fB\-verify\fR or \fB\-decrypt\fR) this option has no effect.
.IP "\fB\-stream \-indef \-noindef\fR" 4
.IX Item "-stream -indef -noindef"
-the \fB\-stream\fR and \fB\-indef\fR options are equivalent and enable streaming I/O
+The \fB\-stream\fR and \fB\-indef\fR options are equivalent and enable streaming I/O
for encoding operations. This permits single pass processing of data without
the need to hold the entire contents in memory, potentially supporting very
large files. Streaming is automatically set for S/MIME signing with detached
@@ -237,7 +273,7 @@ data if the output format is \fB\s-1SMIME\s0\fR it is currently off by default f
other operations.
.IP "\fB\-noindef\fR" 4
.IX Item "-noindef"
-disable streaming I/O where it would produce and indefinite length constructed
+Disable streaming I/O where it would produce and indefinite length constructed
encoding. This option currently has no effect. In future streaming will be
enabled by default on all relevant operations and this option will disable it.
.IP "\fB\-content filename\fR" 4
@@ -249,118 +285,134 @@ not included. This option will override any content if the input format
is S/MIME and it uses the multipart/signed \s-1MIME\s0 content type.
.IP "\fB\-text\fR" 4
.IX Item "-text"
-this option adds plain text (text/plain) \s-1MIME\s0 headers to the supplied
+This option adds plain text (text/plain) \s-1MIME\s0 headers to the supplied
message if encrypting or signing. If decrypting or verifying it strips
-off text headers: if the decrypted or verified message is not of \s-1MIME\s0
+off text headers: if the decrypted or verified message is not of \s-1MIME\s0
type text/plain then an error occurs.
.IP "\fB\-CAfile file\fR" 4
.IX Item "-CAfile file"
-a file containing trusted \s-1CA\s0 certificates, only used with \fB\-verify\fR.
+A file containing trusted \s-1CA\s0 certificates, only used with \fB\-verify\fR.
.IP "\fB\-CApath dir\fR" 4
.IX Item "-CApath dir"
-a directory containing trusted \s-1CA\s0 certificates, only used with
+A directory containing trusted \s-1CA\s0 certificates, only used with
\&\fB\-verify\fR. This directory must be a standard certificate directory: that
is a hash of each subject name (using \fBx509 \-hash\fR) should be linked
to each certificate.
+.IP "\fB\-no\-CAfile\fR" 4
+.IX Item "-no-CAfile"
+Do not load the trusted \s-1CA\s0 certificates from the default file location.
+.IP "\fB\-no\-CApath\fR" 4
+.IX Item "-no-CApath"
+Do not load the trusted \s-1CA\s0 certificates from the default directory location.
.IP "\fB\-md digest\fR" 4
.IX Item "-md digest"
-digest algorithm to use when signing or resigning. If not present then the
+Digest algorithm to use when signing or resigning. If not present then the
default digest algorithm for the signing key will be used (usually \s-1SHA1\s0).
-.IP "\fB\-[cipher]\fR" 4
-.IX Item "-[cipher]"
-the encryption algorithm to use. For example \s-1DES\s0 (56 bits) \- \fB\-des\fR,
+.IP "\fB\-\f(BIcipher\fB\fR" 4
+.IX Item "-cipher"
+The encryption algorithm to use. For example \s-1DES\s0 (56 bits) \- \fB\-des\fR,
triple \s-1DES\s0 (168 bits) \- \fB\-des3\fR,
-\&\fIEVP_get_cipherbyname()\fR function) can also be used preceded by a dash, for
-example \fB\-aes_128_cbc\fR. See \fBenc\fR for list of ciphers
+\&\fIEVP_get_cipherbyname()\fR function) can also be used preceded by a dash, for
+example \fB\-aes\-128\-cbc\fR. See \fBenc\fR for list of ciphers
supported by your version of OpenSSL.
.Sp
If not specified triple \s-1DES\s0 is used. Only used with \fB\-encrypt\fR.
.IP "\fB\-nointern\fR" 4
.IX Item "-nointern"
-when verifying a message normally certificates (if any) included in
+When verifying a message normally certificates (if any) included in
the message are searched for the signing certificate. With this option
only the certificates specified in the \fB\-certfile\fR option are used.
The supplied certificates can still be used as untrusted CAs however.
.IP "\fB\-noverify\fR" 4
.IX Item "-noverify"
-do not verify the signers certificate of a signed message.
+Do not verify the signers certificate of a signed message.
.IP "\fB\-nochain\fR" 4
.IX Item "-nochain"
-do not do chain verification of signers certificates: that is don't
+Do not do chain verification of signers certificates: that is don't
use the certificates in the signed message as untrusted CAs.
.IP "\fB\-nosigs\fR" 4
.IX Item "-nosigs"
-don't try to verify the signatures on the message.
+Don't try to verify the signatures on the message.
.IP "\fB\-nocerts\fR" 4
.IX Item "-nocerts"
-when signing a message the signer's certificate is normally included
+When signing a message the signer's certificate is normally included
with this option it is excluded. This will reduce the size of the
signed message but the verifier must have a copy of the signers certificate
available locally (passed using the \fB\-certfile\fR option for example).
.IP "\fB\-noattr\fR" 4
.IX Item "-noattr"
-normally when a message is signed a set of attributes are included which
+Normally when a message is signed a set of attributes are included which
include the signing time and supported symmetric algorithms. With this
option they are not included.
.IP "\fB\-binary\fR" 4
.IX Item "-binary"
-normally the input message is converted to \*(L"canonical\*(R" format which is
+Normally the input message is converted to \*(L"canonical\*(R" format which is
effectively using \s-1CR\s0 and \s-1LF\s0 as end of line: as required by the S/MIME
specification. When this option is present no translation occurs. This
is useful when handling binary data which may not be in \s-1MIME\s0 format.
+.IP "\fB\-crlfeol\fR" 4
+.IX Item "-crlfeol"
+Normally the output file uses a single \fB\s-1LF\s0\fR as end of line. When this
+option is present \fB\s-1CRLF\s0\fR is used instead.
.IP "\fB\-nodetach\fR" 4
.IX Item "-nodetach"
-when signing a message use opaque signing: this form is more resistant
+When signing a message use opaque signing: this form is more resistant
to translation by mail relays but it cannot be read by mail agents that
do not support S/MIME. Without this option cleartext signing with
the \s-1MIME\s0 type multipart/signed is used.
.IP "\fB\-certfile file\fR" 4
.IX Item "-certfile file"
-allows additional certificates to be specified. When signing these will
+Allows additional certificates to be specified. When signing these will
be included with the message. When verifying these will be searched for
the signers certificates. The certificates should be in \s-1PEM\s0 format.
.IP "\fB\-signer file\fR" 4
.IX Item "-signer file"
-a signing certificate when signing or resigning a message, this option can be
+A signing certificate when signing or resigning a message, this option can be
used multiple times if more than one signer is required. If a message is being
verified then the signers certificates will be written to this file if the
verification was successful.
.IP "\fB\-recip file\fR" 4
.IX Item "-recip file"
-the recipients certificate when decrypting a message. This certificate
+The recipients certificate when decrypting a message. This certificate
must match one of the recipients of the message or an error occurs.
-.IP "\fB\-inkey file\fR" 4
-.IX Item "-inkey file"
-the private key to use when signing or decrypting. This must match the
+.IP "\fB\-inkey file_or_id\fR" 4
+.IX Item "-inkey file_or_id"
+The private key to use when signing or decrypting. This must match the
corresponding certificate. If this option is not specified then the
private key must be included in the certificate file specified with
the \fB\-recip\fR or \fB\-signer\fR file. When signing this option can be used
multiple times to specify successive keys.
+If no engine is used, the argument is taken as a file; if an engine is
+specified, the argument is given to the engine as a key identifier.
.IP "\fB\-passin arg\fR" 4
.IX Item "-passin arg"
-the private key password source. For more information about the format of \fBarg\fR
+The private key password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
-.IP "\fB\-rand file(s)\fR" 4
-.IX Item "-rand file(s)"
-a file or files containing random data used to seed the random number
-generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
-Multiple files can be specified separated by a OS-dependent character.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fBcert.pem...\fR" 4
.IX Item "cert.pem..."
-one or more certificates of message recipients: used when encrypting
+One or more certificates of message recipients: used when encrypting
a message.
.IP "\fB\-to, \-from, \-subject\fR" 4
.IX Item "-to, -from, -subject"
-the relevant mail headers. These are included outside the signed
+The relevant mail headers. These are included outside the signed
portion of a message so they may be included manually. If signing
then many S/MIME mail clients check the signers certificate's email
address matches that specified in the From: address.
-.IP "\fB\-purpose, \-ignore_critical, \-issuer_checks, \-crl_check, \-crl_check_all, \-policy_check, \-extended_crl, \-x509_strict, \-policy \-check_ss_sig \-no_alt_chains\fR" 4
-.IX Item "-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig -no_alt_chains"
+.IP "\fB\-attime\fR, \fB\-check_ss_sig\fR, \fB\-crl_check\fR, \fB\-crl_check_all\fR, \fB\-explicit_policy\fR, \fB\-extended_crl\fR, \fB\-ignore_critical\fR, \fB\-inhibit_any\fR, \fB\-inhibit_map\fR, \fB\-no_alt_chains\fR, \fB\-partial_chain\fR, \fB\-policy\fR, \fB\-policy_check\fR, \fB\-policy_print\fR, \fB\-purpose\fR, \fB\-suiteB_128\fR, \fB\-suiteB_128_only\fR, \fB\-suiteB_192\fR, \fB\-trusted_first\fR, \fB\-use_deltas\fR, \fB\-auth_level\fR, \fB\-verify_depth\fR, \fB\-verify_email\fR, \fB\-verify_hostname\fR, \fB\-verify_ip\fR, \fB\-verify_name\fR, \fB\-x509_strict\fR" 4
+.IX Item "-attime, -check_ss_sig, -crl_check, -crl_check_all, -explicit_policy, -extended_crl, -ignore_critical, -inhibit_any, -inhibit_map, -no_alt_chains, -partial_chain, -policy, -policy_check, -policy_print, -purpose, -suiteB_128, -suiteB_128_only, -suiteB_192, -trusted_first, -use_deltas, -auth_level, -verify_depth, -verify_email, -verify_hostname, -verify_ip, -verify_name, -x509_strict"
Set various options of certificate chain verification. See
-\&\fBverify\fR manual page for details.
+\&\fIverify\fR\|(1) manual page for details.
.SH "NOTES"
.IX Header "NOTES"
The \s-1MIME\s0 message must be sent without any blank lines between the
@@ -369,7 +421,7 @@ a blank line. Piping the mail directly to sendmail is one way to
achieve the correct format.
.PP
The supplied message to be signed or encrypted must include the
-necessary \s-1MIME\s0 headers or many S/MIME clients wont display it
+necessary \s-1MIME\s0 headers or many S/MIME clients won't display it
properly (if at all). You can use the \fB\-text\fR option to automatically
add plain text headers.
.PP
@@ -390,7 +442,7 @@ The \fB\-resign\fR option uses an existing message digest when adding a new
signer. This means that attributes must be present in at least one existing
signer using the same message digest or this operation will fail.
.PP
-The \fB\-stream\fR and \fB\-indef\fR options enable experimental streaming I/O support.
+The \fB\-stream\fR and \fB\-indef\fR options enable streaming I/O support.
As a result the encoding is \s-1BER\s0 using indefinite length constructed encoding
and no longer \s-1DER.\s0 Streaming is supported for the \fB\-encrypt\fR operation and the
\&\fB\-sign\fR operation if the content is not detached.
@@ -401,23 +453,23 @@ remains \s-1DER.\s0
.SH "EXIT CODES"
.IX Header "EXIT CODES"
.IP "0" 4
-the operation was completely successfully.
+The operation was completely successfully.
.IP "1" 4
.IX Item "1"
-an error occurred parsing the command options.
+An error occurred parsing the command options.
.IP "2" 4
.IX Item "2"
-one of the input files could not be read.
+One of the input files could not be read.
.IP "3" 4
.IX Item "3"
-an error occurred creating the PKCS#7 file or when reading the \s-1MIME\s0
+An error occurred creating the PKCS#7 file or when reading the \s-1MIME\s0
message.
.IP "4" 4
.IX Item "4"
-an error occurred decrypting or verifying the message.
+An error occurred decrypting or verifying the message.
.IP "5" 4
.IX Item "5"
-the message was verified correctly but an error occurred writing out
+The message was verified correctly but an error occurred writing out
the signers certificates.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
@@ -550,4 +602,12 @@ structures may cause parsing errors.
The use of multiple \fB\-signer\fR options and the \fB\-resign\fR command were first
added in OpenSSL 1.0.0
.PP
-The \-no_alt_chains options was first added to OpenSSL 1.0.2b.
+The \-no_alt_chains options was first added to OpenSSL 1.1.0.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/speed.1 b/secure/usr.bin/openssl/man/speed.1
index d249db4ab7e1..1a20ee8b9c07 100644
--- a/secure/usr.bin/openssl/man/speed.1
+++ b/secure/usr.bin/openssl/man/speed.1
@@ -129,55 +129,88 @@
.\" ========================================================================
.\"
.IX Title "SPEED 1"
-.TH SPEED 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH SPEED 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-speed,
-speed \- test library performance
+openssl\-speed, speed \- test library performance
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl speed\fR
+[\fB\-help\fR]
[\fB\-engine id\fR]
-[\fBmd2\fR]
-[\fBmdc2\fR]
-[\fBmd5\fR]
-[\fBhmac\fR]
-[\fBsha1\fR]
-[\fBrmd160\fR]
-[\fBidea-cbc\fR]
-[\fBrc2\-cbc\fR]
-[\fBrc5\-cbc\fR]
-[\fBbf-cbc\fR]
-[\fBdes-cbc\fR]
-[\fBdes\-ede3\fR]
-[\fBrc4\fR]
-[\fBrsa512\fR]
-[\fBrsa1024\fR]
-[\fBrsa2048\fR]
-[\fBrsa4096\fR]
-[\fBdsa512\fR]
-[\fBdsa1024\fR]
-[\fBdsa2048\fR]
-[\fBidea\fR]
-[\fBrc2\fR]
-[\fBdes\fR]
-[\fBrsa\fR]
-[\fBblowfish\fR]
+[\fB\-elapsed\fR]
+[\fB\-evp algo\fR]
+[\fB\-decrypt\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
+[\fB\-primes num\fR]
+[\fB\-seconds num\fR]
+[\fB\-bytes num\fR]
+[\fBalgorithm...\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
This command is used to test the performance of cryptographic algorithms.
+To see the list of supported algorithms, use the \fIlist \-\-digest\-commands\fR
+or \fIlist \-\-cipher\-commands\fR command. The global \s-1CSPRNG\s0 is denoted by
+the \fIrand\fR algorithm name.
.SH "OPTIONS"
.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBspeed\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBspeed\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
+.IP "\fB\-elapsed\fR" 4
+.IX Item "-elapsed"
+When calculating operations\- or bytes-per-second, use wall-clock time
+instead of \s-1CPU\s0 user time as divisor. It can be useful when testing speed
+of hardware engines.
+.IP "\fB\-evp algo\fR" 4
+.IX Item "-evp algo"
+Use the specified cipher or message digest algorithm via the \s-1EVP\s0 interface.
+If \fBalgo\fR is an \s-1AEAD\s0 cipher, then you can pass <\-aead> to benchmark a
+TLS-like sequence. And if \fBalgo\fR is a multi-buffer capable cipher, e.g.
+aes\-128\-cbc\-hmac\-sha1, then \fB\-mb\fR will time multi-buffer operation.
+.IP "\fB\-decrypt\fR" 4
+.IX Item "-decrypt"
+Time the decryption instead of encryption. Affects only the \s-1EVP\s0 testing.
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
+The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
+all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
+.IP "\fB\-primes num\fR" 4
+.IX Item "-primes num"
+Generate a \fBnum\fR\-prime \s-1RSA\s0 key and use it to run the benchmarks. This option
+is only effective if \s-1RSA\s0 algorithm is specified to test.
+.IP "\fB\-seconds num\fR" 4
+.IX Item "-seconds num"
+Run benchmarks for \fBnum\fR seconds.
+.IP "\fB\-bytes num\fR" 4
+.IX Item "-bytes num"
+Run benchmarks on \fBnum\fR\-byte buffers. Affects ciphers, digests and the \s-1CSPRNG.\s0
.IP "\fB[zero or more test algorithms]\fR" 4
.IX Item "[zero or more test algorithms]"
-If any options are given, \fBspeed\fR tests those algorithms, otherwise all of
-the above are tested.
+If any options are given, \fBspeed\fR tests those algorithms, otherwise a
+pre-compiled grand selection is tested.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/spkac.1 b/secure/usr.bin/openssl/man/spkac.1
index 762b8a222540..cbd60d3f8b5f 100644
--- a/secure/usr.bin/openssl/man/spkac.1
+++ b/secure/usr.bin/openssl/man/spkac.1
@@ -129,20 +129,21 @@
.\" ========================================================================
.\"
.IX Title "SPKAC 1"
-.TH SPKAC 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH SPKAC 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-spkac,
-spkac \- SPKAC printing and generating utility
+openssl\-spkac, spkac \- SPKAC printing and generating utility
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBspkac\fR
+[\fB\-help\fR]
[\fB\-in filename\fR]
[\fB\-out filename\fR]
[\fB\-key keyfile\fR]
+[\fB\-keyform PEM|DER|ENGINE\fR]
[\fB\-passin arg\fR]
[\fB\-challenge string\fR]
[\fB\-pubkey\fR]
@@ -156,51 +157,58 @@ spkac \- SPKAC printing and generating utility
The \fBspkac\fR command processes Netscape signed public key and challenge
(\s-1SPKAC\s0) files. It can print out their contents, verify the signature and
produce its own SPKACs from a supplied private key.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read from or standard input if this
option is not specified. Ignored if the \fB\-key\fR option is used.
.IP "\fB\-out filename\fR" 4
.IX Item "-out filename"
-specifies the output filename to write to or standard output by
+Specifies the output filename to write to or standard output by
default.
.IP "\fB\-key keyfile\fR" 4
.IX Item "-key keyfile"
-create an \s-1SPKAC\s0 file using the private key in \fBkeyfile\fR. The
+Create an \s-1SPKAC\s0 file using the private key in \fBkeyfile\fR. The
\&\fB\-in\fR, \fB\-noout\fR, \fB\-spksect\fR and \fB\-verify\fR options are ignored if
present.
+.IP "\fB\-keyform PEM|DER|ENGINE\fR" 4
+.IX Item "-keyform PEM|DER|ENGINE"
+Whether the key format is \s-1PEM, DER,\s0 or an engine-backed key.
+The default is \s-1PEM.\s0
.IP "\fB\-passin password\fR" 4
.IX Item "-passin password"
-the input file password source. For more information about the format of \fBarg\fR
+The input file password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
.IP "\fB\-challenge string\fR" 4
.IX Item "-challenge string"
-specifies the challenge string if an \s-1SPKAC\s0 is being created.
+Specifies the challenge string if an \s-1SPKAC\s0 is being created.
.IP "\fB\-spkac spkacname\fR" 4
.IX Item "-spkac spkacname"
-allows an alternative name form the variable containing the
+Allows an alternative name form the variable containing the
\&\s-1SPKAC.\s0 The default is \*(L"\s-1SPKAC\*(R".\s0 This option affects both
generated and input \s-1SPKAC\s0 files.
.IP "\fB\-spksect section\fR" 4
.IX Item "-spksect section"
-allows an alternative name form the section containing the
+Allows an alternative name form the section containing the
\&\s-1SPKAC.\s0 The default is the default section.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-don't output the text version of the \s-1SPKAC\s0 (not used if an
+Don't output the text version of the \s-1SPKAC\s0 (not used if an
\&\s-1SPKAC\s0 is being created).
.IP "\fB\-pubkey\fR" 4
.IX Item "-pubkey"
-output the public key of an \s-1SPKAC\s0 (not used if an \s-1SPKAC\s0 is
+Output the public key of an \s-1SPKAC\s0 (not used if an \s-1SPKAC\s0 is
being created).
