openssl-dgst.pod.in - OpenGrok cross reference for /freebsd-src/crypto/openssl/doc/man1/openssl-dgst.pod.in

Lines Matching +full:ecc +full:- +full:engine
2 {- OpenSSL::safe::output_do_not_edit_headers(); -}
6 openssl-dgst - perform digest operations
11 [B<-I<digest>>]
12 [B<-list>]
13 [B<-help>]
14 [B<-c>]
15 [B<-d>]
16 [B<-debug>]
17 [B<-hex>]
18 [B<-binary>]
19 [B<-xoflen> I<length>]
20 [B<-r>]
21 [B<-out> I<filename>]
22 [B<-sign> I<filename>|I<uri>]
23 [B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>]
24 [B<-passin> I<arg>]
25 [B<-verify> I<filename>]
26 [B<-prverify> I<filename>]
27 [B<-signature> I<filename>]
28 [B<-sigopt> I<nm>:I<v>]
29 [B<-hmac> I<key>]
30 [B<-mac> I<alg>]
31 [B<-macopt> I<nm>:I<v>]
32 [B<-fips-fingerprint>]
33 {- $OpenSSL::safe::opt_engine_synopsis -}{- output_off() if $disabled{"deprecated-3.0"}; ""
34 -}[B<-engine_impl> I<id>]{-
35   output_on() if $disabled{"deprecated-3.0"}; "" -}
36 {- $OpenSSL::safe::opt_r_synopsis -}
37 {- $OpenSSL::safe::opt_provider_synopsis -}
49 A supported I<digest> name may also be used as the sub-command name.
50 To see the list of supported algorithms, use C<openssl list -digest-algorithms>
56 =item B<-help>
60 =item B<-I<digest>>
62 Specifies name of a supported digest to be used. See option B<-list> below :
64 =item B<-list>
68 =item B<-c>
71 the B<-hex> option is given as well.
73 =item B<-d>, B<-debug>
77 =item B<-hex>
81 signatures using B<-hex>.
83 =item B<-binary>
87 =item B<-xoflen> I<length>
104 =item B<-r>
111 =item B<-out> I<filename>
115 =item B<-sign> I<filename>|I<uri>
118 does not support Ed25519 or Ed448 private keys. Use the L<openssl-pkeyutl(1)>
121 =item B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>
124 See L<openssl-format-options(1)> for details.
126 =item B<-sigopt> I<nm>:I<v>
129 Names and values of these options are algorithm-specific.
131 =item B<-passin> I<arg>
134 see L<openssl-passphrase-options(1)>.
136 =item B<-verify> I<filename>
141 =item B<-prverify> I<filename>
145 =item B<-signature> I<filename>
149 =item B<-hmac> I<key>
153 The L<openssl-mac(1)> command should be preferred to using this command line
156 =item B<-mac> I<alg>
159 algorithm is HMAC (hash-based MAC), but there are other MAC algorithms
160 which are not based on hash, for instance B<gost-mac> algorithm,
161 supported by the B<gost> engine. MAC keys and other options should be set
162 via B<-macopt> parameter.
164 The L<openssl-mac(1)> command should be preferred to using this command line
167 =item B<-macopt> I<nm>:I<v>
169 Passes options to MAC algorithm, specified by B<-mac> key.
170 Following options are supported by both by B<HMAC> and B<gost-mac>:
178 the MAC algorithm for example exactly 32 chars for gost-mac.
184 for example exactly 32 chars for gost-mac.
188 The L<openssl-mac(1)> command should be preferred to using this command line
191 =item B<-fips-fingerprint>
193 Compute HMAC using a specific key for certain OpenSSL-FIPS operations.
195 {- $OpenSSL::safe::opt_r_item -}
197 {- $OpenSSL::safe::opt_engine_item -}
198 {- output_off() if $disabled{"deprecated-3.0"}; "" -}
199 The engine is not used for digests unless the B<-engine_impl> option is
200 used or it is configured to do so, see L<config(5)/Engine Configuration Module>.
202 =item B<-engine_impl> I<id>
204 When used with the B<-engine> option, it specifies to also use
205 engine I<id> for digest operations.
207 {- output_on() if $disabled{"deprecated-3.0"}; "" -}
208 {- $OpenSSL::safe::opt_provider_item -}
220 To create a hex-encoded message digest of a file:
222  openssl dgst -md5 -hex file.txt
226 To sign a file using SHA-256 with binary file output:
228  openssl dgst -sha256 -sign privatekey.pem -out signature.sign file.txt
230  openssl sha256 -sign privatekey.pem -out signature.sign file.txt
234  openssl dgst -sha256 -verify publickey.pem \
235  -signature signature.sign \
243 The C<openssl list -digest-algorithms> command can be used to list them.
245 New or agile applications should use probably use SHA-256. Other digests,
246 particularly SHA-1 and MD5, are still widely used for interoperating
250 (RSA, ECC, etc) to use for signing based on the private key's ASN.1 info.
261 Hex signatures cannot be verified using B<openssl>.  Instead, use "xxd -r"
265 The L<openssl-mac(1)> command is preferred over the B<-hmac>, B<-mac> and
266 B<-macopt> command line options.
270 L<openssl-mac(1)>
275 The FIPS-related options were removed in OpenSSL 1.1.0.
277 The B<-engine> and B<-engine_impl> options were deprecated in OpenSSL 3.0.
281 Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.