︙ | | | ︙ | |
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
<dd><b>tls::digests</b> <em>?name?</em></dd>
<dd><b>tls::kdfs</b></dd>
<dd><b>tls::macs</b></dd>
<dd><b>tls::protocols</b></dd>
<dd><b>tls::version</b></dd>
<dt> </dt>
<dd><b>tls::cmac</b> <b>-cipher</b> <em>name</em> <b>-key</b> <em>key ?options?</em></dd>
<dd><b>tls::hmac</b> <b>-digest</b> <em>name</em> <b>-key</b> <em>key ?options?</em></dd>
<dd><b>tls::md</b> <b>-digest</b> <em>name ?options?</em></dd>
<dd><b>tls::md4</b> <em>data</em></dd>
<dd><b>tls::md5</b> <em>data</em></dd>
<dd><b>tls::sha1</b> <em>data</em></dd>
<dd><b>tls::sha256</b> <em>data</em></dd>
<dd><b>tls::sha512</b> <em>data</em></dd>
<dd><b>tls::unstack</b> <em>channelId</em></dd>
<dt> </dt>
<dd><b>tls::encrypt</b> <b>-cipher</b> <em>name</em> <b>-key</b> <em>key ?options?</em></dd>
<dd><b>tls::decrypt</b> <b>-cipher</b> <em>name</em> <b>-key</b> <em>key ?options?</em></dd>
<dt> </dt>
<dd><b>tls::hkdf -digest</b> <em>digest</em> <b>-key</b> <em>key ?options?</em></dd>
<dd><b>tls::pbkdf2 -size</b> <em>length</em> <b>-digest</b> <em>digest ?options?</em></dd>
<dd><b>tls::scrypt -password</b> <em>string</em> <b>-salt</b> <em>string ?options?</em></dd>
<dt> </dt>
<dd><b>tls::random</b> <em>?</em><b>-private</b><em>? length</em></dd>
</dl>
</dd>
<dd><a href="#OPTIONS">OPTIONS</a></dd>
<dd><a href="#COMMANDS">COMMANDS</a></dd>
<dd><a href="#GLOSSARY">GLOSSARY</a> </dd>
<dd><a href="#EXAMPLES">EXAMPLES</a></dd>
<dd><a href="#SPECIAL">SPECIAL CONSIDERATIONS</a></dd>
|
>
>
>
>
|
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
<dd><b>tls::digests</b> <em>?name?</em></dd>
<dd><b>tls::kdfs</b></dd>
<dd><b>tls::macs</b></dd>
<dd><b>tls::protocols</b></dd>
<dd><b>tls::version</b></dd>
<dt> </dt>
<dd><b>tls::cmac</b> <b>-cipher</b> <em>name</em> <b>-key</b> <em>key ?options?</em></dd>
<dd><b>tls::digest</b> <b>-digest</b> <em>name ?options?</em></dd>
<dd><b>tls::hash</b> <b>-digest</b> <em>name ?options?</em></dd>
<dd><b>tls::hmac</b> <b>-digest</b> <em>name</em> <b>-key</b> <em>key ?options?</em></dd>
<dd><b>tls::md</b> <b>-digest</b> <em>name ?options?</em></dd>
<dd><b>tls::md4</b> <em>data</em></dd>
<dd><b>tls::md5</b> <em>data</em></dd>
<dd><b>tls::sha1</b> <em>data</em></dd>
<dd><b>tls::sha256</b> <em>data</em></dd>
<dd><b>tls::sha512</b> <em>data</em></dd>
<dd><b>tls::unstack</b> <em>channelId</em></dd>
<dt> </dt>
<dd><b>tls::encrypt</b> <b>-cipher</b> <em>name</em> <b>-key</b> <em>key ?options?</em></dd>
<dd><b>tls::decrypt</b> <b>-cipher</b> <em>name</em> <b>-key</b> <em>key ?options?</em></dd>
<dt> </dt>
<dd><b>tls::hkdf -digest</b> <em>digest</em> <b>-key</b> <em>key ?options?</em></dd>
<dd><b>tls::pbkdf2 -size</b> <em>length</em> <b>-digest</b> <em>digest ?options?</em></dd>
<dd><b>tls::scrypt -password</b> <em>string</em> <b>-salt</b> <em>string ?options?</em></dd>
<dt> </dt>
<dd><b>tls::random</b> <em>?</em><b>-private</b><em>? length</em></dd>
<dt> </dt>
<dd><b>tls::provider</b> <em>name</em></dd>
</dl>
</dd>
<dd><a href="#OPTIONS">OPTIONS</a></dd>