.IP "\fB\-verify\fR" 4
.IX Item "-verify"
-verifies the digital signature on the supplied \s-1SPKAC.\s0
+Verifies the digital signature on the supplied \s-1SPKAC.\s0
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBspkac\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBspkac\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
@@ -226,12 +234,13 @@ Create an \s-1SPKAC\s0 using the challenge string \*(L"hello\*(R":
.PP
Example of an \s-1SPKAC,\s0 (long lines split up for clarity):
.PP
-.Vb 5
-\& SPKAC=MIG5MGUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA1cCoq2Wa3Ixs47uI7F\e
-\& PVwHVIPDx5yso105Y6zpozam135a8R0CpoRvkkigIyXfcCjiVi5oWk+6FfPaD03u\e
-\& PFoQIDAQABFgVoZWxsbzANBgkqhkiG9w0BAQQFAANBAFpQtY/FojdwkJh1bEIYuc\e
-\& 2EeM2KHTWPEepWYeawvHD0gQ3DngSC75YCWnnDdq+NQ3F+X4deMx9AaEglZtULwV\e
-\& 4=
+.Vb 6
+\& SPKAC=MIG5MGUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA\e
+\& 1cCoq2Wa3Ixs47uI7FPVwHVIPDx5yso105Y6zpozam135a\e
+\& 8R0CpoRvkkigIyXfcCjiVi5oWk+6FfPaD03uPFoQIDAQAB\e
+\& FgVoZWxsbzANBgkqhkiG9w0BAQQFAANBAFpQtY/FojdwkJ\e
+\& h1bEIYuc2EeM2KHTWPEepWYeawvHD0gQ3DngSC75YCWnnD\e
+\& dq+NQ3F+X4deMx9AaEglZtULwV4=
.Ve
.SH "NOTES"
.IX Header "NOTES"
@@ -251,3 +260,11 @@ to be used in a \*(L"replay attack\*(R".
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIca\fR\|(1)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/srp.1 b/secure/usr.bin/openssl/man/srp.1
new file mode 100644
index 000000000000..e328b09ccf78
--- /dev/null
+++ b/secure/usr.bin/openssl/man/srp.1
@@ -0,0 +1,194 @@
+.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
+.\"
+.\" Standard preamble:
+.\" ========================================================================
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Vb \" Begin verbatim text
+.ft CW
+.nf
+.ne \\$1
+..
+.de Ve \" End verbatim text
+.ft R
+.fi
+..
+.\" Set up some character translations and predefined strings. \*(-- will
+.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
+.\" double quote, and \*(R" will give a right double quote. \*(C+ will
+.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
+.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
+.\" nothing in troff, for use with C<>.
+.tr \(*W-
+.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
+.ie n \{\
+. ds -- \(*W-
+. ds PI pi
+. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
+. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
+. ds L" ""
+. ds R" ""
+. ds C` ""
+. ds C' ""
+'br\}
+.el\{\
+. ds -- \|\(em\|
+. ds PI \(*p
+. ds L" ``
+. ds R" ''
+. ds C`
+. ds C'
+'br\}
+.\"
+.\" Escape single quotes in literal strings from groff's Unicode transform.
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\"
+.\" If the F register is >0, we'll generate index entries on stderr for
+.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
+.\" entries marked with X<> in POD. Of course, you'll have to process the
+.\" output yourself in some meaningful fashion.
+.\"
+.\" Avoid warning from groff about undefined register 'F'.
+.de IX
+..
+.if !\nF .nr F 0
+.if \nF>0 \{\
+. de IX
+. tm Index:\\$1\t\\n%\t"\\$2"
+..
+. if !\nF==2 \{\
+. nr % 0
+. nr F 2
+. \}
+.\}
+.\"
+.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
+.\" Fear. Run. Save yourself. No user-serviceable parts.
+. \" fudge factors for nroff and troff
+.if n \{\
+. ds #H 0
+. ds #V .8m
+. ds #F .3m
+. ds #[ \f1
+. ds #] \fP
+.\}
+.if t \{\
+. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
+. ds #V .6m
+. ds #F 0
+. ds #[ \&
+. ds #] \&
+.\}
+. \" simple accents for nroff and troff
+.if n \{\
+. ds ' \&
+. ds ` \&
+. ds ^ \&
+. ds , \&
+. ds ~ ~
+. ds /
+.\}
+.if t \{\
+. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
+. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
+. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
+. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
+. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
+. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
+.\}
+. \" troff and (daisy-wheel) nroff accents
+.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
+.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
+.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
+.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
+.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
+.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
+.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
+.ds ae a\h'-(\w'a'u*4/10)'e
+.ds Ae A\h'-(\w'A'u*4/10)'E
+. \" corrections for vroff
+.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
+.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
+. \" for low resolution devices (crt and lpr)
+.if \n(.H>23 .if \n(.V>19 \
+\{\
+. ds : e
+. ds 8 ss
+. ds o a
+. ds d- d\h'-1'\(ga
+. ds D- D\h'-1'\(hy
+. ds th \o'bp'
+. ds Th \o'LP'
+. ds ae ae
+. ds Ae AE
+.\}
+.rm #[ #] #H #V #F C
+.\" ========================================================================
+.\"
+.IX Title "SRP 1"
+.TH SRP 1 "2018-09-11" "1.1.1" "OpenSSL"
+.\" For nroff, turn off justification. Always turn off hyphenation; it makes
+.\" way too many mistakes in technical documents.
+.if n .ad l
+.nh
+.SH "NAME"
+openssl\-srp, srp \- maintain SRP password file
+.SH "SYNOPSIS"
+.IX Header "SYNOPSIS"
+\&\fBopenssl srp\fR
+[\fB\-help\fR]
+[\fB\-verbose\fR]
+[\fB\-add\fR]
+[\fB\-modify\fR]
+[\fB\-delete\fR]
+[\fB\-list\fR]
+[\fB\-name section\fR]
+[\fB\-config file\fR]
+[\fB\-srpvfile file\fR]
+[\fB\-gn identifier\fR]
+[\fB\-userinfo text...\fR]
+[\fB\-passin arg\fR]
+[\fB\-passout arg\fR]
+[\fIuser...\fR]
+.SH "DESCRIPTION"
+.IX Header "DESCRIPTION"
+The \fBsrp\fR command is user to maintain an \s-1SRP\s0 (secure remote password)
+file.
+At most one of the \fB\-add\fR, \fB\-modify\fR, \fB\-delete\fR, and \fB\-list\fR options
+can be specified.
+These options take zero or more usernames as parameters and perform the
+appropriate operation on the \s-1SRP\s0 file.
+For \fB\-list\fR, if no \fBuser\fR is given then all users are displayed.
+.PP
+The configuration file to use, and the section within the file, can be
+specified with the \fB\-config\fR and \fB\-name\fR flags, respectively.
+If the config file is not specified, the \fB\-srpvfile\fR can be used to
+just specify the file to operate on.
+.PP
+The \fB\-userinfo\fR option specifies additional information to add when
+adding or modifying a user.
+.PP
+The \fB\-gn\fR flag specifies the \fBg\fR and \fBN\fR values, using one of
+the strengths defined in \s-1IETF RFC 5054.\s0
+.PP
+The \fB\-passin\fR and \fB\-passout\fR arguments are parsed as described in
+the \fIopenssl\fR\|(1) command.
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "[\fB\-help\fR]" 4
+.IX Item "[-help]"
+Display an option summary.
+.IP "[\fB\-verbose\fR]" 4
+.IX Item "[-verbose]"
+Generate verbose output while processing.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/storeutl.1 b/secure/usr.bin/openssl/man/storeutl.1
new file mode 100644
index 000000000000..8c7f9b2d147f
--- /dev/null
+++ b/secure/usr.bin/openssl/man/storeutl.1
@@ -0,0 +1,242 @@
+.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
+.\"
+.\" Standard preamble:
+.\" ========================================================================
+.de Sp \" Vertical space (when we can't use .PP)
+.if t .sp .5v
+.if n .sp
+..
+.de Vb \" Begin verbatim text
+.ft CW
+.nf
+.ne \\$1
+..
+.de Ve \" End verbatim text
+.ft R
+.fi
+..
+.\" Set up some character translations and predefined strings. \*(-- will
+.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
+.\" double quote, and \*(R" will give a right double quote. \*(C+ will
+.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
+.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
+.\" nothing in troff, for use with C<>.
+.tr \(*W-
+.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
+.ie n \{\
+. ds -- \(*W-
+. ds PI pi
+. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
+. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
+. ds L" ""
+. ds R" ""
+. ds C` ""
+. ds C' ""
+'br\}
+.el\{\
+. ds -- \|\(em\|
+. ds PI \(*p
+. ds L" ``
+. ds R" ''
+. ds C`
+. ds C'
+'br\}
+.\"
+.\" Escape single quotes in literal strings from groff's Unicode transform.
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\"
+.\" If the F register is >0, we'll generate index entries on stderr for
+.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
+.\" entries marked with X<> in POD. Of course, you'll have to process the
+.\" output yourself in some meaningful fashion.
+.\"
+.\" Avoid warning from groff about undefined register 'F'.
+.de IX
+..
+.if !\nF .nr F 0
+.if \nF>0 \{\
+. de IX
+. tm Index:\\$1\t\\n%\t"\\$2"
+..
+. if !\nF==2 \{\
+. nr % 0
+. nr F 2
+. \}
+.\}
+.\"
+.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
+.\" Fear. Run. Save yourself. No user-serviceable parts.
+. \" fudge factors for nroff and troff
+.if n \{\
+. ds #H 0
+. ds #V .8m
+. ds #F .3m
+. ds #[ \f1
+. ds #] \fP
+.\}
+.if t \{\
+. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
+. ds #V .6m
+. ds #F 0
+. ds #[ \&
+. ds #] \&
+.\}
+. \" simple accents for nroff and troff
+.if n \{\
+. ds ' \&
+. ds ` \&
+. ds ^ \&
+. ds , \&
+. ds ~ ~
+. ds /
+.\}
+.if t \{\
+. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
+. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
+. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
+. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
+. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
+. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
+.\}
+. \" troff and (daisy-wheel) nroff accents
+.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
+.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
+.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
+.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
+.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
+.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
+.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
+.ds ae a\h'-(\w'a'u*4/10)'e
+.ds Ae A\h'-(\w'A'u*4/10)'E
+. \" corrections for vroff
+.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
+.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
+. \" for low resolution devices (crt and lpr)
+.if \n(.H>23 .if \n(.V>19 \
+\{\
+. ds : e
+. ds 8 ss
+. ds o a
+. ds d- d\h'-1'\(ga
+. ds D- D\h'-1'\(hy
+. ds th \o'bp'
+. ds Th \o'LP'
+. ds ae ae
+. ds Ae AE
+.\}
+.rm #[ #] #H #V #F C
+.\" ========================================================================
+.\"
+.IX Title "STOREUTL 1"
+.TH STOREUTL 1 "2018-09-11" "1.1.1" "OpenSSL"
+.\" For nroff, turn off justification. Always turn off hyphenation; it makes
+.\" way too many mistakes in technical documents.
+.if n .ad l
+.nh
+.SH "NAME"
+openssl\-storeutl, storeutl \- STORE utility
+.SH "SYNOPSIS"
+.IX Header "SYNOPSIS"
+\&\fBopenssl\fR \fBstoreutl\fR
+[\fB\-help\fR]
+[\fB\-out file\fR]
+[\fB\-noout\fR]
+[\fB\-passin arg\fR]
+[\fB\-text arg\fR]
+[\fB\-engine id\fR]
+[\fB\-r\fR]
+[\fB\-certs\fR]
+[\fB\-keys\fR]
+[\fB\-crls\fR]
+[\fB\-subject arg\fR]
+[\fB\-issuer arg\fR]
+[\fB\-serial arg\fR]
+[\fB\-alias arg\fR]
+[\fB\-fingerprint arg\fR]
+[\fB\-\f(BIdigest\fB\fR]
+\&\fBuri\fR ...
+.SH "DESCRIPTION"
+.IX Header "DESCRIPTION"
+The \fBstoreutl\fR command can be used to display the contents (after decryption
+as the case may be) fetched from the given URIs.
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
+.IP "\fB\-out filename\fR" 4
+.IX Item "-out filename"
+specifies the output filename to write to or standard output by
+default.
+.IP "\fB\-noout\fR" 4
+.IX Item "-noout"
+this option prevents output of the \s-1PEM\s0 data.
+.IP "\fB\-passin arg\fR" 4
+.IX Item "-passin arg"
+the key password source. For more information about the format of \fBarg\fR
+see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
+.IP "\fB\-text\fR" 4
+.IX Item "-text"
+Prints out the objects in text form, similarly to the \fB\-text\fR output from
+\&\fBopenssl x509\fR, \fBopenssl pkey\fR, etc.
+.IP "\fB\-engine id\fR" 4
+.IX Item "-engine id"
+specifying an engine (by its unique \fBid\fR string) will cause \fBstoreutl\fR
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed.
+The engine will then be set as the default for all available algorithms.
+.IP "\fB\-r\fR" 4
+.IX Item "-r"
+Fetch objects recursively when possible.
+.IP "\fB\-certs\fR" 4
+.IX Item "-certs"
+.PD 0
+.IP "\fB\-keys\fR" 4
+.IX Item "-keys"
+.IP "\fB\-crls\fR" 4
+.IX Item "-crls"
+.PD
+Only select the certificates, keys or CRLs from the given \s-1URI.\s0
+However, if this \s-1URI\s0 would return a set of names (URIs), those are always
+returned.
+.IP "\fB\-subject arg\fR" 4
+.IX Item "-subject arg"
+Search for an object having the subject name \fBarg\fR.
+The arg must be formatted as \fI/type0=value0/type1=value1/type2=...\fR,
+characters may be escaped by \e (backslash), no spaces are skipped.
+.IP "\fB\-issuer arg\fR" 4
+.IX Item "-issuer arg"
+.PD 0
+.IP "\fB\-serial arg\fR" 4
+.IX Item "-serial arg"
+.PD
+Search for an object having the given issuer name and serial number.
+These two options \fImust\fR be used together.
+The issuer arg must be formatted as \fI/type0=value0/type1=value1/type2=...\fR,
+characters may be escaped by \e (backslash), no spaces are skipped.
+The serial arg may be specified as a decimal value or a hex value if preceded
+by \fB0x\fR.
+.IP "\fB\-alias arg\fR" 4
+.IX Item "-alias arg"
+Search for an object having the given alias.
+.IP "\fB\-fingerprint arg\fR" 4
+.IX Item "-fingerprint arg"
+Search for an object having the given fingerprint.
+.IP "\fB\-\f(BIdigest\fB\fR" 4
+.IX Item "-digest"
+The digest that was used to compute the fingerprint given with \fB\-fingerprint\fR.
+.SH "SEE ALSO"
+.IX Header "SEE ALSO"
+\&\fIopenssl\fR\|(1)
+.SH "HISTORY"
+.IX Header "HISTORY"
+\&\fBopenssl\fR \fBstoreutl\fR was added to OpenSSL 1.1.1.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2016\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/ts.1 b/secure/usr.bin/openssl/man/ts.1
index 34c30ebffa6f..7b597e4b42e8 100644
--- a/secure/usr.bin/openssl/man/ts.1
+++ b/secure/usr.bin/openssl/man/ts.1
@@ -129,24 +129,24 @@
.\" ========================================================================
.\"
.IX Title "TS 1"
-.TH TS 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH TS 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-ts,
-ts \- Time Stamping Authority tool (client/server)
+openssl\-ts, ts \- Time Stamping Authority tool (client/server)
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBts\fR
\&\fB\-query\fR
-[\fB\-rand\fR file:file...]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-config\fR configfile]
[\fB\-data\fR file_to_hash]
[\fB\-digest\fR digest_bytes]
-[\fB\-md2\fR|\fB\-md4\fR|\fB\-md5\fR|\fB\-sha\fR|\fB\-sha1\fR|\fB\-mdc2\fR|\fB\-ripemd160\fR|\fB...\fR]
-[\fB\-policy\fR object_id]
+[\fB\-\f(BIdigest\fB\fR]
+[\fB\-tspolicy\fR object_id]
[\fB\-no_nonce\fR]
[\fB\-cert\fR]
[\fB\-in\fR request.tsq]
@@ -160,9 +160,10 @@ ts \- Time Stamping Authority tool (client/server)
[\fB\-queryfile\fR request.tsq]
[\fB\-passin\fR password_src]
[\fB\-signer\fR tsa_cert.pem]
-[\fB\-inkey\fR private.pem]
+[\fB\-inkey\fR file_or_id]
+[\fB\-\f(BIdigest\fB\fR]
[\fB\-chain\fR certs_file.pem]
-[\fB\-policy\fR object_id]
+[\fB\-tspolicy\fR object_id]
[\fB\-in\fR response.tsr]
[\fB\-token_in\fR]
[\fB\-out\fR response.tsr]
@@ -180,6 +181,38 @@ ts \- Time Stamping Authority tool (client/server)
[\fB\-CApath\fR trusted_cert_path]
[\fB\-CAfile\fR trusted_certs.pem]
[\fB\-untrusted\fR cert_file.pem]
+[\fIverify options\fR]
+.PP
+\&\fIverify options:\fR
+[\-attime timestamp]
+[\-check_ss_sig]
+[\-crl_check]
+[\-crl_check_all]
+[\-explicit_policy]
+[\-extended_crl]
+[\-ignore_critical]
+[\-inhibit_any]
+[\-inhibit_map]
+[\-issuer_checks]
+[\-no_alt_chains]
+[\-no_check_time]
+[\-partial_chain]
+[\-policy arg]
+[\-policy_check]
+[\-policy_print]
+[\-purpose purpose]
+[\-suiteB_128]
+[\-suiteB_128_only]
+[\-suiteB_192]
+[\-trusted_first]
+[\-use_deltas]
+[\-auth_level num]
+[\-verify_depth num]
+[\-verify_email email]
+[\-verify_hostname hostname]
+[\-verify_ip ip]
+[\-verify_name name]
+[\-x509_strict]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBts\fR command is a basic Time Stamping Authority (\s-1TSA\s0) client and server
@@ -216,16 +249,22 @@ requests either by ftp or e\-mail.
.IX Subsection "Time Stamp Request generation"
The \fB\-query\fR switch can be used for creating and printing a time stamp
request with the following options:
-.IP "\fB\-rand\fR file:file..." 4
-.IX Item "-rand file:file..."
-The files containing random data for seeding the random number
-generator. Multiple files can be specified, the separator is \fB;\fR for
-MS-Windows, \fB,\fR for \s-1VMS\s0 and \fB:\fR for all other platforms. (Optional)
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
+The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
+all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fB\-config\fR configfile" 4
.IX Item "-config configfile"
-The configuration file to use, this option overrides the
-\&\fB\s-1OPENSSL_CONF\s0\fR environment variable. Only the \s-1OID\s0 section
-of the config file is used with the \fB\-query\fR command. (Optional)
+The configuration file to use.
+Optional; for a description of the default value,
+see \*(L"\s-1COMMAND SUMMARY\*(R"\s0 in \fIopenssl\fR\|(1).
.IP "\fB\-data\fR file_to_hash" 4
.IX Item "-data file_to_hash"
The data file for which the time stamp request needs to be
@@ -236,15 +275,15 @@ parameter is specified. (Optional)
It is possible to specify the message imprint explicitly without the data
file. The imprint must be specified in a hexadecimal format, two characters
per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or
-1AF601...). The number of bytes must match the message digest algorithm
+1AF601...). The number of bytes must match the message digest algorithm
in use. (Optional)
-.IP "\fB\-md2\fR|\fB\-md4\fR|\fB\-md5\fR|\fB\-sha\fR|\fB\-sha1\fR|\fB\-mdc2\fR|\fB\-ripemd160\fR|\fB...\fR" 4
-.IX Item "-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160|..."
-The message digest to apply to the data file, it supports all the message
-digest algorithms that are supported by the openssl \fBdgst\fR command.
+.IP "\fB\-\f(BIdigest\fB\fR" 4
+.IX Item "-digest"
+The message digest to apply to the data file.
+Any digest supported by the OpenSSL \fBdgst\fR command can be used.
The default is \s-1SHA\-1.\s0 (Optional)
-.IP "\fB\-policy\fR object_id" 4
-.IX Item "-policy object_id"
+.IP "\fB\-tspolicy\fR object_id" 4
+.IX Item "-tspolicy object_id"
The policy that the client expects the \s-1TSA\s0 to use for creating the
time stamp token. Either the dotted \s-1OID\s0 notation or \s-1OID\s0 names defined
in the config file can be used. If no policy is requested the \s-1TSA\s0 will
@@ -264,7 +303,6 @@ response. (Optional)
This option specifies a previously created time stamp request in \s-1DER\s0
format that will be printed into the output file. Useful when you need
to examine the content of a request in human-readable
-.Sp
format. (Optional)
.IP "\fB\-out\fR request.tsq" 4
.IX Item "-out request.tsq"
@@ -285,12 +323,13 @@ specified the output is always a time stamp response (TimeStampResp),
otherwise it is a time stamp token (ContentInfo).
.IP "\fB\-config\fR configfile" 4
.IX Item "-config configfile"
-The configuration file to use, this option overrides the
-\&\fB\s-1OPENSSL_CONF\s0\fR environment variable. See \fB\s-1CONFIGURATION FILE
-OPTIONS\s0\fR for configurable variables. (Optional)
+The configuration file to use.
+Optional; for a description of the default value,
+see \*(L"\s-1COMMAND SUMMARY\*(R"\s0 in \fIopenssl\fR\|(1).
+See \fB\s-1CONFIGURATION FILE OPTIONS\s0\fR for configurable variables.
.IP "\fB\-section\fR tsa_section" 4
.IX Item "-section tsa_section"
-The name of the config file section conatining the settings for the
+The name of the config file section containing the settings for the
response generation. If not specified the default \s-1TSA\s0 section is
used, see \fB\s-1CONFIGURATION FILE OPTIONS\s0\fR for details. (Optional)
.IP "\fB\-queryfile\fR request.tsq" 4
@@ -307,10 +346,16 @@ certificate must have exactly one extended key usage assigned to it:
timeStamping. The extended key usage must also be critical, otherwise
the certificate is going to be refused. Overrides the \fBsigner_cert\fR
variable of the config file. (Optional)
-.IP "\fB\-inkey\fR private.pem" 4
-.IX Item "-inkey private.pem"
+.IP "\fB\-inkey\fR file_or_id" 4
+.IX Item "-inkey file_or_id"
The signer private key of the \s-1TSA\s0 in \s-1PEM\s0 format. Overrides the
\&\fBsigner_key\fR config file option. (Optional)
+If no engine is used, the argument is taken as a file; if an engine is
+specified, the argument is given to the engine as a key identifier.
+.IP "\fB\-\f(BIdigest\fB\fR" 4
+.IX Item "-digest"
+Signing digest to use. Overrides the \fBsigner_digest\fR config file
+option. (Optional)
.IP "\fB\-chain\fR certs_file.pem" 4
.IX Item "-chain certs_file.pem"
The collection of certificates in \s-1PEM\s0 format that will all
@@ -319,8 +364,8 @@ the \fB\-cert\fR option was used for the request. This file is supposed to
contain the certificate chain for the signer certificate from its
issuer upwards. The \fB\-reply\fR command does not build a certificate
chain automatically. (Optional)
-.IP "\fB\-policy\fR object_id" 4
-.IX Item "-policy object_id"
+.IP "\fB\-tspolicy\fR object_id" 4
+.IX Item "-tspolicy object_id"
The default policy to use for the response unless the client
explicitly requires a particular \s-1TSA\s0 policy. The \s-1OID\s0 can be specified
either in dotted notation or with its name. Overrides the
@@ -366,7 +411,7 @@ data file. The \fB\-verify\fR command does not use the configuration file.
.IP "\fB\-data\fR file_to_hash" 4
.IX Item "-data file_to_hash"
The response or token must be verified against file_to_hash. The file
-is hashed with the message digest algorithm specified in the token.
+is hashed with the message digest algorithm specified in the token.
The \fB\-digest\fR and \fB\-queryfile\fR options must not be specified with this one.
(Optional)
.IP "\fB\-digest\fR digest_bytes" 4
@@ -389,14 +434,14 @@ that the input is a \s-1DER\s0 encoded time stamp token (ContentInfo) instead
of a time stamp response (TimeStampResp). (Optional)
.IP "\fB\-CApath\fR trusted_cert_path" 4
.IX Item "-CApath trusted_cert_path"
-The name of the directory containing the trused \s-1CA\s0 certificates of the
+The name of the directory containing the trusted \s-1CA\s0 certificates of the
client. See the similar option of \fIverify\fR\|(1) for additional
details. Either this option or \fB\-CAfile\fR must be specified. (Optional)
.IP "\fB\-CAfile\fR trusted_certs.pem" 4
.IX Item "-CAfile trusted_certs.pem"
-The name of the file containing a set of trusted self-signed \s-1CA\s0
-certificates in \s-1PEM\s0 format. See the similar option of
-\&\fIverify\fR\|(1) for additional details. Either this option
+The name of the file containing a set of trusted self-signed \s-1CA\s0
+certificates in \s-1PEM\s0 format. See the similar option of
+\&\fIverify\fR\|(1) for additional details. Either this option
or \fB\-CApath\fR must be specified.
(Optional)
.IP "\fB\-untrusted\fR cert_file.pem" 4
@@ -406,10 +451,21 @@ needed when building the certificate chain for the \s-1TSA\s0's signing
certificate. This file must contain the \s-1TSA\s0 signing certificate and
all intermediate \s-1CA\s0 certificates unless the response includes them.
(Optional)
+.IP "\fIverify options\fR" 4
+.IX Item "verify options"
+The options \fB\-attime timestamp\fR, \fB\-check_ss_sig\fR, \fB\-crl_check\fR,
+\&\fB\-crl_check_all\fR, \fB\-explicit_policy\fR, \fB\-extended_crl\fR, \fB\-ignore_critical\fR,
+\&\fB\-inhibit_any\fR, \fB\-inhibit_map\fR, \fB\-issuer_checks\fR, \fB\-no_alt_chains\fR,
+\&\fB\-no_check_time\fR, \fB\-partial_chain\fR, \fB\-policy\fR, \fB\-policy_check\fR,
+\&\fB\-policy_print\fR, \fB\-purpose\fR, \fB\-suiteB_128\fR, \fB\-suiteB_128_only\fR,
+\&\fB\-suiteB_192\fR, \fB\-trusted_first\fR, \fB\-use_deltas\fR, \fB\-auth_level\fR,
+\&\fB\-verify_depth\fR, \fB\-verify_email\fR, \fB\-verify_hostname\fR, \fB\-verify_ip\fR,
+\&\fB\-verify_name\fR, and \fB\-x509_strict\fR can be used to control timestamp
+verification. See \fIverify\fR\|(1).
.SH "CONFIGURATION FILE OPTIONS"
.IX Header "CONFIGURATION FILE OPTIONS"
-The \fB\-query\fR and \fB\-reply\fR commands make use of a configuration file
-defined by the \fB\s-1OPENSSL_CONF\s0\fR environment variable. See \fIconfig\fR\|(5)
+The \fB\-query\fR and \fB\-reply\fR commands make use of a configuration file.
+See \fIconfig\fR\|(5)
for a general description of the syntax of the config file. The
\&\fB\-query\fR command uses only the symbolic \s-1OID\s0 names section
and it can work without it. However, the \fB\-reply\fR command needs the
@@ -439,8 +495,8 @@ each response. If the file does not exist at the time of response
generation a new file is created with serial number 1. (Mandatory)
.IP "\fBcrypto_device\fR" 4
.IX Item "crypto_device"
-Specifies the OpenSSL engine that will be set as the default for
-all available algorithms. The default value is builtin, you can specify
+Specifies the OpenSSL engine that will be set as the default for
+all available algorithms. The default value is builtin, you can specify
any other engines supported by OpenSSL (e.g. use chil for the NCipher \s-1HSM\s0).
(Optional)
.IP "\fBsigner_cert\fR" 4
@@ -456,10 +512,14 @@ option. (Optional)
.IX Item "signer_key"
The private key of the \s-1TSA\s0 in \s-1PEM\s0 format. The same as the \fB\-inkey\fR
command line option. (Optional)
+.IP "\fBsigner_digest\fR" 4
+.IX Item "signer_digest"
+Signing digest to use. The same as the
+\&\fB\-\f(BIdigest\fB\fR command line option. (Optional)
.IP "\fBdefault_policy\fR" 4
.IX Item "default_policy"
The default policy to use when the request does not mandate any
-policy. The same as the \fB\-policy\fR command line option. (Optional)
+policy. The same as the \fB\-tspolicy\fR command line option. (Optional)
.IP "\fBother_policies\fR" 4
.IX Item "other_policies"
Comma separated list of policies that are also acceptable by the \s-1TSA\s0
@@ -475,7 +535,7 @@ and microseconds. E.g. secs:1, millisecs:500, microsecs:100. If any of
the components is missing zero is assumed for that field. (Optional)
.IP "\fBclock_precision_digits\fR" 4
.IX Item "clock_precision_digits"
-Specifies the maximum number of digits, which represent the fraction of
+Specifies the maximum number of digits, which represent the fraction of
seconds, that need to be included in the time field. The trailing zeroes
must be removed from the time, so there might actually be fewer digits,
or no fraction of seconds at all. Supported only on \s-1UNIX\s0 platforms.
@@ -500,18 +560,18 @@ is specified then the certificate identifiers of the chain will also
be included in the SigningCertificate signed attribute. If this
variable is set to no, only the signing certificate identifier is
included. Default is no. (Optional)
-.SH "ENVIRONMENT VARIABLES"
-.IX Header "ENVIRONMENT VARIABLES"
-\&\fB\s-1OPENSSL_CONF\s0\fR contains the path of the configuration file and can be
-overridden by the \fB\-config\fR command line option.
+.IP "\fBess_cert_id_alg\fR" 4
+.IX Item "ess_cert_id_alg"
+This option specifies the hash function to be used to calculate the \s-1TSA\s0's
+public key certificate identifier. Default is sha1. (Optional)
.SH "EXAMPLES"
.IX Header "EXAMPLES"
All the examples below presume that \fB\s-1OPENSSL_CONF\s0\fR is set to a proper
-configuration file, e.g. the example configuration file
+configuration file, e.g. the example configuration file
openssl/apps/openssl.cnf will do.
.SS "Time Stamp Request"
.IX Subsection "Time Stamp Request"
-To create a time stamp request for design1.txt with \s-1SHA\-1\s0
+To create a time stamp request for design1.txt with \s-1SHA\-1\s0
without nonce and policy and no certificate is required in the response:
.PP
.Vb 2
@@ -533,23 +593,27 @@ To print the content of the previous request in human readable format:
\& openssl ts \-query \-in design1.tsq \-text
.Ve
.PP
-To create a time stamp request which includes the \s-1MD\-5\s0 digest
+To create a time stamp request which includes the \s-1MD\-5\s0 digest
of design2.txt, requests the signer certificate and nonce,
specifies a policy id (assuming the tsa_policy1 name is defined in the
\&\s-1OID\s0 section of the config file):
.PP
.Vb 2
\& openssl ts \-query \-data design2.txt \-md5 \e
-\& \-policy tsa_policy1 \-cert \-out design2.tsq
+\& \-tspolicy tsa_policy1 \-cert \-out design2.tsq
.Ve
.SS "Time Stamp Response"
.IX Subsection "Time Stamp Response"
Before generating a response a signing certificate must be created for
the \s-1TSA\s0 that contains the \fBtimeStamping\fR critical extended key usage extension
-without any other key usage extensions. You can add the
-\&'extendedKeyUsage = critical,timeStamping' line to the user certificate section
-of the config file to generate a proper certificate. See \fIreq\fR\|(1),
-\&\fIca\fR\|(1), \fIx509\fR\|(1) for instructions. The examples
+without any other key usage extensions. You can add this line to the
+user certificate section of the config file to generate a proper certificate;
+.PP
+.Vb 1
+\& extendedKeyUsage = critical,timeStamping
+.Ve
+.PP
+See \fIreq\fR\|(1), \fIca\fR\|(1), and \fIx509\fR\|(1) for instructions. The examples
below assume that cacert.pem contains the certificate of the \s-1CA,\s0
tsacert.pem is the signing certificate issued by cacert.pem and
tsakey.pem is the private key of the \s-1TSA.\s0
@@ -615,41 +679,44 @@ To verify a time stamp reply that includes the certificate chain:
.PP
To verify a time stamp token against the original data file:
openssl ts \-verify \-data design2.txt \-in design2.tsr \e
- \-CAfile cacert.pem
+ \-CAfile cacert.pem
.PP
To verify a time stamp token against a message imprint:
openssl ts \-verify \-digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \e
- \-in design2.tsr \-CAfile cacert.pem
+ \-in design2.tsr \-CAfile cacert.pem
.PP
You could also look at the 'test' directory for more examples.
.SH "BUGS"
.IX Header "BUGS"
-If you find any bugs or you have suggestions please write to
-Zoltan Glozik <zglozik@opentsa.org>. Known issues:
-.IP "\(bu" 4
+.IP "\(bu" 2
No support for time stamps over \s-1SMTP,\s0 though it is quite easy
-to implement an automatic e\-mail based \s-1TSA\s0 with \fIprocmail\fR\|(1)
-and \fIperl\fR\|(1). \s-1HTTP\s0 server support is provided in the form of
+to implement an automatic e\-mail based \s-1TSA\s0 with \fIprocmail\fR\|(1)
+and \fIperl\fR\|(1). \s-1HTTP\s0 server support is provided in the form of
a separate apache module. \s-1HTTP\s0 client support is provided by
\&\fItsget\fR\|(1). Pure \s-1TCP/IP\s0 protocol is not supported.
-.IP "\(bu" 4
+.IP "\(bu" 2
The file containing the last serial number of the \s-1TSA\s0 is not
locked when being read or written. This is a problem if more than one
instance of \fIopenssl\fR\|(1) is trying to create a time stamp
response at the same time. This is not an issue when using the apache
server module, it does proper locking.
-.IP "\(bu" 4
+.IP "\(bu" 2
Look for the \s-1FIXME\s0 word in the source files.
-.IP "\(bu" 4
+.IP "\(bu" 2
The source code should really be reviewed by somebody else, too.
-.IP "\(bu" 4
+.IP "\(bu" 2
More testing is needed, I have done only some basic tests (see
test/testtsa).
-.SH "AUTHOR"
-.IX Header "AUTHOR"
-Zoltan Glozik <zglozik@opentsa.org>, OpenTSA project (http://www.opentsa.org)
.SH "SEE ALSO"
.IX Header "SEE ALSO"
-\&\fItsget\fR\|(1), \fIopenssl\fR\|(1), \fIreq\fR\|(1),
-\&\fIx509\fR\|(1), \fIca\fR\|(1), \fIgenrsa\fR\|(1),
+\&\fItsget\fR\|(1), \fIopenssl\fR\|(1), \fIreq\fR\|(1),
+\&\fIx509\fR\|(1), \fIca\fR\|(1), \fIgenrsa\fR\|(1),
\&\fIconfig\fR\|(5)
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2006\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/tsget.1 b/secure/usr.bin/openssl/man/tsget.1
index a04cc9594b20..a0c6201f2427 100644
--- a/secure/usr.bin/openssl/man/tsget.1
+++ b/secure/usr.bin/openssl/man/tsget.1
@@ -129,14 +129,13 @@
.\" ========================================================================
.\"
.IX Title "TSGET 1"
-.TH TSGET 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH TSGET 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-tsget,
-tsget \- Time Stamping HTTP/HTTPS client
+openssl\-tsget, tsget \- Time Stamping HTTP/HTTPS client
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBtsget\fR
@@ -257,7 +256,7 @@ time stamp requests, tsa.opentsa.org listens at port 8080 for \s-1HTTP\s0 reques
and at port 8443 for \s-1HTTPS\s0 requests, the \s-1TSA\s0 service is available at the /tsa
absolute path.
.PP
-Get a time stamp response for file1.tsq over \s-1HTTP,\s0 output is written to
+Get a time stamp response for file1.tsq over \s-1HTTP,\s0 output is written to
file1.tsr:
.PP
.Vb 1
@@ -308,10 +307,15 @@ example:
\& export TSGET
\& tsget file1.tsq
.Ve
-.SH "AUTHOR"
-.IX Header "AUTHOR"
-Zoltan Glozik <zglozik@opentsa.org>, OpenTSA project (http://www.opentsa.org)
.SH "SEE ALSO"
.IX Header "SEE ALSO"
-\&\fIopenssl\fR\|(1), \fIts\fR\|(1), \fIcurl\fR\|(1),
+\&\fIopenssl\fR\|(1), \fIts\fR\|(1), \fIcurl\fR\|(1),
\&\fB\s-1RFC 3161\s0\fR
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2006\-2016 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/verify.1 b/secure/usr.bin/openssl/man/verify.1
index 60649b8a6c8f..f36841d8a99e 100644
--- a/secure/usr.bin/openssl/man/verify.1
+++ b/secure/usr.bin/openssl/man/verify.1
@@ -129,50 +129,72 @@
.\" ========================================================================
.\"
.IX Title "VERIFY 1"
-.TH VERIFY 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH VERIFY 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-verify,
-verify \- Utility to verify certificates.
+openssl\-verify, verify \- Utility to verify certificates
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBverify\fR
-[\fB\-CApath directory\fR]
+[\fB\-help\fR]
[\fB\-CAfile file\fR]
-[\fB\-purpose purpose\fR]
-[\fB\-policy arg\fR]
-[\fB\-ignore_critical\fR]
+[\fB\-CApath directory\fR]
+[\fB\-no\-CAfile\fR]
+[\fB\-no\-CApath\fR]
+[\fB\-allow_proxy_certs\fR]
[\fB\-attime timestamp\fR]
[\fB\-check_ss_sig\fR]
[\fB\-CRLfile file\fR]
[\fB\-crl_download\fR]
[\fB\-crl_check\fR]
[\fB\-crl_check_all\fR]
-[\fB\-policy_check\fR]
+[\fB\-engine id\fR]
[\fB\-explicit_policy\fR]
+[\fB\-extended_crl\fR]
+[\fB\-ignore_critical\fR]
[\fB\-inhibit_any\fR]
[\fB\-inhibit_map\fR]
-[\fB\-x509_strict\fR]
-[\fB\-extended_crl\fR]
-[\fB\-use_deltas\fR]
+[\fB\-nameopt option\fR]
+[\fB\-no_check_time\fR]
+[\fB\-partial_chain\fR]
+[\fB\-policy arg\fR]
+[\fB\-policy_check\fR]
[\fB\-policy_print\fR]
+[\fB\-purpose purpose\fR]
+[\fB\-suiteB_128\fR]
+[\fB\-suiteB_128_only\fR]
+[\fB\-suiteB_192\fR]
+[\fB\-trusted_first\fR]
[\fB\-no_alt_chains\fR]
-[\fB\-allow_proxy_certs\fR]
[\fB\-untrusted file\fR]
-[\fB\-help\fR]
-[\fB\-issuer_checks\fR]
[\fB\-trusted file\fR]
+[\fB\-use_deltas\fR]
[\fB\-verbose\fR]
+[\fB\-auth_level level\fR]
+[\fB\-verify_depth num\fR]
+[\fB\-verify_email email\fR]
+[\fB\-verify_hostname hostname\fR]
+[\fB\-verify_ip ip\fR]
+[\fB\-verify_name name\fR]
+[\fB\-x509_strict\fR]
+[\fB\-show_chain\fR]
[\fB\-\fR]
[certificates]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBverify\fR command verifies certificate chains.
-.SH "COMMAND OPTIONS"
-.IX Header "COMMAND OPTIONS"
+.SH "OPTIONS"
+.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
+.IP "\fB\-CAfile file\fR" 4
+.IX Item "-CAfile file"
+A \fBfile\fR of trusted certificates.
+The file should contain one or more certificates in \s-1PEM\s0 format.
.IP "\fB\-CApath directory\fR" 4
.IX Item "-CApath directory"
A directory of trusted certificates. The certificates should have names
@@ -180,12 +202,17 @@ of the form: hash.0 or have symbolic links to them of this
form (\*(L"hash\*(R" is the hashed certificate subject name: see the \fB\-hash\fR option
of the \fBx509\fR utility). Under Unix the \fBc_rehash\fR script will automatically
create symbolic links to a directory of certificates.
-.IP "\fB\-CAfile file\fR A file of trusted certificates. The file should contain multiple certificates in \s-1PEM\s0 format concatenated together." 4
-.IX Item "-CAfile file A file of trusted certificates. The file should contain multiple certificates in PEM format concatenated together."
-.PD 0
+.IP "\fB\-no\-CAfile\fR" 4
+.IX Item "-no-CAfile"
+Do not load the trusted \s-1CA\s0 certificates from the default file location.
+.IP "\fB\-no\-CApath\fR" 4
+.IX Item "-no-CApath"
+Do not load the trusted \s-1CA\s0 certificates from the default directory location.
+.IP "\fB\-allow_proxy_certs\fR" 4
+.IX Item "-allow_proxy_certs"
+Allow the verification of proxy certificates.
.IP "\fB\-attime timestamp\fR" 4
.IX Item "-attime timestamp"
-.PD
Perform validation checks using time specified by \fBtimestamp\fR and not
current system time. \fBtimestamp\fR is the number of seconds since
01.01.1970 (\s-1UNIX\s0 time).
@@ -195,7 +222,9 @@ Verify the signature on the self-signed root \s-1CA.\s0 This is disabled by defa
because it doesn't add any security.
.IP "\fB\-CRLfile file\fR" 4
.IX Item "-CRLfile file"
-File containing one or more \s-1CRL\s0's (in \s-1PEM\s0 format) to load.