<dd><a href="#COMMANDS">COMMANDS</a></dd>
<dd><a href="#GLOSSARY">GLOSSARY</a> </dd>
<dd><a href="#EXAMPLES">EXAMPLES</a></dd>
<dd><a href="#SPECIAL">SPECIAL CONSIDERATIONS</a></dd>
|
︙ | | | ︙ | |
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
<a href="#tls::digests"><b>tls::digests</b> <i>?name?</i></a><br>
<a href="#tls::kdfs"><b>tls::kdfs</b></a><br>
<a href="#tls::macs"><b>tls::macs</b></a><br>
<a href="#tls::protocols"><b>tls::protocols</b></a><br>
<a href="#tls::version"><b>tls::version</b></a><br>
<br>
<a href="#tls::cmac"><b>tls::cmac</b> <b>-cipher</b> <i>name</i> <b>-key</b> <i>key ?options?</i></a><br>
<a href="#tls::hmac"><b>tls::hmac</b> <b>-digest</b> <i>name</i> <b>-key</b> <i>key ?options?</i></a><br>
<a href="#tls::md"><b>tls::md</b> <b>-digest</b> <i>name ?options?</i></a><br>
<a href="#tls::md4"><b>tls::md4</b> <i>data</i></a><br>
<a href="#tls::md5"><b>tls::md5</b> <i>data</i></a><br>
<a href="#tls::sha1"><b>tls::sha1</b> <i>data</i></a><br>
<a href="#tls::sha256"><b>tls::sha256</b> <i>data</i></a><br>
<a href="#tls::sha512"><b>tls::sha512</b> <i>data</i></a><br>
<a href="#tls::unstack"><b>tls::unstack</b> <i>channelId</i></a><br>
<br>
<a href="#tls::encrypt"><b>tls::encrypt</b> <b>-cipher</b> <i>name</i> <b>-key</b> <i>key ?options?</i></a><br>
<a href="#tls::decrypt"><b>tls::decrypt</b> <b>-cipher</b> <i>name</i> <b>-key</b> <i>key ?options?</i></a><br>
<br>
<a href="#tls::hkdf"><b>tls::hkdf -digest</b> <i>digest</i> <b>-key</b> <i>key ?options?</i></a><br>
<a href="#tls::pbkdf2"><b>tls::pbkdf2 -size</b> <i>length</i> <b>-digest</b> <i>digest ?options?</i></a><br>
<a href="#tls::scrypt"><b>tls::scrypt -password</b> <i>string</i> <b>-salt</b> <i>string ?options?</i></a><br>
<br>
<a href="#tls::random"><b>tls::random</b> <i>?</i><b>-private</b><i>? length</i></a><br>
</p>
<br>
<h3><a name="OPTIONS">OPTIONS</a></h3>
<p>The following options are used by the cryptography commands.</p>
|
>
>
>
>
|
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
<a href="#tls::digests"><b>tls::digests</b> <i>?name?</i></a><br>
<a href="#tls::kdfs"><b>tls::kdfs</b></a><br>
<a href="#tls::macs"><b>tls::macs</b></a><br>
<a href="#tls::protocols"><b>tls::protocols</b></a><br>
<a href="#tls::version"><b>tls::version</b></a><br>
<br>
<a href="#tls::cmac"><b>tls::cmac</b> <b>-cipher</b> <i>name</i> <b>-key</b> <i>key ?options?</i></a><br>
<a href="#tls::digest"><b>tls::digest</b> <b>-digest</b> <i>name ?options?</i></a><br>
<a href="#tls::hash"><b>tls::hash</b> <b>-digest</b> <i>name ?options?</i></a><br>
<a href="#tls::hmac"><b>tls::hmac</b> <b>-digest</b> <i>name</i> <b>-key</b> <i>key ?options?</i></a><br>
<a href="#tls::md"><b>tls::md</b> <b>-digest</b> <i>name ?options?</i></a><br>
<a href="#tls::md4"><b>tls::md4</b> <i>data</i></a><br>
<a href="#tls::md5"><b>tls::md5</b> <i>data</i></a><br>
<a href="#tls::sha1"><b>tls::sha1</b> <i>data</i></a><br>
<a href="#tls::sha256"><b>tls::sha256</b> <i>data</i></a><br>
<a href="#tls::sha512"><b>tls::sha512</b> <i>data</i></a><br>