+The \fBfile\fR should contain one or more CRLs in \s-1PEM\s0 format.
+This option can be specified more than once to include CRLs from multiple
+\&\fBfiles\fR.
.IP "\fB\-crl_download\fR" 4
.IX Item "-crl_download"
Attempt to download \s-1CRL\s0 information for this certificate.
@@ -203,92 +232,177 @@ Attempt to download \s-1CRL\s0 information for this certificate.
.IX Item "-crl_check"
Checks end entity certificate validity by attempting to look up a valid \s-1CRL.\s0
If a valid \s-1CRL\s0 cannot be found an error occurs.
-.IP "\fB\-untrusted file\fR" 4
-.IX Item "-untrusted file"
-A file of untrusted certificates. The file should contain multiple certificates
-in \s-1PEM\s0 format concatenated together.
-.IP "\fB\-purpose purpose\fR" 4
-.IX Item "-purpose purpose"
-The intended use for the certificate. If this option is not specified,
-\&\fBverify\fR will not consider certificate purpose during chain verification.
-Currently accepted uses are \fBsslclient\fR, \fBsslserver\fR, \fBnssslserver\fR,
-\&\fBsmimesign\fR, \fBsmimeencrypt\fR. See the \fB\s-1VERIFY OPERATION\s0\fR section for more
-information.
-.IP "\fB\-help\fR" 4
-.IX Item "-help"
-Print out a usage message.
-.IP "\fB\-verbose\fR" 4
-.IX Item "-verbose"
-Print extra information about the operations being performed.
-.IP "\fB\-issuer_checks\fR" 4
-.IX Item "-issuer_checks"
-Print out diagnostics relating to searches for the issuer certificate of the
-current certificate. This shows why each candidate issuer certificate was
-rejected. The presence of rejection messages does not itself imply that
-anything is wrong; during the normal verification process, several
-rejections may take place.
-.IP "\fB\-policy arg\fR" 4
-.IX Item "-policy arg"
-Enable policy processing and add \fBarg\fR to the user-initial-policy-set (see
-\&\s-1RFC5280\s0). The policy \fBarg\fR can be an object name an \s-1OID\s0 in numeric form.
-This argument can appear more than once.
-.IP "\fB\-policy_check\fR" 4
-.IX Item "-policy_check"
-Enables certificate policy processing.
+.IP "\fB\-crl_check_all\fR" 4
+.IX Item "-crl_check_all"
+Checks the validity of \fBall\fR certificates in the chain by attempting
+to look up valid CRLs.
+.IP "\fB\-engine id\fR" 4
+.IX Item "-engine id"
+Specifying an engine \fBid\fR will cause \fIverify\fR\|(1) to attempt to load the
+specified engine.
+The engine will then be set as the default for all its supported algorithms.
+If you want to load certificates or CRLs that require engine support via any of
+the \fB\-trusted\fR, \fB\-untrusted\fR or \fB\-CRLfile\fR options, the \fB\-engine\fR option
+must be specified before those options.
.IP "\fB\-explicit_policy\fR" 4
.IX Item "-explicit_policy"
Set policy variable require-explicit-policy (see \s-1RFC5280\s0).
+.IP "\fB\-extended_crl\fR" 4
+.IX Item "-extended_crl"
+Enable extended \s-1CRL\s0 features such as indirect CRLs and alternate \s-1CRL\s0
+signing keys.
+.IP "\fB\-ignore_critical\fR" 4
+.IX Item "-ignore_critical"
+Normally if an unhandled critical extension is present which is not
+supported by OpenSSL the certificate is rejected (as required by \s-1RFC5280\s0).
+If this option is set critical extensions are ignored.
.IP "\fB\-inhibit_any\fR" 4
.IX Item "-inhibit_any"
Set policy variable inhibit-any-policy (see \s-1RFC5280\s0).
.IP "\fB\-inhibit_map\fR" 4
.IX Item "-inhibit_map"
Set policy variable inhibit-policy-mapping (see \s-1RFC5280\s0).
+.IP "\fB\-nameopt option\fR" 4
+.IX Item "-nameopt option"
+Option which determines how the subject or issuer names are displayed. The
+\&\fBoption\fR argument can be a single option or multiple options separated by
+commas. Alternatively the \fB\-nameopt\fR switch may be used more than once to
+set multiple options. See the \fIx509\fR\|(1) manual page for details.
+.IP "\fB\-no_check_time\fR" 4
+.IX Item "-no_check_time"
+This option suppresses checking the validity period of certificates and CRLs
+against the current time. If option \fB\-attime timestamp\fR is used to specify
+a verification time, the check is not suppressed.
+.IP "\fB\-partial_chain\fR" 4
+.IX Item "-partial_chain"
+Allow verification to succeed even if a \fIcomplete\fR chain cannot be built to a
+self-signed trust-anchor, provided it is possible to construct a chain to a
+trusted certificate that might not be self-signed.
+.IP "\fB\-policy arg\fR" 4
+.IX Item "-policy arg"
+Enable policy processing and add \fBarg\fR to the user-initial-policy-set (see
+\&\s-1RFC5280\s0). The policy \fBarg\fR can be an object name an \s-1OID\s0 in numeric form.
+This argument can appear more than once.
+.IP "\fB\-policy_check\fR" 4
+.IX Item "-policy_check"
+Enables certificate policy processing.
+.IP "\fB\-policy_print\fR" 4
+.IX Item "-policy_print"
+Print out diagnostics related to policy processing.
+.IP "\fB\-purpose purpose\fR" 4
+.IX Item "-purpose purpose"
+The intended use for the certificate. If this option is not specified,
+\&\fBverify\fR will not consider certificate purpose during chain verification.
+Currently accepted uses are \fBsslclient\fR, \fBsslserver\fR, \fBnssslserver\fR,
+\&\fBsmimesign\fR, \fBsmimeencrypt\fR. See the \fB\s-1VERIFY OPERATION\s0\fR section for more
+information.
+.IP "\fB\-suiteB_128_only\fR, \fB\-suiteB_128\fR, \fB\-suiteB_192\fR" 4
+.IX Item "-suiteB_128_only, -suiteB_128, -suiteB_192"
+Enable the Suite B mode operation at 128 bit Level of Security, 128 bit or
+192 bit, or only 192 bit Level of Security respectively.
+See \s-1RFC6460\s0 for details. In particular the supported signature algorithms are
+reduced to support only \s-1ECDSA\s0 and \s-1SHA256\s0 or \s-1SHA384\s0 and only the elliptic curves
+P\-256 and P\-384.
+.IP "\fB\-trusted_first\fR" 4
+.IX Item "-trusted_first"
+When constructing the certificate chain, use the trusted certificates specified
+via \fB\-CAfile\fR, \fB\-CApath\fR or \fB\-trusted\fR before any certificates specified via
+\&\fB\-untrusted\fR.
+This can be useful in environments with Bridge or Cross-Certified CAs.
+As of OpenSSL 1.1.0 this option is on by default and cannot be disabled.
.IP "\fB\-no_alt_chains\fR" 4
.IX Item "-no_alt_chains"
-When building a certificate chain, if the first certificate chain found is not
-trusted, then OpenSSL will continue to check to see if an alternative chain can
-be found that is trusted. With this option that behaviour is suppressed so that
-only the first chain found is ever used. Using this option will force the
-behaviour to match that of previous OpenSSL versions.
-.IP "\fB\-allow_proxy_certs\fR" 4
-.IX Item "-allow_proxy_certs"
-Allow the verification of proxy certificates.
+By default, unless \fB\-trusted_first\fR is specified, when building a certificate
+chain, if the first certificate chain found is not trusted, then OpenSSL will
+attempt to replace untrusted issuer certificates with certificates from the
+trust store to see if an alternative chain can be found that is trusted.
+As of OpenSSL 1.1.0, with \fB\-trusted_first\fR always on, this option has no
+effect.
+.IP "\fB\-untrusted file\fR" 4
+.IX Item "-untrusted file"
+A \fBfile\fR of additional untrusted certificates (intermediate issuer CAs) used
+to construct a certificate chain from the subject certificate to a trust-anchor.
+The \fBfile\fR should contain one or more certificates in \s-1PEM\s0 format.
+This option can be specified more than once to include untrusted certificates
+from multiple \fBfiles\fR.
.IP "\fB\-trusted file\fR" 4
.IX Item "-trusted file"
-A file of additional trusted certificates. The file should contain multiple
-certificates in \s-1PEM\s0 format concatenated together.
-.IP "\fB\-policy_print\fR" 4
-.IX Item "-policy_print"
-Print out diagnostics related to policy processing.
-.IP "\fB\-crl_check\fR" 4
-.IX Item "-crl_check"
-Checks end entity certificate validity by attempting to look up a valid \s-1CRL.\s0
-If a valid \s-1CRL\s0 cannot be found an error occurs.
-.IP "\fB\-crl_check_all\fR" 4
-.IX Item "-crl_check_all"
-Checks the validity of \fBall\fR certificates in the chain by attempting
-to look up valid CRLs.
-.IP "\fB\-ignore_critical\fR" 4
-.IX Item "-ignore_critical"
-Normally if an unhandled critical extension is present which is not
-supported by OpenSSL the certificate is rejected (as required by \s-1RFC5280\s0).
-If this option is set critical extensions are ignored.
+A \fBfile\fR of trusted certificates, which must be self-signed, unless the
+\&\fB\-partial_chain\fR option is specified.
+The \fBfile\fR contains one or more certificates in \s-1PEM\s0 format.
+With this option, no additional (e.g., default) certificate lists are
+consulted.
+That is, the only trust-anchors are those listed in \fBfile\fR.
+This option can be specified more than once to include trusted certificates
+from multiple \fBfiles\fR.
+This option implies the \fB\-no\-CAfile\fR and \fB\-no\-CApath\fR options.
+This option cannot be used in combination with either of the \fB\-CAfile\fR or
+\&\fB\-CApath\fR options.
+.IP "\fB\-use_deltas\fR" 4
+.IX Item "-use_deltas"
+Enable support for delta CRLs.
+.IP "\fB\-verbose\fR" 4
+.IX Item "-verbose"
+Print extra information about the operations being performed.
+.IP "\fB\-auth_level level\fR" 4
+.IX Item "-auth_level level"
+Set the certificate chain authentication security level to \fBlevel\fR.
+The authentication security level determines the acceptable signature and
+public key strength when verifying certificate chains.
+For a certificate chain to validate, the public keys of all the certificates
+must meet the specified security \fBlevel\fR.
+The signature algorithm security level is enforced for all the certificates in
+the chain except for the chain's \fItrust anchor\fR, which is either directly
+trusted or validated by means other than its signature.
+See \fISSL_CTX_set_security_level\fR\|(3) for the definitions of the available
+levels.
+The default security level is \-1, or \*(L"not set\*(R".
+At security level 0 or lower all algorithms are acceptable.
+Security level 1 requires at least 80\-bit\-equivalent security and is broadly
+interoperable, though it will, for example, reject \s-1MD5\s0 signatures or \s-1RSA\s0 keys
+shorter than 1024 bits.
+.IP "\fB\-verify_depth num\fR" 4
+.IX Item "-verify_depth num"
+Limit the certificate chain to \fBnum\fR intermediate \s-1CA\s0 certificates.
+A maximal depth chain can have up to \fBnum+2\fR certificates, since neither the
+end-entity certificate nor the trust-anchor certificate count against the
+\&\fB\-verify_depth\fR limit.
+.IP "\fB\-verify_email email\fR" 4
+.IX Item "-verify_email email"
+Verify if the \fBemail\fR matches the email address in Subject Alternative Name or
+the email in the subject Distinguished Name.
+.IP "\fB\-verify_hostname hostname\fR" 4
+.IX Item "-verify_hostname hostname"
+Verify if the \fBhostname\fR matches \s-1DNS\s0 name in Subject Alternative Name or
+Common Name in the subject certificate.
+.IP "\fB\-verify_ip ip\fR" 4
+.IX Item "-verify_ip ip"
+Verify if the \fBip\fR matches the \s-1IP\s0 address in Subject Alternative Name of
+the subject certificate.
+.IP "\fB\-verify_name name\fR" 4
+.IX Item "-verify_name name"
+Use default verification policies like trust model and required certificate
+policies identified by \fBname\fR.
+The trust model determines which auxiliary trust or reject OIDs are applicable
+to verifying the given certificate chain.
+See the \fB\-addtrust\fR and \fB\-addreject\fR options of the \fIx509\fR\|(1) command-line
+utility.
+Supported policy names include: \fBdefault\fR, \fBpkcs7\fR, \fBsmime_sign\fR,
+\&\fBssl_client\fR, \fBssl_server\fR.
+These mimics the combinations of purpose and trust settings used in \s-1SSL, CMS\s0
+and S/MIME.
+As of OpenSSL 1.1.0, the trust model is inferred from the purpose when not
+specified, so the \fB\-verify_name\fR options are functionally equivalent to the
+corresponding \fB\-purpose\fR settings.
.IP "\fB\-x509_strict\fR" 4
.IX Item "-x509_strict"
For strict X.509 compliance, disable non-compliant workarounds for broken
certificates.
-.IP "\fB\-extended_crl\fR" 4
-.IX Item "-extended_crl"
-Enable extended \s-1CRL\s0 features such as indirect CRLs and alternate \s-1CRL\s0
-signing keys.
-.IP "\fB\-use_deltas\fR" 4
-.IX Item "-use_deltas"
-Enable support for delta CRLs.
-.IP "\fB\-check_ss_sig\fR" 4
-.IX Item "-check_ss_sig"
-Verify the signature on the self-signed root \s-1CA.\s0 This is disabled by default
-because it doesn't add any security.
+.IP "\fB\-show_chain\fR" 4
+.IX Item "-show_chain"
+Display information about the certificate chain that has been built (if
+successful). Certificates in the chain that came from the untrusted list will be
+flagged as \*(L"untrusted\*(R".
.IP "\fB\-\fR" 4
.IX Item "-"
Indicates the last option. All arguments following this are assumed to be
@@ -314,21 +428,21 @@ determined.
The verify operation consists of a number of separate steps.
.PP
Firstly a certificate chain is built up starting from the supplied certificate
-and ending in the root \s-1CA.\s0 It is an error if the whole chain cannot be built
-up. The chain is built up by looking up the issuers certificate of the current
-certificate. If a certificate is found which is its own issuer it is assumed
-to be the root \s-1CA.\s0
+and ending in the root \s-1CA.\s0
+It is an error if the whole chain cannot be built up.
+The chain is built up by looking up the issuers certificate of the current
+certificate.
+If a certificate is found which is its own issuer it is assumed to be the root
+\&\s-1CA.\s0
.PP
-The process of 'looking up the issuers certificate' itself involves a number
-of steps. In versions of OpenSSL before 0.9.5a the first certificate whose
-subject name matched the issuer of the current certificate was assumed to be
-the issuers certificate. In OpenSSL 0.9.6 and later all certificates
-whose subject name matches the issuer name of the current certificate are
-subject to further tests. The relevant authority key identifier components
-of the current certificate (if present) must match the subject key identifier
-(if present) and issuer and serial number of the candidate issuer, in addition
-the keyUsage extension of the candidate issuer (if present) must permit
-certificate signing.
+The process of 'looking up the issuers certificate' itself involves a number of
+steps.
+After all certificates whose subject name matches the issuer name of the current
+certificate are subject to further tests.
+The relevant authority key identifier components of the current certificate (if
+present) must match the subject key identifier (if present) and issuer and
+serial number of the candidate issuer, in addition the keyUsage extension of
+the candidate issuer (if present) must permit certificate signing.
.PP
The lookup first looks in the list of untrusted certificates and if no match
is found the remaining lookups are from the trusted certificates. The root \s-1CA\s0
@@ -343,10 +457,10 @@ compatible with the supplied purpose and all other certificates must also be val
\&\s-1CA\s0 certificates. The precise extensions required are described in more detail in
the \fB\s-1CERTIFICATE EXTENSIONS\s0\fR section of the \fBx509\fR utility.
.PP
-The third operation is to check the trust settings on the root \s-1CA.\s0 The root
-\&\s-1CA\s0 should be trusted for the supplied purpose. For compatibility with previous
-versions of SSLeay and OpenSSL a certificate with no trust settings is considered
-to be valid for all purposes.
+The third operation is to check the trust settings on the root \s-1CA.\s0 The root \s-1CA\s0
+should be trusted for the supplied purpose.
+For compatibility with previous versions of OpenSSL, a certificate with no
+trust settings is considered to be valid for all purposes.
.PP
The final operation is to check the validity of the certificate chain. The validity
period is checked against the current system time and the notBefore and notAfter
@@ -372,142 +486,291 @@ problem was detected starting with zero for the certificate being verified itsel
then 1 for the \s-1CA\s0 that signed the certificate and so on. Finally a text version
of the error number is presented.
.PP
-An exhaustive list of the error codes and messages is shown below, this also
+A partial list of the error codes and messages is shown below, this also
includes the name of the error code as defined in the header file x509_vfy.h
Some of the error codes are defined but never returned: these are described
as \*(L"unused\*(R".
-.IP "\fB0 X509_V_OK: ok\fR" 4
-.IX Item "0 X509_V_OK: ok"
-the operation was successful.
-.IP "\fB2 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate\fR" 4
-.IX Item "2 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate"
-the issuer certificate of a looked up certificate could not be found. This
+.IP "\fBX509_V_OK\fR" 4
+.IX Item "X509_V_OK"
+The operation was successful.
+.IP "\fBX509_V_ERR_UNSPECIFIED\fR" 4
+.IX Item "X509_V_ERR_UNSPECIFIED"
+Unspecified error; should not happen.
+.IP "\fBX509_V_ERR_UNABLE_TO_GET_ISSUER_CERT\fR" 4
+.IX Item "X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT"
+The issuer certificate of a looked up certificate could not be found. This
normally means the list of trusted certificates is not complete.
-.IP "\fB3 X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate \s-1CRL\s0\fR" 4
-.IX Item "3 X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL"
-the \s-1CRL\s0 of a certificate could not be found.
-.IP "\fB4 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate's signature\fR" 4
-.IX Item "4 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate's signature"
-the certificate signature could not be decrypted. This means that the actual signature value
-could not be determined rather than it not matching the expected value, this is only
-meaningful for \s-1RSA\s0 keys.
-.IP "\fB5 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt \s-1CRL\s0's signature\fR" 4
-.IX Item "5 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's signature"
-the \s-1CRL\s0 signature could not be decrypted: this means that the actual signature value
-could not be determined rather than it not matching the expected value. Unused.
-.IP "\fB6 X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key\fR" 4
-.IX Item "6 X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key"
-the public key in the certificate SubjectPublicKeyInfo could not be read.
-.IP "\fB7 X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure\fR" 4
-.IX Item "7 X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure"
-the signature of the certificate is invalid.
-.IP "\fB8 X509_V_ERR_CRL_SIGNATURE_FAILURE: \s-1CRL\s0 signature failure\fR" 4
-.IX Item "8 X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure"
-the signature of the certificate is invalid.
-.IP "\fB9 X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid\fR" 4
-.IX Item "9 X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid"
-the certificate is not yet valid: the notBefore date is after the current time.
-.IP "\fB10 X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired\fR" 4
-.IX Item "10 X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired"
-the certificate has expired: that is the notAfter date is before the current time.
-.IP "\fB11 X509_V_ERR_CRL_NOT_YET_VALID: \s-1CRL\s0 is not yet valid\fR" 4
-.IX Item "11 X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid"
-the \s-1CRL\s0 is not yet valid.
-.IP "\fB12 X509_V_ERR_CRL_HAS_EXPIRED: \s-1CRL\s0 has expired\fR" 4
-.IX Item "12 X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired"
-the \s-1CRL\s0 has expired.
-.IP "\fB13 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate's notBefore field\fR" 4
-.IX Item "13 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate's notBefore field"
-the certificate notBefore field contains an invalid time.
-.IP "\fB14 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate's notAfter field\fR" 4
-.IX Item "14 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate's notAfter field"
-the certificate notAfter field contains an invalid time.
-.IP "\fB15 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in \s-1CRL\s0's lastUpdate field\fR" 4
-.IX Item "15 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's lastUpdate field"
-the \s-1CRL\s0 lastUpdate field contains an invalid time.
-.IP "\fB16 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in \s-1CRL\s0's nextUpdate field\fR" 4
-.IX Item "16 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's nextUpdate field"
-the \s-1CRL\s0 nextUpdate field contains an invalid time.
-.IP "\fB17 X509_V_ERR_OUT_OF_MEM: out of memory\fR" 4
-.IX Item "17 X509_V_ERR_OUT_OF_MEM: out of memory"
-an error occurred trying to allocate memory. This should never happen.
-.IP "\fB18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate\fR" 4
-.IX Item "18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate"
-the passed certificate is self signed and the same certificate cannot be found in the list of
-trusted certificates.
-.IP "\fB19 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain\fR" 4
-.IX Item "19 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain"
-the certificate chain could be built up using the untrusted certificates but the root could not
-be found locally.
-.IP "\fB20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate\fR" 4
-.IX Item "20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate"
-the issuer certificate could not be found: this occurs if the issuer
+.IP "\fBX509_V_ERR_UNABLE_TO_GET_CRL\fR" 4
+.IX Item "X509_V_ERR_UNABLE_TO_GET_CRL"
+The \s-1CRL\s0 of a certificate could not be found.
+.IP "\fBX509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE\fR" 4
+.IX Item "X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE"
+The certificate signature could not be decrypted. This means that the
+actual signature value could not be determined rather than it not matching
+the expected value, this is only meaningful for \s-1RSA\s0 keys.
+.IP "\fBX509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE\fR" 4
+.IX Item "X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE"
+The \s-1CRL\s0 signature could not be decrypted: this means that the actual
+signature value could not be determined rather than it not matching the
+expected value. Unused.
+.IP "\fBX509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY\fR" 4
+.IX Item "X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY"
+The public key in the certificate SubjectPublicKeyInfo could not be read.
+.IP "\fBX509_V_ERR_CERT_SIGNATURE_FAILURE\fR" 4
+.IX Item "X509_V_ERR_CERT_SIGNATURE_FAILURE"
+The signature of the certificate is invalid.
+.IP "\fBX509_V_ERR_CRL_SIGNATURE_FAILURE\fR" 4
+.IX Item "X509_V_ERR_CRL_SIGNATURE_FAILURE"
+The signature of the certificate is invalid.
+.IP "\fBX509_V_ERR_CERT_NOT_YET_VALID\fR" 4
+.IX Item "X509_V_ERR_CERT_NOT_YET_VALID"
+The certificate is not yet valid: the notBefore date is after the
+current time.
+.IP "\fBX509_V_ERR_CERT_HAS_EXPIRED\fR" 4
+.IX Item "X509_V_ERR_CERT_HAS_EXPIRED"
+The certificate has expired: that is the notAfter date is before the
+current time.
+.IP "\fBX509_V_ERR_CRL_NOT_YET_VALID\fR" 4
+.IX Item "X509_V_ERR_CRL_NOT_YET_VALID"
+The \s-1CRL\s0 is not yet valid.
+.IP "\fBX509_V_ERR_CRL_HAS_EXPIRED\fR" 4
+.IX Item "X509_V_ERR_CRL_HAS_EXPIRED"
+The \s-1CRL\s0 has expired.
+.IP "\fBX509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD\fR" 4
+.IX Item "X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD"
+The certificate notBefore field contains an invalid time.
+.IP "\fBX509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD\fR" 4
+.IX Item "X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD"
+The certificate notAfter field contains an invalid time.
+.IP "\fBX509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD\fR" 4
+.IX Item "X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD"
+The \s-1CRL\s0 lastUpdate field contains an invalid time.
+.IP "\fBX509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD\fR" 4
+.IX Item "X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD"
+The \s-1CRL\s0 nextUpdate field contains an invalid time.
+.IP "\fBX509_V_ERR_OUT_OF_MEM\fR" 4
+.IX Item "X509_V_ERR_OUT_OF_MEM"
+An error occurred trying to allocate memory. This should never happen.
+.IP "\fBX509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT\fR" 4
+.IX Item "X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT"
+The passed certificate is self-signed and the same certificate cannot
+be found in the list of trusted certificates.
+.IP "\fBX509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN\fR" 4
+.IX Item "X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN"
+The certificate chain could be built up using the untrusted certificates
+but the root could not be found locally.
+.IP "\fBX509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY\fR" 4
+.IX Item "X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY"
+The issuer certificate could not be found: this occurs if the issuer
certificate of an untrusted certificate cannot be found.
-.IP "\fB21 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate\fR" 4
-.IX Item "21 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate"
-no signatures could be verified because the chain contains only one certificate and it is not
-self signed.
-.IP "\fB22 X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long\fR" 4
-.IX Item "22 X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long"
-the certificate chain length is greater than the supplied maximum depth. Unused.
-.IP "\fB23 X509_V_ERR_CERT_REVOKED: certificate revoked\fR" 4
-.IX Item "23 X509_V_ERR_CERT_REVOKED: certificate revoked"
-the certificate has been revoked.
-.IP "\fB24 X509_V_ERR_INVALID_CA: invalid \s-1CA\s0 certificate\fR" 4
-.IX Item "24 X509_V_ERR_INVALID_CA: invalid CA certificate"
-a \s-1CA\s0 certificate is invalid. Either it is not a \s-1CA\s0 or its extensions are not consistent
-with the supplied purpose.
-.IP "\fB25 X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded\fR" 4
-.IX Item "25 X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded"
-the basicConstraints pathlength parameter has been exceeded.
-.IP "\fB26 X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose\fR" 4
-.IX Item "26 X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose"
-the supplied certificate cannot be used for the specified purpose.
-.IP "\fB27 X509_V_ERR_CERT_UNTRUSTED: certificate not trusted\fR" 4
-.IX Item "27 X509_V_ERR_CERT_UNTRUSTED: certificate not trusted"
-the root \s-1CA\s0 is not marked as trusted for the specified purpose.
-.IP "\fB28 X509_V_ERR_CERT_REJECTED: certificate rejected\fR" 4
-.IX Item "28 X509_V_ERR_CERT_REJECTED: certificate rejected"
-the root \s-1CA\s0 is marked to reject the specified purpose.
-.IP "\fB29 X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch\fR" 4
-.IX Item "29 X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch"
-the current candidate issuer certificate was rejected because its subject name
-did not match the issuer name of the current certificate. Only displayed when
-the \fB\-issuer_checks\fR option is set.
-.IP "\fB30 X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch\fR" 4
-.IX Item "30 X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch"
-the current candidate issuer certificate was rejected because its subject key
-identifier was present and did not match the authority key identifier current
-certificate. Only displayed when the \fB\-issuer_checks\fR option is set.
-.IP "\fB31 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch\fR" 4
-.IX Item "31 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch"
-the current candidate issuer certificate was rejected because its issuer name
-and serial number was present and did not match the authority key identifier
-of the current certificate. Only displayed when the \fB\-issuer_checks\fR option is set.
-.IP "\fB32 X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing\fR" 4
-.IX Item "32 X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing"
-the current candidate issuer certificate was rejected because its keyUsage extension
-does not permit certificate signing.
-.IP "\fB50 X509_V_ERR_APPLICATION_VERIFICATION: application verification failure\fR" 4
-.IX Item "50 X509_V_ERR_APPLICATION_VERIFICATION: application verification failure"
-an application specific error. Unused.
+.IP "\fBX509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE\fR" 4
+.IX Item "X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE"
+No signatures could be verified because the chain contains only one
+certificate and it is not self signed.
+.IP "\fBX509_V_ERR_CERT_CHAIN_TOO_LONG\fR" 4
+.IX Item "X509_V_ERR_CERT_CHAIN_TOO_LONG"
+The certificate chain length is greater than the supplied maximum
+depth. Unused.
+.IP "\fBX509_V_ERR_CERT_REVOKED\fR" 4
+.IX Item "X509_V_ERR_CERT_REVOKED"
+The certificate has been revoked.
+.IP "\fBX509_V_ERR_INVALID_CA\fR" 4
+.IX Item "X509_V_ERR_INVALID_CA"
+A \s-1CA\s0 certificate is invalid. Either it is not a \s-1CA\s0 or its extensions
+are not consistent with the supplied purpose.
+.IP "\fBX509_V_ERR_PATH_LENGTH_EXCEEDED\fR" 4
+.IX Item "X509_V_ERR_PATH_LENGTH_EXCEEDED"
+The basicConstraints pathlength parameter has been exceeded.
+.IP "\fBX509_V_ERR_INVALID_PURPOSE\fR" 4
+.IX Item "X509_V_ERR_INVALID_PURPOSE"
+The supplied certificate cannot be used for the specified purpose.
+.IP "\fBX509_V_ERR_CERT_UNTRUSTED\fR" 4
+.IX Item "X509_V_ERR_CERT_UNTRUSTED"
+The root \s-1CA\s0 is not marked as trusted for the specified purpose.
+.IP "\fBX509_V_ERR_CERT_REJECTED\fR" 4
+.IX Item "X509_V_ERR_CERT_REJECTED"
+The root \s-1CA\s0 is marked to reject the specified purpose.
+.IP "\fBX509_V_ERR_SUBJECT_ISSUER_MISMATCH\fR" 4
+.IX Item "X509_V_ERR_SUBJECT_ISSUER_MISMATCH"
+Not used as of OpenSSL 1.1.0 as a result of the deprecation of the
+\&\fB\-issuer_checks\fR option.
+.IP "\fBX509_V_ERR_AKID_SKID_MISMATCH\fR" 4
+.IX Item "X509_V_ERR_AKID_SKID_MISMATCH"
+Not used as of OpenSSL 1.1.0 as a result of the deprecation of the
+\&\fB\-issuer_checks\fR option.
+.IP "\fBX509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH\fR" 4
+.IX Item "X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH"
+Not used as of OpenSSL 1.1.0 as a result of the deprecation of the
+\&\fB\-issuer_checks\fR option.
+.IP "\fBX509_V_ERR_KEYUSAGE_NO_CERTSIGN\fR" 4
+.IX Item "X509_V_ERR_KEYUSAGE_NO_CERTSIGN"
+Not used as of OpenSSL 1.1.0 as a result of the deprecation of the
+\&\fB\-issuer_checks\fR option.
+.IP "\fBX509_V_ERR_UNABLE_TO_GET_CRL_ISSUER\fR" 4
+.IX Item "X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER"
+Unable to get \s-1CRL\s0 issuer certificate.
+.IP "\fBX509_V_ERR_UNHANDLED_CRITICAL_EXTENSION\fR" 4
+.IX Item "X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION"
+Unhandled critical extension.
+.IP "\fBX509_V_ERR_KEYUSAGE_NO_CRL_SIGN\fR" 4
+.IX Item "X509_V_ERR_KEYUSAGE_NO_CRL_SIGN"
+Key usage does not include \s-1CRL\s0 signing.
+.IP "\fBX509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION\fR" 4
+.IX Item "X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION"
+Unhandled critical \s-1CRL\s0 extension.
+.IP "\fBX509_V_ERR_INVALID_NON_CA\fR" 4
+.IX Item "X509_V_ERR_INVALID_NON_CA"
+Invalid non-CA certificate has \s-1CA\s0 markings.
+.IP "\fBX509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED\fR" 4
+.IX Item "X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED"
+Proxy path length constraint exceeded.
+.IP "\fBX509_V_ERR_PROXY_SUBJECT_INVALID\fR" 4
+.IX Item "X509_V_ERR_PROXY_SUBJECT_INVALID"
+Proxy certificate subject is invalid. It \s-1MUST\s0 be the same as the issuer
+with a single \s-1CN\s0 component added.
+.IP "\fBX509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE\fR" 4
+.IX Item "X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE"
+Key usage does not include digital signature.
+.IP "\fBX509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED\fR" 4
+.IX Item "X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED"
+Proxy certificates not allowed, please use \fB\-allow_proxy_certs\fR.
+.IP "\fBX509_V_ERR_INVALID_EXTENSION\fR" 4
+.IX Item "X509_V_ERR_INVALID_EXTENSION"
+Invalid or inconsistent certificate extension.
+.IP "\fBX509_V_ERR_INVALID_POLICY_EXTENSION\fR" 4
+.IX Item "X509_V_ERR_INVALID_POLICY_EXTENSION"
+Invalid or inconsistent certificate policy extension.
+.IP "\fBX509_V_ERR_NO_EXPLICIT_POLICY\fR" 4
+.IX Item "X509_V_ERR_NO_EXPLICIT_POLICY"
+No explicit policy.
+.IP "\fBX509_V_ERR_DIFFERENT_CRL_SCOPE\fR" 4
+.IX Item "X509_V_ERR_DIFFERENT_CRL_SCOPE"
+Different \s-1CRL\s0 scope.
+.IP "\fBX509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE\fR" 4
+.IX Item "X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE"
+Unsupported extension feature.
+.IP "\fBX509_V_ERR_UNNESTED_RESOURCE\fR" 4
+.IX Item "X509_V_ERR_UNNESTED_RESOURCE"
+\&\s-1RFC 3779\s0 resource not subset of parent's resources.
+.IP "\fBX509_V_ERR_PERMITTED_VIOLATION\fR" 4
+.IX Item "X509_V_ERR_PERMITTED_VIOLATION"
+Permitted subtree violation.
+.IP "\fBX509_V_ERR_EXCLUDED_VIOLATION\fR" 4
+.IX Item "X509_V_ERR_EXCLUDED_VIOLATION"
+Excluded subtree violation.
+.IP "\fBX509_V_ERR_SUBTREE_MINMAX\fR" 4
+.IX Item "X509_V_ERR_SUBTREE_MINMAX"
+Name constraints minimum and maximum not supported.
+.IP "\fBX509_V_ERR_APPLICATION_VERIFICATION\fR" 4
+.IX Item "X509_V_ERR_APPLICATION_VERIFICATION"
+Application verification failure. Unused.
+.IP "\fBX509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE\fR" 4
+.IX Item "X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE"
+Unsupported name constraint type.
+.IP "\fBX509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX\fR" 4
+.IX Item "X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX"
+Unsupported or invalid name constraint syntax.
+.IP "\fBX509_V_ERR_UNSUPPORTED_NAME_SYNTAX\fR" 4
+.IX Item "X509_V_ERR_UNSUPPORTED_NAME_SYNTAX"
+Unsupported or invalid name syntax.
+.IP "\fBX509_V_ERR_CRL_PATH_VALIDATION_ERROR\fR" 4
+.IX Item "X509_V_ERR_CRL_PATH_VALIDATION_ERROR"
+\&\s-1CRL\s0 path validation error.
+.IP "\fBX509_V_ERR_PATH_LOOP\fR" 4
+.IX Item "X509_V_ERR_PATH_LOOP"
+Path loop.
+.IP "\fBX509_V_ERR_SUITE_B_INVALID_VERSION\fR" 4
+.IX Item "X509_V_ERR_SUITE_B_INVALID_VERSION"
+Suite B: certificate version invalid.
+.IP "\fBX509_V_ERR_SUITE_B_INVALID_ALGORITHM\fR" 4
+.IX Item "X509_V_ERR_SUITE_B_INVALID_ALGORITHM"
+Suite B: invalid public key algorithm.
+.IP "\fBX509_V_ERR_SUITE_B_INVALID_CURVE\fR" 4
+.IX Item "X509_V_ERR_SUITE_B_INVALID_CURVE"
+Suite B: invalid \s-1ECC\s0 curve.
+.IP "\fBX509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM\fR" 4
+.IX Item "X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM"
+Suite B: invalid signature algorithm.
+.IP "\fBX509_V_ERR_SUITE_B_LOS_NOT_ALLOWED\fR" 4
+.IX Item "X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED"
+Suite B: curve not allowed for this \s-1LOS.\s0
+.IP "\fBX509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256\fR" 4
+.IX Item "X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256"
+Suite B: cannot sign P\-384 with P\-256.
+.IP "\fBX509_V_ERR_HOSTNAME_MISMATCH\fR" 4
+.IX Item "X509_V_ERR_HOSTNAME_MISMATCH"
+Hostname mismatch.
+.IP "\fBX509_V_ERR_EMAIL_MISMATCH\fR" 4
+.IX Item "X509_V_ERR_EMAIL_MISMATCH"
+Email address mismatch.
+.IP "\fBX509_V_ERR_IP_ADDRESS_MISMATCH\fR" 4
+.IX Item "X509_V_ERR_IP_ADDRESS_MISMATCH"
+\&\s-1IP\s0 address mismatch.
+.IP "\fBX509_V_ERR_DANE_NO_MATCH\fR" 4
+.IX Item "X509_V_ERR_DANE_NO_MATCH"
+\&\s-1DANE TLSA\s0 authentication is enabled, but no \s-1TLSA\s0 records matched the
+certificate chain.
+This error is only possible in \fIs_client\fR\|(1).
+.IP "\fBX509_V_ERR_EE_KEY_TOO_SMALL\fR" 4
+.IX Item "X509_V_ERR_EE_KEY_TOO_SMALL"
+\&\s-1EE\s0 certificate key too weak.
+.IP "\fBX509_ERR_CA_KEY_TOO_SMALL\fR" 4
+.IX Item "X509_ERR_CA_KEY_TOO_SMALL"
+\&\s-1CA\s0 certificate key too weak.
+.IP "\fBX509_ERR_CA_MD_TOO_WEAK\fR" 4
+.IX Item "X509_ERR_CA_MD_TOO_WEAK"
+\&\s-1CA\s0 signature digest algorithm too weak.
+.IP "\fBX509_V_ERR_INVALID_CALL\fR" 4
+.IX Item "X509_V_ERR_INVALID_CALL"
+nvalid certificate verification context.
+.IP "\fBX509_V_ERR_STORE_LOOKUP\fR" 4
+.IX Item "X509_V_ERR_STORE_LOOKUP"
+Issuer certificate lookup error.
+.IP "\fBX509_V_ERR_NO_VALID_SCTS\fR" 4
+.IX Item "X509_V_ERR_NO_VALID_SCTS"
+Certificate Transparency required, but no valid SCTs found.
+.IP "\fBX509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION\fR" 4
+.IX Item "X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION"
+Proxy subject name violation.
+.IP "\fBX509_V_ERR_OCSP_VERIFY_NEEDED\fR" 4
+.IX Item "X509_V_ERR_OCSP_VERIFY_NEEDED"
+Returned by the verify callback to indicate an \s-1OCSP\s0 verification is needed.
+.IP "\fBX509_V_ERR_OCSP_VERIFY_FAILED\fR" 4
+.IX Item "X509_V_ERR_OCSP_VERIFY_FAILED"
+Returned by the verify callback to indicate \s-1OCSP\s0 verification failed.
+.IP "\fBX509_V_ERR_OCSP_CERT_UNKNOWN\fR" 4
+.IX Item "X509_V_ERR_OCSP_CERT_UNKNOWN"
+Returned by the verify callback to indicate that the certificate is not recognized
+by the \s-1OCSP\s0 responder.
.SH "BUGS"
.IX Header "BUGS"
-Although the issuer checks are a considerable improvement over the old technique they still
-suffer from limitations in the underlying X509_LOOKUP \s-1API.\s0 One consequence of this is that
-trusted certificates with matching subject name must either appear in a file (as specified by the
-\&\fB\-CAfile\fR option) or a directory (as specified by \fB\-CApath\fR. If they occur in both then only
-the certificates in the file will be recognised.
+Although the issuer checks are a considerable improvement over the old
+technique they still suffer from limitations in the underlying X509_LOOKUP
+\&\s-1API.\s0 One consequence of this is that trusted certificates with matching
+subject name must either appear in a file (as specified by the \fB\-CAfile\fR
+option) or a directory (as specified by \fB\-CApath\fR). If they occur in
+both then only the certificates in the file will be recognised.
.PP
-Previous versions of OpenSSL assume certificates with matching subject name are identical and
-mishandled them.
+Previous versions of OpenSSL assume certificates with matching subject
+name are identical and mishandled them.
.PP
Previous versions of this documentation swapped the meaning of the
\&\fBX509_V_ERR_UNABLE_TO_GET_ISSUER_CERT\fR and
-\&\fB20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY\fR error codes.
+\&\fBX509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY\fR error codes.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIx509\fR\|(1)
.SH "HISTORY"
.IX Header "HISTORY"
-The \-no_alt_chains options was first added to OpenSSL 1.0.2b.
+The \fB\-show_chain\fR option was first added to OpenSSL 1.1.0.
+.PP
+The \fB\-issuer_checks\fR option is deprecated as of OpenSSL 1.1.0 and
+is silently ignored.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/version.1 b/secure/usr.bin/openssl/man/version.1
index df5ab0084033..f2f60adb8b68 100644
--- a/secure/usr.bin/openssl/man/version.1
+++ b/secure/usr.bin/openssl/man/version.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "VERSION 1"
-.TH VERSION 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH VERSION 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-version,
-version \- print OpenSSL version information
+openssl\-version, version \- print OpenSSL version information
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl version\fR
+[\fB\-help\fR]
[\fB\-a\fR]
[\fB\-v\fR]
[\fB\-b\fR]
@@ -147,36 +147,48 @@ version \- print OpenSSL version information
[\fB\-f\fR]
[\fB\-p\fR]
[\fB\-d\fR]
+[\fB\-e\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
This command is used to print out version information about OpenSSL.
.SH "OPTIONS"
.IX Header "OPTIONS"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-a\fR" 4
.IX Item "-a"
-all information, this is the same as setting all the other flags.
+All information, this is the same as setting all the other flags.
.IP "\fB\-v\fR" 4
.IX Item "-v"
-the current OpenSSL version.
+The current OpenSSL version.
.IP "\fB\-b\fR" 4
.IX Item "-b"
-the date the current version of OpenSSL was built.
+The date the current version of OpenSSL was built.
.IP "\fB\-o\fR" 4
.IX Item "-o"
-option information: various options set when the library was built.
+Option information: various options set when the library was built.
.IP "\fB\-f\fR" 4
.IX Item "-f"
-compilation flags.
+Compilation flags.
.IP "\fB\-p\fR" 4
.IX Item "-p"
-platform setting.
+Platform setting.
.IP "\fB\-d\fR" 4
.IX Item "-d"
\&\s-1OPENSSLDIR\s0 setting.
+.IP "\fB\-e\fR" 4
+.IX Item "-e"
+\&\s-1ENGINESDIR\s0 setting.
.SH "NOTES"
.IX Header "NOTES"
The output of \fBopenssl version \-a\fR would typically be used when sending
in a bug report.
-.SH "HISTORY"
-.IX Header "HISTORY"
-The \fB\-d\fR option was added in OpenSSL 0.9.7.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2017 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/x509.1 b/secure/usr.bin/openssl/man/x509.1
index df969c81ed3f..8a657bf02173 100644
--- a/secure/usr.bin/openssl/man/x509.1
+++ b/secure/usr.bin/openssl/man/x509.1
@@ -129,17 +129,17 @@
.\" ========================================================================
.\"
.IX Title "X509 1"
-.TH X509 1 "2018-08-14" "1.0.2p" "OpenSSL"
+.TH X509 1 "2018-09-11" "1.1.1" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-openssl\-x509,
-x509 \- Certificate display and signing utility
+openssl\-x509, x509 \- Certificate display and signing utility
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
\&\fBopenssl\fR \fBx509\fR
+[\fB\-help\fR]
[\fB\-inform DER|PEM|NET\fR]
[\fB\-outform DER|PEM|NET\fR]
[\fB\-keyform DER|PEM\fR]
@@ -185,13 +185,17 @@ x509 \- Certificate display and signing utility
[\fB\-CAserial filename\fR]
[\fB\-force_pubkey key\fR]
[\fB\-text\fR]
+[\fB\-ext extensions\fR]
[\fB\-certopt option\fR]
[\fB\-C\fR]
-[\fB\-md2|\-md5|\-sha1|\-mdc2\fR]
+[\fB\-\f(BIdigest\fB\fR]
[\fB\-clrext\fR]
[\fB\-extfile filename\fR]
[\fB\-extensions section\fR]
+[\fB\-rand file...\fR]
+[\fB\-writerand file\fR]
[\fB\-engine id\fR]
+[\fB\-preserve_dates\fR]
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \fBx509\fR command is a multi purpose certificate utility. It can be
@@ -203,8 +207,11 @@ Since there are a large number of options they will split up into
various sections.
.SH "OPTIONS"
.IX Header "OPTIONS"
-.SS "\s-1INPUT, OUTPUT AND GENERAL PURPOSE OPTIONS\s0"
-.IX Subsection "INPUT, OUTPUT AND GENERAL PURPOSE OPTIONS"
+.SS "Input, Output, and General Purpose Options"
+.IX Subsection "Input, Output, and General Purpose Options"
+.IP "\fB\-help\fR" 4
+.IX Item "-help"
+Print out a usage message.
.IP "\fB\-inform DER|PEM|NET\fR" 4
.IX Item "-inform DER|PEM|NET"
This specifies the input format normally the command will expect an X509
@@ -212,11 +219,11 @@ certificate but this can change if other options such as \fB\-req\fR are
present. The \s-1DER\s0 format is the \s-1DER\s0 encoding of the certificate and \s-1PEM\s0
is the base64 encoding of the \s-1DER\s0 encoding with header and footer lines
added. The \s-1NET\s0 option is an obscure Netscape server format that is now
-obsolete.
+obsolete. The default format is \s-1PEM.\s0
.IP "\fB\-outform DER|PEM|NET\fR" 4
.IX Item "-outform DER|PEM|NET"
-This specifies the output format, the options have the same meaning as the
-\&\fB\-inform\fR option.
+This specifies the output format, the options have the same meaning and default
+as the \fB\-inform\fR option.
.IP "\fB\-in filename\fR" 4
.IX Item "-in filename"
This specifies the input filename to read a certificate from or standard input
@@ -225,98 +232,120 @@ if this option is not specified.
.IX Item "-out filename"
This specifies the output filename to write to or standard output by
default.
-.IP "\fB\-md2|\-md5|\-sha1|\-mdc2\fR" 4
-.IX Item "-md2|-md5|-sha1|-mdc2"
-the digest to use. This affects any signing or display option that uses a message
-digest, such as the \fB\-fingerprint\fR, \fB\-signkey\fR and \fB\-CA\fR options. If not
-specified then \s-1SHA1\s0 is used. If the key being used to sign with is a \s-1DSA\s0 key
-then this option has no effect: \s-1SHA1\s0 is always used with \s-1DSA\s0 keys.
+.IP "\fB\-\f(BIdigest\fB\fR" 4
+.IX Item "-digest"
+The digest to use.
+This affects any signing or display option that uses a message
+digest, such as the \fB\-fingerprint\fR, \fB\-signkey\fR and \fB\-CA\fR options.
+Any digest supported by the OpenSSL \fBdgst\fR command can be used.
+If not specified then \s-1SHA1\s0 is used with \fB\-fingerprint\fR or
+the default digest for the signing algorithm is used, typically \s-1SHA256.\s0
+.IP "\fB\-rand file...\fR" 4
+.IX Item "-rand file..."
+A file or files containing random data used to seed the random number
+generator.
+Multiple files can be specified separated by an OS-dependent character.
+The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
+all others.
+.IP "[\fB\-writerand file\fR]" 4
+.IX Item "[-writerand file]"
+Writes random data to the specified \fIfile\fR upon exit.
+This can be used with a subsequent \fB\-rand\fR flag.
.IP "\fB\-engine id\fR" 4
.IX Item "-engine id"
-specifying an engine (by its unique \fBid\fR string) will cause \fBx509\fR
+Specifying an engine (by its unique \fBid\fR string) will cause \fBx509\fR
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
-.SS "\s-1DISPLAY OPTIONS\s0"
-.IX Subsection "DISPLAY OPTIONS"
+.IP "\fB\-preserve_dates\fR" 4
+.IX Item "-preserve_dates"
+When signing a certificate, preserve the \*(L"notBefore\*(R" and \*(L"notAfter\*(R" dates instead
+of adjusting them to current time and duration. Cannot be used with the \fB\-days\fR option.
+.SS "Display Options"
+.IX Subsection "Display Options"
Note: the \fB\-alias\fR and \fB\-purpose\fR options are also display options
but are described in the \fB\s-1TRUST SETTINGS\s0\fR section.
.IP "\fB\-text\fR" 4
.IX Item "-text"
-prints out the certificate in text form. Full details are output including the
+Prints out the certificate in text form. Full details are output including the
public key, signature algorithms, issuer and subject names, serial number
any extensions present and any trust settings.
+.IP "\fB\-ext extensions\fR" 4
+.IX Item "-ext extensions"
+Prints out the certificate extensions in text form. Extensions are specified
+with a comma separated string, e.g., \*(L"subjectAltName,subjectKeyIdentifier\*(R".
+See the \fIx509v3_config\fR\|(5) manual page for the extension names.
.IP "\fB\-certopt option\fR" 4
.IX Item "-certopt option"
-customise the output format used with \fB\-text\fR. The \fBoption\fR argument can be
-a single option or multiple options separated by commas. The \fB\-certopt\fR switch
-may be also be used more than once to set multiple options. See the \fB\s-1TEXT OPTIONS\s0\fR
-section for more information.
+Customise the output format used with \fB\-text\fR. The \fBoption\fR argument
+can be a single option or multiple options separated by commas. The
+\&\fB\-certopt\fR switch may be also be used more than once to set multiple
+options. See the \fB\s-1TEXT OPTIONS\s0\fR section for more information.
.IP "\fB\-noout\fR" 4
.IX Item "-noout"
-this option prevents output of the encoded version of the request.
+This option prevents output of the encoded version of the request.
.IP "\fB\-pubkey\fR" 4
.IX Item "-pubkey"
-outputs the certificate's SubjectPublicKeyInfo block in \s-1PEM\s0 format.
+Outputs the certificate's SubjectPublicKeyInfo block in \s-1PEM\s0 format.
.IP "\fB\-modulus\fR" 4
.IX Item "-modulus"
-this option prints out the value of the modulus of the public key
+This option prints out the value of the modulus of the public key
contained in the certificate.
.IP "\fB\-serial\fR" 4
.IX Item "-serial"
-outputs the certificate serial number.
+Outputs the certificate serial number.
.IP "\fB\-subject_hash\fR" 4
.IX Item "-subject_hash"
-outputs the \*(L"hash\*(R" of the certificate subject name. This is used in OpenSSL to
+Outputs the \*(L"hash\*(R" of the certificate subject name. This is used in OpenSSL to
form an index to allow certificates in a directory to be looked up by subject
name.
.IP "\fB\-issuer_hash\fR" 4
.IX Item "-issuer_hash"
-outputs the \*(L"hash\*(R" of the certificate issuer name.
+Outputs the \*(L"hash\*(R" of the certificate issuer name.
.IP "\fB\-ocspid\fR" 4
.IX Item "-ocspid"
-outputs the \s-1OCSP\s0 hash values for the subject name and public key.
+Outputs the \s-1OCSP\s0 hash values for the subject name and public key.
.IP "\fB\-hash\fR" 4
.IX Item "-hash"
-synonym for \*(L"\-subject_hash\*(R" for backward compatibility reasons.
+Synonym for \*(L"\-subject_hash\*(R" for backward compatibility reasons.
.IP "\fB\-subject_hash_old\fR" 4
.IX Item "-subject_hash_old"
-outputs the \*(L"hash\*(R" of the certificate subject name using the older algorithm
-as used by OpenSSL versions before 1.0.0.
+Outputs the \*(L"hash\*(R" of the certificate subject name using the older algorithm
+as used by OpenSSL before version 1.0.0.
.IP "\fB\-issuer_hash_old\fR" 4
.IX Item "-issuer_hash_old"
-outputs the \*(L"hash\*(R" of the certificate issuer name using the older algorithm
-as used by OpenSSL versions before 1.0.0.
+Outputs the \*(L"hash\*(R" of the certificate issuer name using the older algorithm
+as used by OpenSSL before version 1.0.0.
.IP "\fB\-subject\fR" 4
.IX Item "-subject"
-outputs the subject name.
+Outputs the subject name.
.IP "\fB\-issuer\fR" 4
.IX Item "-issuer"
-outputs the issuer name.
+Outputs the issuer name.
.IP "\fB\-nameopt option\fR" 4
.IX Item "-nameopt option"
-option which determines how the subject or issuer names are displayed. The
+Option which determines how the subject or issuer names are displayed. The
\&\fBoption\fR argument can be a single option or multiple options separated by
commas. Alternatively the \fB\-nameopt\fR switch may be used more than once to
set multiple options. See the \fB\s-1NAME OPTIONS\s0\fR section for more information.
.IP "\fB\-email\fR" 4
.IX Item "-email"
-outputs the email address(es) if any.
+Outputs the email address(es) if any.
.IP "\fB\-ocsp_uri\fR" 4
.IX Item "-ocsp_uri"
-outputs the \s-1OCSP\s0 responder address(es) if any.
+Outputs the \s-1OCSP\s0 responder address(es) if any.
.IP "\fB\-startdate\fR" 4
.IX Item "-startdate"
-prints out the start date of the certificate, that is the notBefore date.
+Prints out the start date of the certificate, that is the notBefore date.
.IP "\fB\-enddate\fR" 4
.IX Item "-enddate"
-prints out the expiry date of the certificate, that is the notAfter date.
+Prints out the expiry date of the certificate, that is the notAfter date.
.IP "\fB\-dates\fR" 4
.IX Item "-dates"
-prints out the start and expiry dates of a certificate.
+Prints out the start and expiry dates of a certificate.
.IP "\fB\-checkend arg\fR" 4
.IX Item "-checkend arg"
-checks if the certificate expires within the next \fBarg\fR seconds and exits
+Checks if the certificate expires within the next \fBarg\fR seconds and exits
non-zero if yes it will expire or zero if not.
.IP "\fB\-fingerprint\fR" 4
.IX Item "-fingerprint"
@@ -327,11 +356,9 @@ digests, the fingerprint of a certificate is unique to that certificate and
two certificates with the same fingerprint can be considered to be the same.
.IP "\fB\-C\fR" 4
.IX Item "-C"
-this outputs the certificate in the form of a C source file.
-.SS "\s-1TRUST SETTINGS\s0"
-.IX Subsection "TRUST SETTINGS"
-Please note these options are currently experimental and may well change.
-.PP
+This outputs the certificate in the form of a C source file.
+.SS "Trust Settings"
+.IX Subsection "Trust Settings"
A \fBtrusted certificate\fR is an ordinary certificate which has several
additional pieces of information attached to it such as the permitted
and prohibited uses of the certificate and an \*(L"alias\*(R".
@@ -352,46 +379,49 @@ Future versions of OpenSSL will recognize trust settings on any
certificate: not just root CAs.
.IP "\fB\-trustout\fR" 4
.IX Item "-trustout"
-this causes \fBx509\fR to output a \fBtrusted\fR certificate. An ordinary
+This causes \fBx509\fR to output a \fBtrusted\fR certificate. An ordinary
or trusted certificate can be input but by default an ordinary
certificate is output and any trust settings are discarded. With the
\&\fB\-trustout\fR option a trusted certificate is output. A trusted
certificate is automatically output if any trust settings are modified.
.IP "\fB\-setalias arg\fR" 4
.IX Item "-setalias arg"
-sets the alias of the certificate. This will allow the certificate
+Sets the alias of the certificate. This will allow the certificate
to be referred to using a nickname for example \*(L"Steve's Certificate\*(R".
.IP "\fB\-alias\fR" 4
.IX Item "-alias"
-outputs the certificate alias, if any.
+Outputs the certificate alias, if any.
.IP "\fB\-clrtrust\fR" 4
.IX Item "-clrtrust"
-clears all the permitted or trusted uses of the certificate.
+Clears all the permitted or trusted uses of the certificate.
.IP "\fB\-clrreject\fR" 4
.IX Item "-clrreject"
-clears all the prohibited or rejected uses of the certificate.
+Clears all the prohibited or rejected uses of the certificate.
.IP "\fB\-addtrust arg\fR" 4
.IX Item "-addtrust arg"
-adds a trusted certificate use. Any object name can be used here
-but currently only \fBclientAuth\fR (\s-1SSL\s0 client use), \fBserverAuth\fR
-(\s-1SSL\s0 server use) and \fBemailProtection\fR (S/MIME email) are used.
+Adds a trusted certificate use.
+Any object name can be used here but currently only \fBclientAuth\fR (\s-1SSL\s0 client
+use), \fBserverAuth\fR (\s-1SSL\s0 server use), \fBemailProtection\fR (S/MIME email) and
+\&\fBanyExtendedKeyUsage\fR are used.
+As of OpenSSL 1.1.0, the last of these blocks all purposes when rejected or
+enables all purposes when trusted.
Other OpenSSL applications may define additional uses.
.IP "\fB\-addreject arg\fR" 4
.IX Item "-addreject arg"
-adds a prohibited use. It accepts the same values as the \fB\-addtrust\fR
+Adds a prohibited use. It accepts the same values as the \fB\-addtrust\fR
option.
.IP "\fB\-purpose\fR" 4
.IX Item "-purpose"
-this option performs tests on the certificate extensions and outputs
+This option performs tests on the certificate extensions and outputs
the results. For a more complete description see the \fB\s-1CERTIFICATE
EXTENSIONS\s0\fR section.
-.SS "\s-1SIGNING OPTIONS\s0"
-.IX Subsection "SIGNING OPTIONS"
+.SS "Signing Options"
+.IX Subsection "Signing Options"
The \fBx509\fR utility can be used to sign certificates and requests: it
can thus behave like a \*(L"mini \s-1CA\*(R".\s0
.IP "\fB\-signkey filename\fR" 4
.IX Item "-signkey filename"
-this option causes the input file to be self signed using the supplied
+This option causes the input file to be self signed using the supplied
private key.
.Sp
If the input file is a certificate it sets the issuer name to the
@@ -399,49 +429,49 @@ subject name (i.e. makes it self signed) changes the public key to the
supplied value and changes the start and end dates. The start date is
set to the current time and the end date is set to a value determined
by the \fB\-days\fR option. Any certificate extensions are retained unless
-the \fB\-clrext\fR option is supplied.
+the \fB\-clrext\fR option is supplied; this includes, for example, any existing
+key identifier extensions.
.Sp
If the input is a certificate request then a self signed certificate
is created using the supplied private key using the subject name in
the request.
.IP "\fB\-passin arg\fR" 4
.IX Item "-passin arg"
-the key password source. For more information about the format of \fBarg\fR
+The key password source. For more information about the format of \fBarg\fR
see the \fB\s-1PASS PHRASE ARGUMENTS\s0\fR section in \fIopenssl\fR\|(1).
.IP "\fB\-clrext\fR" 4
.IX Item "-clrext"
-delete any extensions from a certificate. This option is used when a
+Delete any extensions from a certificate. This option is used when a
certificate is being created from another certificate (for example with
the \fB\-signkey\fR or the \fB\-CA\fR options). Normally all extensions are
retained.
.IP "\fB\-keyform PEM|DER\fR" 4
.IX Item "-keyform PEM|DER"
-specifies the format (\s-1DER\s0 or \s-1PEM\s0) of the private key file used in the
+Specifies the format (\s-1DER\s0 or \s-1PEM\s0) of the private key file used in the
\&\fB\-signkey\fR option.
.IP "\fB\-days arg\fR" 4
.IX Item "-days arg"
-specifies the number of days to make a certificate valid for. The default
-is 30 days.
+Specifies the number of days to make a certificate valid for. The default
+is 30 days. Cannot be used with the \fB\-preserve_dates\fR option.
.IP "\fB\-x509toreq\fR" 4
.IX Item "-x509toreq"
-converts a certificate into a certificate request. The \fB\-signkey\fR option
+Converts a certificate into a certificate request. The \fB\-signkey\fR option
is used to pass the required private key.
.IP "\fB\-req\fR" 4
.IX Item "-req"
-by default a certificate is expected on input. With this option a
+By default a certificate is expected on input. With this option a
certificate request is expected instead.
.IP "\fB\-set_serial n\fR" 4
.IX Item "-set_serial n"
-specifies the serial number to use. This option can be used with either
+Specifies the serial number to use. This option can be used with either
the \fB\-signkey\fR or \fB\-CA\fR options. If used in conjunction with the \fB\-CA\fR
option the serial number file (as specified by the \fB\-CAserial\fR or
\&\fB\-CAcreateserial\fR options) is not used.
.Sp
-The serial number can be decimal or hex (if preceded by \fB0x\fR). Negative
-serial numbers can also be specified but their use is not recommended.
+The serial number can be decimal or hex (if preceded by \fB0x\fR).
.IP "\fB\-CA filename\fR" 4
.IX Item "-CA filename"
-specifies the \s-1CA\s0 certificate to be used for signing. When this option is
+Specifies the \s-1CA\s0 certificate to be used for signing. When this option is
present \fBx509\fR behaves like a \*(L"mini \s-1CA\*(R".\s0 The input file is signed by this
\&\s-1CA\s0 using this option: that is its issuer name is set to the subject name
of the \s-1CA\s0 and it is digitally signed using the CAs private key.
@@ -450,34 +480,35 @@ This option is normally combined with the \fB\-req\fR option. Without the
\&\fB\-req\fR option the input is a certificate which must be self signed.
.IP "\fB\-CAkey filename\fR" 4
.IX Item "-CAkey filename"
-sets the \s-1CA\s0 private key to sign a certificate with. If this option is
+Sets the \s-1CA\s0 private key to sign a certificate with. If this option is
not specified then it is assumed that the \s-1CA\s0 private key is present in
the \s-1CA\s0 certificate file.
.IP "\fB\-CAserial filename\fR" 4
.IX Item "-CAserial filename"
-sets the \s-1CA\s0 serial number file to use.
+Sets the \s-1CA\s0 serial number file to use.
.Sp
When the \fB\-CA\fR option is used to sign a certificate it uses a serial
-number specified in a file. This file consist of one line containing
+number specified in a file. This file consists of one line containing
an even number of hex digits with the serial number to use. After each
use the serial number is incremented and written out to the file again.
.Sp
The default filename consists of the \s-1CA\s0 certificate file base name with
-\&\*(L".srl\*(R" appended. For example if the \s-1CA\s0 certificate file is called
+\&\*(L".srl\*(R" appended. For example if the \s-1CA\s0 certificate file is called
\&\*(L"mycacert.pem\*(R" it expects to find a serial number file called \*(L"mycacert.srl\*(R".
.IP "\fB\-CAcreateserial\fR" 4
.IX Item "-CAcreateserial"
-with this option the \s-1CA\s0 serial number file is created if it does not exist:
+With this option the \s-1CA\s0 serial number file is created if it does not exist:
it will contain the serial number \*(L"02\*(R" and the certificate being signed will
-have the 1 as its serial number. Normally if the \fB\-CA\fR option is specified
-and the serial number file does not exist it is an error.
+have the 1 as its serial number. If the \fB\-CA\fR option is specified
+and the serial number file does not exist a random number is generated;
+this is the recommended practice.
.IP "\fB\-extfile filename\fR" 4
.IX Item "-extfile filename"
-file containing certificate extensions to use. If not specified then
+File containing certificate extensions to use. If not specified then
no extensions are added to the certificate.
.IP "\fB\-extensions section\fR" 4
.IX Item "-extensions section"
-the section to add certificate extensions from. If this option is not
+The section to add certificate extensions from. If this option is not
specified then the extensions should either be contained in the unnamed
(default) section or the default section should contain a variable called
\&\*(L"extensions\*(R" which contains the section to use. See the
@@ -485,14 +516,14 @@ specified then the extensions should either be contained in the unnamed
extension section format.
.IP "\fB\-force_pubkey key\fR" 4
.IX Item "-force_pubkey key"
-when a certificate is created set its public key to \fBkey\fR instead of the
+When a certificate is created set its public key to \fBkey\fR instead of the
key in the certificate or certificate request. This option is useful for
creating certificates where the algorithm can't normally sign requests, for
example \s-1DH.\s0
.Sp
The format or \fBkey\fR can be specified using the \fB\-keyform\fR option.
-.SS "\s-1NAME OPTIONS\s0"
-.IX Subsection "NAME OPTIONS"
+.SS "Name Options"
+.IX Subsection "Name Options"
The \fBnameopt\fR command line switch determines how the subject and issuer
names are displayed. If no \fBnameopt\fR switch is present the default \*(L"oneline\*(R"
format is used which is compatible with previous versions of OpenSSL.
@@ -500,44 +531,48 @@ Each option is described in detail below, all options can be preceded by
a \fB\-\fR to turn the option off. Only the first four will normally be used.
.IP "\fBcompat\fR" 4
.IX Item "compat"
-use the old format. This is equivalent to specifying no name options at all.
+Use the old format.
.IP "\fB\s-1RFC2253\s0\fR" 4
.IX Item "RFC2253"
-displays names compatible with \s-1RFC2253\s0 equivalent to \fBesc_2253\fR, \fBesc_ctrl\fR,
+Displays names compatible with \s-1RFC2253\s0 equivalent to \fBesc_2253\fR, \fBesc_ctrl\fR,
\&\fBesc_msb\fR, \fButf8\fR, \fBdump_nostr\fR, \fBdump_unknown\fR, \fBdump_der\fR,
\&\fBsep_comma_plus\fR, \fBdn_rev\fR and \fBsname\fR.
.IP "\fBoneline\fR" 4
.IX Item "oneline"
-a oneline format which is more readable than \s-1RFC2253.\s0 It is equivalent to
+A oneline format which is more readable than \s-1RFC2253.\s0 It is equivalent to
specifying the \fBesc_2253\fR, \fBesc_ctrl\fR, \fBesc_msb\fR, \fButf8\fR, \fBdump_nostr\fR,
\&\fBdump_der\fR, \fBuse_quote\fR, \fBsep_comma_plus_space\fR, \fBspace_eq\fR and \fBsname\fR
-options.
+options. This is the \fIdefault\fR of no name options are given explicitly.
.IP "\fBmultiline\fR" 4
.IX Item "multiline"
-a multiline format. It is equivalent \fBesc_ctrl\fR, \fBesc_msb\fR, \fBsep_multiline\fR,
+A multiline format. It is equivalent \fBesc_ctrl\fR, \fBesc_msb\fR, \fBsep_multiline\fR,
\&\fBspace_eq\fR, \fBlname\fR and \fBalign\fR.
.IP "\fBesc_2253\fR" 4
.IX Item "esc_2253"
-escape the \*(L"special\*(R" characters required by \s-1RFC2253\s0 in a field That is
+Escape the \*(L"special\*(R" characters required by \s-1RFC2253\s0 in a field. That is
\&\fB,+"<>;\fR. Additionally \fB#\fR is escaped at the beginning of a string
and a space character at the beginning or end of a string.
+.IP "\fBesc_2254\fR" 4
+.IX Item "esc_2254"
+Escape the \*(L"special\*(R" characters required by \s-1RFC2254\s0 in a field. That is
+the \fB\s-1NUL\s0\fR character as well as and \fB()*\fR.
.IP "\fBesc_ctrl\fR" 4
.IX Item "esc_ctrl"
-escape control characters. That is those with \s-1ASCII\s0 values less than
+Escape control characters. That is those with \s-1ASCII\s0 values less than
0x20 (space) and the delete (0x7f) character. They are escaped using the
\&\s-1RFC2253\s0 \eXX notation (where \s-1XX\s0 are two hex digits representing the
character value).
.IP "\fBesc_msb\fR" 4
.IX Item "esc_msb"
-escape characters with the \s-1MSB\s0 set, that is with \s-1ASCII\s0 values larger than
+Escape characters with the \s-1MSB\s0 set, that is with \s-1ASCII\s0 values larger than
127.
.IP "\fBuse_quote\fR" 4
.IX Item "use_quote"
-escapes some characters by surrounding the whole string with \fB"\fR characters,
+Escapes some characters by surrounding the whole string with \fB"\fR characters,
without the option all escaping is done with the \fB\e\fR character.
.IP "\fButf8\fR" 4
.IX Item "utf8"
-convert all strings to \s-1UTF8\s0 format first. This is required by \s-1RFC2253.\s0 If
+Convert all strings to \s-1UTF8\s0 format first. This is required by \s-1RFC2253.\s0 If
you are lucky enough to have a \s-1UTF8\s0 compatible terminal then the use
of this option (and \fBnot\fR setting \fBesc_msb\fR) may result in the correct
display of multibyte (international) characters. Is this option is not
@@ -547,35 +582,35 @@ Also if this option is off any UTF8Strings will be converted to their
character form first.
.IP "\fBignore_type\fR" 4
.IX Item "ignore_type"
-this option does not attempt to interpret multibyte characters in any
+This option does not attempt to interpret multibyte characters in any
way. That is their content octets are merely dumped as though one octet
represents each character. This is useful for diagnostic purposes but
will result in rather odd looking output.
.IP "\fBshow_type\fR" 4
.IX Item "show_type"
-show the type of the \s-1ASN1\s0 character string. The type precedes the
+Show the type of the \s-1ASN1\s0 character string. The type precedes the
field contents. For example \*(L"\s-1BMPSTRING:\s0 Hello World\*(R".
.IP "\fBdump_der\fR" 4
.IX Item "dump_der"
-when this option is set any fields that need to be hexdumped will
+When this option is set any fields that need to be hexdumped will
be dumped using the \s-1DER\s0 encoding of the field. Otherwise just the
content octets will be displayed. Both options use the \s-1RFC2253\s0
\&\fB#XXXX...\fR format.
.IP "\fBdump_nostr\fR" 4
.IX Item "dump_nostr"
-dump non character string types (for example \s-1OCTET STRING\s0) if this
+Dump non character string types (for example \s-1OCTET STRING\s0) if this
option is not set then non character string types will be displayed
as though each content octet represents a single character.
.IP "\fBdump_all\fR" 4
.IX Item "dump_all"
-dump all fields. This option when used with \fBdump_der\fR allows the
+Dump all fields. This option when used with \fBdump_der\fR allows the
\&\s-1DER\s0 encoding of the structure to be unambiguously determined.
.IP "\fBdump_unknown\fR" 4
.IX Item "dump_unknown"
-dump any field whose \s-1OID\s0 is not recognised by OpenSSL.
+Dump any field whose \s-1OID\s0 is not recognised by OpenSSL.
.IP "\fBsep_comma_plus\fR, \fBsep_comma_plus_space\fR, \fBsep_semi_plus_space\fR, \fBsep_multiline\fR" 4
.IX Item "sep_comma_plus, sep_comma_plus_space, sep_semi_plus_space, sep_multiline"
-these options determine the field separators. The first character is
+These options determine the field separators. The first character is
between RDNs and the second between multiple AVAs (multiple AVAs are
very rare and their use is discouraged). The options ending in
\&\*(L"space\*(R" additionally place a space after the separator to make it
@@ -585,80 +620,82 @@ indents the fields by four characters. If no field separator is specified
then \fBsep_comma_plus_space\fR is used by default.
.IP "\fBdn_rev\fR" 4
.IX Item "dn_rev"
-reverse the fields of the \s-1DN.\s0 This is required by \s-1RFC2253.\s0 As a side
+Reverse the fields of the \s-1DN.\s0 This is required by \s-1RFC2253.\s0 As a side
effect this also reverses the order of multiple AVAs but this is
permissible.
.IP "\fBnofname\fR, \fBsname\fR, \fBlname\fR, \fBoid\fR" 4
.IX Item "nofname, sname, lname, oid"
-these options alter how the field name is displayed. \fBnofname\fR does
+These options alter how the field name is displayed. \fBnofname\fR does
not display the field at all. \fBsname\fR uses the \*(L"short name\*(R" form
(\s-1CN\s0 for commonName for example). \fBlname\fR uses the long form.
\&\fBoid\fR represents the \s-1OID\s0 in numerical form and is useful for
diagnostic purpose.
.IP "\fBalign\fR" 4
.IX Item "align"
-align field values for a more readable output. Only usable with
+Align field values for a more readable output. Only usable with
\&\fBsep_multiline\fR.
.IP "\fBspace_eq\fR" 4
.IX Item "space_eq"
-places spaces round the \fB=\fR character which follows the field
+Places spaces round the \fB=\fR character which follows the field
name.
-.SS "\s-1TEXT OPTIONS\s0"
-.IX Subsection "TEXT OPTIONS"
+.SS "Text Options"
+.IX Subsection "Text Options"
As well as customising the name output format, it is also possible to
customise the actual fields printed using the \fBcertopt\fR options when
the \fBtext\fR option is present. The default behaviour is to print all fields.
.IP "\fBcompatible\fR" 4
.IX Item "compatible"
-use the old format. This is equivalent to specifying no output options at all.
+Use the old format. This is equivalent to specifying no output options at all.
.IP "\fBno_header\fR" 4
.IX Item "no_header"
-don't print header information: that is the lines saying \*(L"Certificate\*(R" and \*(L"Data\*(R".
+Don't print header information: that is the lines saying \*(L"Certificate\*(R"
+and \*(L"Data\*(R".
.IP "\fBno_version\fR" 4
.IX Item "no_version"
-don't print out the version number.
+Don't print out the version number.
.IP "\fBno_serial\fR" 4
.IX Item "no_serial"
-don't print out the serial number.
+Don't print out the serial number.
.IP "\fBno_signame\fR" 4
.IX Item "no_signame"
-don't print out the signature algorithm used.
+Don't print out the signature algorithm used.
.IP "\fBno_validity\fR" 4
.IX Item "no_validity"
-don't print the validity, that is the \fBnotBefore\fR and \fBnotAfter\fR fields.
+Don't print the validity, that is the \fBnotBefore\fR and \fBnotAfter\fR fields.
.IP "\fBno_subject\fR" 4
.IX Item "no_subject"
-don't print out the subject name.
+Don't print out the subject name.
.IP "\fBno_issuer\fR" 4
.IX Item "no_issuer"
-don't print out the issuer name.
+Don't print out the issuer name.
.IP "\fBno_pubkey\fR" 4
.IX Item "no_pubkey"
-don't print out the public key.
+Don't print out the public key.
.IP "\fBno_sigdump\fR" 4
.IX Item "no_sigdump"
-don't give a hexadecimal dump of the certificate signature.
+Don't give a hexadecimal dump of the certificate signature.
.IP "\fBno_aux\fR" 4
.IX Item "no_aux"
-don't print out certificate trust information.
+Don't print out certificate trust information.
.IP "\fBno_extensions\fR" 4
.IX Item "no_extensions"
-don't print out any X509V3 extensions.
+Don't print out any X509V3 extensions.
.IP "\fBext_default\fR" 4
.IX Item "ext_default"
-retain default extension behaviour: attempt to print out unsupported certificate extensions.
+Retain default extension behaviour: attempt to print out unsupported
+certificate extensions.
.IP "\fBext_error\fR" 4
.IX Item "ext_error"
-print an error message for unsupported certificate extensions.
+Print an error message for unsupported certificate extensions.
.IP "\fBext_parse\fR" 4
.IX Item "ext_parse"
\&\s-1ASN1\s0 parse unsupported extensions.
.IP "\fBext_dump\fR" 4
.IX Item "ext_dump"
-hex dump unsupported extensions.
+Hex dump unsupported extensions.
.IP "\fBca_default\fR" 4
.IX Item "ca_default"
-the value used by the \fBca\fR utility, equivalent to \fBno_issuer\fR, \fBno_pubkey\fR,
+The value used by the \fBca\fR utility, equivalent to \fBno_issuer\fR, \fBno_pubkey\fR,
\&\fBno_header\fR, and \fBno_version\fR.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
@@ -671,6 +708,18 @@ Display the contents of a certificate:
\& openssl x509 \-in cert.pem \-noout \-text
.Ve
.PP
+Display the \*(L"Subject Alternative Name\*(R" extension of a certificate:
+.PP
+.Vb 1
+\& openssl x509 \-in cert.pem \-noout \-ext subjectAltName
+.Ve
+.PP
+Display more extensions of a certificate:
+.PP
+.Vb 1
+\& openssl x509 \-in cert.pem \-noout \-ext subjectAltName,nsCertType
+.Ve
+.PP
Display the certificate serial number:
.PP
.Vb 1
@@ -839,13 +888,13 @@ Otherwise it is the same as a normal \s-1SSL\s0 server.
.IX Item "Common S/MIME Client Tests"
The extended key usage extension must be absent or include the \*(L"email
protection\*(R" \s-1OID.\s0 Netscape certificate type must be absent or should have the
-S/MIME bit set. If the S/MIME bit is not set in netscape certificate type
+S/MIME bit set. If the S/MIME bit is not set in Netscape certificate type
then the \s-1SSL\s0 client bit is tolerated as an alternative but a warning is shown:
this is because some Verisign certificates don't set the S/MIME bit.
.IP "\fBS/MIME Signing\fR" 4
.IX Item "S/MIME Signing"
-In addition to the common S/MIME client tests the digitalSignature bit must
-be set if the keyUsage extension is present.
+In addition to the common S/MIME client tests the digitalSignature bit or
+the nonRepudiation bit must be set if the keyUsage extension is present.
.IP "\fBS/MIME Encryption\fR" 4
.IX Item "S/MIME Encryption"
In addition to the common S/MIME tests the keyEncipherment bit must be set
@@ -875,11 +924,6 @@ be checked.
.PP
There should be options to explicitly set such things as start and end
dates rather than an offset from the current time.
-.PP
-The code to implement the verify behaviour described in the \fB\s-1TRUST SETTINGS\s0\fR
-is currently being developed. It thus describes the intended behaviour rather
-than the current behaviour. It is hoped that it will represent reality in
-OpenSSL 0.9.5 and later.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIreq\fR\|(1), \fIca\fR\|(1), \fIgenrsa\fR\|(1),
@@ -887,10 +931,16 @@ OpenSSL 0.9.5 and later.
\&\fIx509v3_config\fR\|(5)
.SH "HISTORY"
.IX Header "HISTORY"
-Before OpenSSL 0.9.8, the default digest for \s-1RSA\s0 keys was \s-1MD5.\s0
-.PP
The hash algorithm used in the \fB\-subject_hash\fR and \fB\-issuer_hash\fR options
before OpenSSL 1.0.0 was based on the deprecated \s-1MD5\s0 algorithm and the encoding
of the distinguished name. In OpenSSL 1.0.0 and later it is based on a
canonical version of the \s-1DN\s0 using \s-1SHA1.\s0 This means that any directories using
the old form must have their links rebuilt using \fBc_rehash\fR or similar.
+.SH "COPYRIGHT"
+.IX Header "COPYRIGHT"
+Copyright 2000\-2018 The OpenSSL Project Authors. All Rights Reserved.
+.PP
+Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file \s-1LICENSE\s0 in the source distribution or at
+<https://www.openssl.org/source/license.html>.
diff --git a/secure/usr.bin/openssl/man/x509v3_config.1 b/secure/usr.bin/openssl/man/x509v3_config.1
deleted file mode 100644
index ab46f48c8a03..000000000000
--- a/secure/usr.bin/openssl/man/x509v3_config.1
+++ /dev/null
@@ -1,679 +0,0 @@
-.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
-.\"
-.\" Standard preamble:
-.\" ========================================================================
-.de Sp \" Vertical space (when we can't use .PP)
-.if t .sp .5v
-.if n .sp
-..
-.de Vb \" Begin verbatim text
-.ft CW
-.nf
-.ne \\$1
-..
-.de Ve \" End verbatim text
-.ft R
-.fi
-..
-.\" Set up some character translations and predefined strings. \*(-- will
-.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote. \*(C+ will
-.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
-.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
-.\" nothing in troff, for use with C<>.
-.tr \(*W-
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.ie n \{\
-. ds -- \(*W-
-. ds PI pi
-. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-. ds L" ""
-. ds R" ""
-. ds C` ""
-. ds C' ""
-'br\}
-.el\{\
-. ds -- \|\(em\|
-. ds PI \(*p
-. ds L" ``
-. ds R" ''
-. ds C`
-. ds C'
-'br\}
-.\"
-.\" Escape single quotes in literal strings from groff's Unicode transform.
-.ie \n(.g .ds Aq \(aq
-.el .ds Aq '
-.\"
-.\" If the F register is >0, we'll generate index entries on stderr for
-.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
-.\" entries marked with X<> in POD. Of course, you'll have to process the
-.\" output yourself in some meaningful fashion.
-.\"
-.\" Avoid warning from groff about undefined register 'F'.
-.de IX
-..
-.if !\nF .nr F 0
-.if \nF>0 \{\
-. de IX
-. tm Index:\\$1\t\\n%\t"\\$2"
-..
-. if !\nF==2 \{\
-. nr % 0
-. nr F 2
-. \}
-.\}
-.\"
-.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
-.\" Fear. Run. Save yourself. No user-serviceable parts.
-. \" fudge factors for nroff and troff
-.if n \{\
-. ds #H 0
-. ds #V .8m
-. ds #F .3m
-. ds #[ \f1
-. ds #] \fP
-.\}
-.if t \{\
-. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
-. ds #F 0
-. ds #[ \&
-. ds #] \&
-.\}
-. \" simple accents for nroff and troff
-.if n \{\
-. ds ' \&
-. ds ` \&
-. ds ^ \&
-. ds , \&
-. ds ~ ~
-. ds /
-.\}
-.if t \{\
-. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-.\}
-. \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-. \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-. \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-. ds : e
-. ds 8 ss
-. ds o a
-. ds d- d\h'-1'\(ga
-. ds D- D\h'-1'\(hy
-. ds th \o'bp'
-. ds Th \o'LP'
-. ds ae ae
-. ds Ae AE
-.\}
-.rm #[ #] #H #V #F C
-.\" ========================================================================
-.\"
-.IX Title "X509V3_CONFIG 1"
-.TH X509V3_CONFIG 1 "2018-08-14" "1.0.2p" "OpenSSL"
-.\" For nroff, turn off justification. Always turn off hyphenation; it makes
-.\" way too many mistakes in technical documents.
-.if n .ad l
-.nh
-.SH "NAME"
-x509v3_config \- X509 V3 certificate extension configuration format
-.SH "DESCRIPTION"
-.IX Header "DESCRIPTION"
-Several of the OpenSSL utilities can add extensions to a certificate or
-certificate request based on the contents of a configuration file.
-.PP
-Typically the application will contain an option to point to an extension
-section. Each line of the extension section takes the form:
-.PP
-.Vb 1
-\& extension_name=[critical,] extension_options
-.Ve
-.PP
-If \fBcritical\fR is present then the extension will be critical.
-.PP
-The format of \fBextension_options\fR depends on the value of \fBextension_name\fR.
-.PP
-There are four main types of extension: \fIstring\fR extensions, \fImulti-valued\fR
-extensions, \fIraw\fR and \fIarbitrary\fR extensions.
-.PP
-String extensions simply have a string which contains either the value itself
-or how it is obtained.
-.PP
-For example:
-.PP
-.Vb 1
-\& nsComment="This is a Comment"
-.Ve
-.PP
-Multi-valued extensions have a short form and a long form. The short form
-is a list of names and values:
-.PP
-.Vb 1
-\& basicConstraints=critical,CA:true,pathlen:1
-.Ve
-.PP
-The long form allows the values to be placed in a separate section:
-.PP
-.Vb 1
-\& basicConstraints=critical,@bs_section
-\&
-\& [bs_section]
-\&
-\& CA=true
-\& pathlen=1
-.Ve
-.PP
-Both forms are equivalent.
-.PP
-The syntax of raw extensions is governed by the extension code: it can
-for example contain data in multiple sections. The correct syntax to
-use is defined by the extension code itself: check out the certificate
-policies extension for an example.
-.PP
-If an extension type is unsupported then the \fIarbitrary\fR extension syntax
-must be used, see the \s-1ARBITRARY EXTENSIONS\s0 section for more details.
-.SH "STANDARD EXTENSIONS"
-.IX Header "STANDARD EXTENSIONS"
-The following sections describe each supported extension in detail.
-.SS "Basic Constraints."
-.IX Subsection "Basic Constraints."
-This is a multi valued extension which indicates whether a certificate is
-a \s-1CA\s0 certificate. The first (mandatory) name is \fB\s-1CA\s0\fR followed by \fB\s-1TRUE\s0\fR or
-\&\fB\s-1FALSE\s0\fR. If \fB\s-1CA\s0\fR is \fB\s-1TRUE\s0\fR then an optional \fBpathlen\fR name followed by an
-non-negative value can be included.
-.PP
-For example:
-.PP
-.Vb 1
-\& basicConstraints=CA:TRUE
-\&
-\& basicConstraints=CA:FALSE
-\&
-\& basicConstraints=critical,CA:TRUE, pathlen:0
-.Ve
-.PP
-A \s-1CA\s0 certificate \fBmust\fR include the basicConstraints value with the \s-1CA\s0 field
-set to \s-1TRUE.\s0 An end user certificate must either set \s-1CA\s0 to \s-1FALSE\s0 or exclude the
-extension entirely. Some software may require the inclusion of basicConstraints
-with \s-1CA\s0 set to \s-1FALSE\s0 for end entity certificates.
-.PP
-The pathlen parameter indicates the maximum number of CAs that can appear
-below this one in a chain. So if you have a \s-1CA\s0 with a pathlen of zero it can
-only be used to sign end user certificates and not further CAs.
-.SS "Key Usage."
-.IX Subsection "Key Usage."
-Key usage is a multi valued extension consisting of a list of names of the
-permitted key usages.
-.PP
-The supporte names are: digitalSignature, nonRepudiation, keyEncipherment,
-dataEncipherment, keyAgreement, keyCertSign, cRLSign, encipherOnly
-and decipherOnly.
-.PP
-Examples:
-.PP
-.Vb 1
-\& keyUsage=digitalSignature, nonRepudiation
-\&
-\& keyUsage=critical, keyCertSign
-.Ve
-.SS "Extended Key Usage."
-.IX Subsection "Extended Key Usage."
-This extensions consists of a list of usages indicating purposes for which
-the certificate public key can be used for,
-.PP
-These can either be object short names or the dotted numerical form of OIDs.
-While any \s-1OID\s0 can be used only certain values make sense. In particular the
-following \s-1PKIX, NS\s0 and \s-1MS\s0 values are meaningful:
-.PP
-.Vb 10
-\& Value Meaning
-\& \-\-\-\-\- \-\-\-\-\-\-\-
-\& serverAuth SSL/TLS Web Server Authentication.
-\& clientAuth SSL/TLS Web Client Authentication.
-\& codeSigning Code signing.
-\& emailProtection E\-mail Protection (S/MIME).
-\& timeStamping Trusted Timestamping
-\& msCodeInd Microsoft Individual Code Signing (authenticode)
-\& msCodeCom Microsoft Commercial Code Signing (authenticode)
-\& msCTLSign Microsoft Trust List Signing
-\& msSGC Microsoft Server Gated Crypto
-\& msEFS Microsoft Encrypted File System
-\& nsSGC Netscape Server Gated Crypto
-.Ve
-.PP
-Examples:
-.PP
-.Vb 2
-\& extendedKeyUsage=critical,codeSigning,1.2.3.4
-\& extendedKeyUsage=nsSGC,msSGC
-.Ve
-.SS "Subject Key Identifier."
-.IX Subsection "Subject Key Identifier."
-This is really a string extension and can take two possible values. Either
-the word \fBhash\fR which will automatically follow the guidelines in \s-1RFC3280\s0
-or a hex string giving the extension value to include. The use of the hex
-string is strongly discouraged.
-.PP
-Example:
-.PP
-.Vb 1
-\& subjectKeyIdentifier=hash
-.Ve
-.SS "Authority Key Identifier."
-.IX Subsection "Authority Key Identifier."
-The authority key identifier extension permits two options. keyid and issuer:
-both can take the optional value \*(L"always\*(R".
-.PP
-If the keyid option is present an attempt is made to copy the subject key
-identifier from the parent certificate. If the value \*(L"always\*(R" is present
-then an error is returned if the option fails.
-.PP
-The issuer option copies the issuer and serial number from the issuer
-certificate. This will only be done if the keyid option fails or
-is not included unless the \*(L"always\*(R" flag will always include the value.
-.PP
-Example:
-.PP
-.Vb 1
-\& authorityKeyIdentifier=keyid,issuer
-.Ve
-.SS "Subject Alternative Name."
-.IX Subsection "Subject Alternative Name."
-The subject alternative name extension allows various literal values to be
-included in the configuration file. These include \fBemail\fR (an email address)
-\&\fB\s-1URI\s0\fR a uniform resource indicator, \fB\s-1DNS\s0\fR (a \s-1DNS\s0 domain name), \fB\s-1RID\s0\fR (a
-registered \s-1ID: OBJECT IDENTIFIER\s0), \fB\s-1IP\s0\fR (an \s-1IP\s0 address), \fBdirName\fR
-(a distinguished name) and otherName.
-.PP
-The email option include a special 'copy' value. This will automatically
-include and email addresses contained in the certificate subject name in
-the extension.
-.PP
-The \s-1IP\s0 address used in the \fB\s-1IP\s0\fR options can be in either IPv4 or IPv6 format.
-.PP
-The value of \fBdirName\fR should point to a section containing the distinguished
-name to use as a set of name value pairs. Multi values AVAs can be formed by
-prefacing the name with a \fB+\fR character.
-.PP
-otherName can include arbitrary data associated with an \s-1OID:\s0 the value
-should be the \s-1OID\s0 followed by a semicolon and the content in standard
-\&\fIASN1_generate_nconf\fR\|(3) format.
-.PP
-Examples:
-.PP
-.Vb 5
-\& subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/
-\& subjectAltName=IP:192.168.7.1
-\& subjectAltName=IP:13::17
-\& subjectAltName=email:my@other.address,RID:1.2.3.4
-\& subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
-\&
-\& subjectAltName=dirName:dir_sect
-\&
-\& [dir_sect]
-\& C=UK
-\& O=My Organization
-\& OU=My Unit
-\& CN=My Name
-.Ve
-.SS "Issuer Alternative Name."
-.IX Subsection "Issuer Alternative Name."
-The issuer alternative name option supports all the literal options of
-subject alternative name. It does \fBnot\fR support the email:copy option because
-that would not make sense. It does support an additional issuer:copy option
-that will copy all the subject alternative name values from the issuer
-certificate (if possible).
-.PP
-Example:
-.PP
-.Vb 1
-\& issuserAltName = issuer:copy
-.Ve
-.SS "Authority Info Access."
-.IX Subsection "Authority Info Access."
-The authority information access extension gives details about how to access
-certain information relating to the \s-1CA.\s0 Its syntax is accessOID;location
-where \fIlocation\fR has the same syntax as subject alternative name (except
-that email:copy is not supported). accessOID can be any valid \s-1OID\s0 but only
-certain values are meaningful, for example \s-1OCSP\s0 and caIssuers.
-.PP
-Example:
-.PP
-.Vb 2
-\& authorityInfoAccess = OCSP;URI:http://ocsp.my.host/
-\& authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
-.Ve
-.SS "\s-1CRL\s0 distribution points."
-.IX Subsection "CRL distribution points."
-This is a multi-valued extension whose options can be either in name:value pair
-using the same form as subject alternative name or a single value representing
-a section name containing all the distribution point fields.
-.PP
-For a name:value pair a new DistributionPoint with the fullName field set to
-the given value both the cRLissuer and reasons fields are omitted in this case.
-.PP
-In the single option case the section indicated contains values for each
-field. In this section:
-.PP
-If the name is \*(L"fullname\*(R" the value field should contain the full name
-of the distribution point in the same format as subject alternative name.
-.PP
-If the name is \*(L"relativename\*(R" then the value field should contain a section
-name whose contents represent a \s-1DN\s0 fragment to be placed in this field.
-.PP
-The name \*(L"CRLIssuer\*(R" if present should contain a value for this field in
-subject alternative name format.
-.PP
-If the name is \*(L"reasons\*(R" the value field should consist of a comma
-separated field containing the reasons. Valid reasons are: \*(L"keyCompromise\*(R",
-\&\*(L"CACompromise\*(R", \*(L"affiliationChanged\*(R", \*(L"superseded\*(R", \*(L"cessationOfOperation\*(R",
-\&\*(L"certificateHold\*(R", \*(L"privilegeWithdrawn\*(R" and \*(L"AACompromise\*(R".
-.PP
-Simple examples:
-.PP
-.Vb 2
-\& crlDistributionPoints=URI:http://myhost.com/myca.crl
-\& crlDistributionPoints=URI:http://my.com/my.crl,URI:http://oth.com/my.crl
-.Ve
-.PP
-Full distribution point example:
-.PP
-.Vb 1
-\& crlDistributionPoints=crldp1_section
-\&
-\& [crldp1_section]
-\&
-\& fullname=URI:http://myhost.com/myca.crl
-\& CRLissuer=dirName:issuer_sect
-\& reasons=keyCompromise, CACompromise
-\&
-\& [issuer_sect]
-\& C=UK
-\& O=Organisation
-\& CN=Some Name
-.Ve
-.SS "Issuing Distribution Point"
-.IX Subsection "Issuing Distribution Point"
-This extension should only appear in CRLs. It is a multi valued extension
-whose syntax is similar to the \*(L"section\*(R" pointed to by the \s-1CRL\s0 distribution
-points extension with a few differences.
-.PP
-The names \*(L"reasons\*(R" and \*(L"CRLissuer\*(R" are not recognized.
-.PP
-The name \*(L"onlysomereasons\*(R" is accepted which sets this field. The value is
-in the same format as the \s-1CRL\s0 distribution point \*(L"reasons\*(R" field.
-.PP
-The names \*(L"onlyuser\*(R", \*(L"onlyCA\*(R", \*(L"onlyAA\*(R" and \*(L"indirectCRL\*(R" are also accepted
-the values should be a boolean value (\s-1TRUE\s0 or \s-1FALSE\s0) to indicate the value of
-the corresponding field.
-.PP
-Example:
-.PP
-.Vb 1
-\& issuingDistributionPoint=critical, @idp_section
-\&
-\& [idp_section]
-\&
-\& fullname=URI:http://myhost.com/myca.crl
-\& indirectCRL=TRUE
-\& onlysomereasons=keyCompromise, CACompromise
-\&
-\& [issuer_sect]
-\& C=UK
-\& O=Organisation
-\& CN=Some Name
-.Ve
-.SS "Certificate Policies."
-.IX Subsection "Certificate Policies."
-This is a \fIraw\fR extension. All the fields of this extension can be set by
-using the appropriate syntax.
-.PP
-If you follow the \s-1PKIX\s0 recommendations and just using one \s-1OID\s0 then you just
-include the value of that \s-1OID.\s0 Multiple OIDs can be set separated by commas,
-for example:
-.PP
-.Vb 1
-\& certificatePolicies= 1.2.4.5, 1.1.3.4
-.Ve
-.PP
-If you wish to include qualifiers then the policy \s-1OID\s0 and qualifiers need to
-be specified in a separate section: this is done by using the \f(CW@section\fR syntax
-instead of a literal \s-1OID\s0 value.
-.PP
-The section referred to must include the policy \s-1OID\s0 using the name
-policyIdentifier, cPSuri qualifiers can be included using the syntax:
-.PP
-.Vb 1
-\& CPS.nnn=value
-.Ve
-.PP
-userNotice qualifiers can be set using the syntax:
-.PP
-.Vb 1
-\& userNotice.nnn=@notice
-.Ve
-.PP
-The value of the userNotice qualifier is specified in the relevant section.
-This section can include explicitText, organization and noticeNumbers
-options. explicitText and organization are text strings, noticeNumbers is a
-comma separated list of numbers. The organization and noticeNumbers options
-(if included) must \s-1BOTH\s0 be present. If you use the userNotice option with \s-1IE5\s0
-then you need the 'ia5org' option at the top level to modify the encoding:
-otherwise it will not be interpreted properly.
-.PP
-Example:
-.PP
-.Vb 1
-\& certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect
-\&
-\& [polsect]
-\&
-\& policyIdentifier = 1.3.5.8
-\& CPS.1="http://my.host.name/"
-\& CPS.2="http://my.your.name/"
-\& userNotice.1=@notice
-\&
-\& [notice]
-\&
-\& explicitText="Explicit Text Here"
-\& organization="Organisation Name"
-\& noticeNumbers=1,2,3,4
-.Ve
-.PP
-The \fBia5org\fR option changes the type of the \fIorganization\fR field. In \s-1RFC2459\s0
-it can only be of type DisplayText. In \s-1RFC3280\s0 IA5Strring is also permissible.
-Some software (for example some versions of \s-1MSIE\s0) may require ia5org.
-.SS "Policy Constraints"
-.IX Subsection "Policy Constraints"
-This is a multi-valued extension which consisting of the names
-\&\fBrequireExplicitPolicy\fR or \fBinhibitPolicyMapping\fR and a non negative intger
-value. At least one component must be present.
-.PP
-Example:
-.PP
-.Vb 1
-\& policyConstraints = requireExplicitPolicy:3
-.Ve
-.SS "Inhibit Any Policy"
-.IX Subsection "Inhibit Any Policy"
-This is a string extension whose value must be a non negative integer.
-.PP
-Example:
-.PP
-.Vb 1
-\& inhibitAnyPolicy = 2
-.Ve
-.SS "Name Constraints"
-.IX Subsection "Name Constraints"
-The name constraints extension is a multi-valued extension. The name should
-begin with the word \fBpermitted\fR or \fBexcluded\fR followed by a \fB;\fR. The rest of
-the name and the value follows the syntax of subjectAltName except email:copy
-is not supported and the \fB\s-1IP\s0\fR form should consist of an \s-1IP\s0 addresses and
-subnet mask separated by a \fB/\fR.
-.PP
-Examples:
-.PP
-.Vb 1
-\& nameConstraints=permitted;IP:192.168.0.0/255.255.0.0
-\&
-\& nameConstraints=permitted;email:.somedomain.com
-\&
-\& nameConstraints=excluded;email:.com
-.Ve
-.SS "\s-1OCSP\s0 No Check"
-.IX Subsection "OCSP No Check"
-The \s-1OCSP\s0 No Check extension is a string extension but its value is ignored.
-.PP
-Example:
-.PP
-.Vb 1
-\& noCheck = ignored
-.Ve
-.SH "DEPRECATED EXTENSIONS"
-.IX Header "DEPRECATED EXTENSIONS"
-The following extensions are non standard, Netscape specific and largely
-obsolete. Their use in new applications is discouraged.
-.SS "Netscape String extensions."
-.IX Subsection "Netscape String extensions."
-Netscape Comment (\fBnsComment\fR) is a string extension containing a comment
-which will be displayed when the certificate is viewed in some browsers.
-.PP
-Example:
-.PP
-.Vb 1
-\& nsComment = "Some Random Comment"
-.Ve
-.PP
-Other supported extensions in this category are: \fBnsBaseUrl\fR,
-\&\fBnsRevocationUrl\fR, \fBnsCaRevocationUrl\fR, \fBnsRenewalUrl\fR, \fBnsCaPolicyUrl\fR
-and \fBnsSslServerName\fR.
-.SS "Netscape Certificate Type"
-.IX Subsection "Netscape Certificate Type"
-This is a multi-valued extensions which consists of a list of flags to be
-included. It was used to indicate the purposes for which a certificate could
-be used. The basicConstraints, keyUsage and extended key usage extensions are
-now used instead.
-.PP
-Acceptable values for nsCertType are: \fBclient\fR, \fBserver\fR, \fBemail\fR,
-\&\fBobjsign\fR, \fBreserved\fR, \fBsslCA\fR, \fBemailCA\fR, \fBobjCA\fR.
-.SH "ARBITRARY EXTENSIONS"
-.IX Header "ARBITRARY EXTENSIONS"
-If an extension is not supported by the OpenSSL code then it must be encoded
-using the arbitrary extension format. It is also possible to use the arbitrary
-format for supported extensions. Extreme care should be taken to ensure that
-the data is formatted correctly for the given extension type.
-.PP
-There are two ways to encode arbitrary extensions.
-.PP
-The first way is to use the word \s-1ASN1\s0 followed by the extension content
-using the same syntax as \fIASN1_generate_nconf\fR\|(3).
-For example:
-.PP
-.Vb 1
-\& 1.2.3.4=critical,ASN1:UTF8String:Some random data
-\&
-\& 1.2.3.4=ASN1:SEQUENCE:seq_sect
-\&
-\& [seq_sect]
-\&
-\& field1 = UTF8:field1
-\& field2 = UTF8:field2
-.Ve
-.PP
-It is also possible to use the word \s-1DER\s0 to include the raw encoded data in any
-extension.
-.PP
-.Vb 2
-\& 1.2.3.4=critical,DER:01:02:03:04
-\& 1.2.3.4=DER:01020304
-.Ve
-.PP
-The value following \s-1DER\s0 is a hex dump of the \s-1DER\s0 encoding of the extension
-Any extension can be placed in this form to override the default behaviour.
-For example:
-.PP
-.Vb 1
-\& basicConstraints=critical,DER:00:01:02:03
-.Ve
-.SH "WARNING"
-.IX Header "WARNING"
-There is no guarantee that a specific implementation will process a given
-extension. It may therefore be sometimes possible to use certificates for
-purposes prohibited by their extensions because a specific application does
-not recognize or honour the values of the relevant extensions.
-.PP
-The \s-1DER\s0 and \s-1ASN1\s0 options should be used with caution. It is possible to create
-totally invalid extensions if they are not used carefully.
-.SH "NOTES"
-.IX Header "NOTES"
-If an extension is multi-value and a field value must contain a comma the long
-form must be used otherwise the comma would be misinterpreted as a field
-separator. For example:
-.PP
-.Vb 1
-\& subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar
-.Ve
-.PP
-will produce an error but the equivalent form:
-.PP
-.Vb 1
-\& subjectAltName=@subject_alt_section
-\&
-\& [subject_alt_section]
-\& subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar
-.Ve
-.PP
-is valid.
-.PP
-Due to the behaviour of the OpenSSL \fBconf\fR library the same field name
-can only occur once in a section. This means that:
-.PP
-.Vb 1
-\& subjectAltName=@alt_section
-\&
-\& [alt_section]
-\&
-\& email=steve@here
-\& email=steve@there
-.Ve
-.PP
-will only recognize the last value. This can be worked around by using the form:
-.PP
-.Vb 1
-\& [alt_section]
-\&
-\& email.1=steve@here
-\& email.2=steve@there
-.Ve
-.SH "HISTORY"
-.IX Header "HISTORY"
-The X509v3 extension code was first added to OpenSSL 0.9.2.
-.PP
-Policy mappings, inhibit any policy and name constraints support was added in
-OpenSSL 0.9.8
-.PP
-The \fBdirectoryName\fR and \fBotherName\fR option as well as the \fB\s-1ASN1\s0\fR option
-for arbitrary extensions was added in OpenSSL 0.9.8
-.SH "SEE ALSO"
-.IX Header "SEE ALSO"
-\&\fIreq\fR\|(1), \fIca\fR\|(1), \fIx509\fR\|(1),
-\&\fIASN1_generate_nconf\fR\|(3)