<a href="#tls::unstack"><b>tls::unstack</b> <i>channelId</i></a><br>
<br>
<a href="#tls::encrypt"><b>tls::encrypt</b> <b>-cipher</b> <i>name</i> <b>-key</b> <i>key ?options?</i></a><br>
<a href="#tls::decrypt"><b>tls::decrypt</b> <b>-cipher</b> <i>name</i> <b>-key</b> <i>key ?options?</i></a><br>
<br>
<a href="#tls::hkdf"><b>tls::hkdf -digest</b> <i>digest</i> <b>-key</b> <i>key ?options?</i></a><br>
<a href="#tls::pbkdf2"><b>tls::pbkdf2 -size</b> <i>length</i> <b>-digest</b> <i>digest ?options?</i></a><br>
<a href="#tls::scrypt"><b>tls::scrypt -password</b> <i>string</i> <b>-salt</b> <i>string ?options?</i></a><br>
<br>
<a href="#tls::random"><b>tls::random</b> <i>?</i><b>-private</b><i>? length</i></a><br>
<br>
<a href="#tls::provider"><b>tls::provider</b> <i>name</i></a><br>
</p>
<br>
<h3><a name="OPTIONS">OPTIONS</a></h3>
<p>The following options are used by the cryptography commands.</p>
|
︙ | | | ︙ | |
406
407
408
409
410
411
412
413
414
415
416
417
418
419
|
<em>?[</em><b>-chan</b> <em>channelId |</em> <b>-command</b> <em>cmdName |</em>
<b>-file</b> <em>filename | ?</em><b>-data</b><em>? data]</em></a></dt>
<dd>Calculate the Cipher-based Message Authentication Code (CMAC) where
<em>key</em> is a shared key and output the result per the I/O options
in the specified format. MACs are used to ensure authenticity and the
integrity of data. See <a href="#OPTIONS"><b>options</b></a> for usage
info. Option <b>-key</b> is only used for some ciphers.</dd>
<dt><a name="tls::hmac"><strong>tls::hmac</strong>
<em>?</em><b>-digest</b><em>? name</em>
<b>-key</b> <em>key ?</em>
<b>-bin</b>|<b>-hex</b>
<em>?[</em><b>-chan</b> <em>channelId |</em> <b>-command</b> <em>cmdName |</em>
<b>-file</b> <em>filename | ?</em><b>-data</b><em>? data]</em></a></dt>
|
>
>
>
>
>
>
>
>
|
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
|
<em>?[</em><b>-chan</b> <em>channelId |</em> <b>-command</b> <em>cmdName |</em>
<b>-file</b> <em>filename | ?</em><b>-data</b><em>? data]</em></a></dt>
<dd>Calculate the Cipher-based Message Authentication Code (CMAC) where
<em>key</em> is a shared key and output the result per the I/O options
in the specified format. MACs are used to ensure authenticity and the
integrity of data. See <a href="#OPTIONS"><b>options</b></a> for usage
info. Option <b>-key</b> is only used for some ciphers.</dd>
<dt><a name="tls::digest"><strong>tls::digest</strong>
<em>option value ...</em></a></dt>
<dd>Alias for <b>tls::md</b>.</dd>
<dt><a name="tls::hash"><strong>tls::hash</strong>
<em>option value ...</em></a></dt>
<dd>Alias for <b>tls::md</b>.</dd>
<dt><a name="tls::hmac"><strong>tls::hmac</strong>
<em>?</em><b>-digest</b><em>? name</em>
<b>-key</b> <em>key ?</em>
<b>-bin</b>|<b>-hex</b>
<em>?[</em><b>-chan</b> <em>channelId |</em> <b>-command</b> <em>cmdName |</em>
<b>-file</b> <em>filename | ?</em><b>-data</b><em>? data]</em></a></dt>
|
︙ | | | ︙ | |
564
565
566
567
568
569
570
571
572
573
574
575
576
577
|
<em>?</em><b>-private</b><em>? length</em></a></dt>
<dd>Generate <i>length</i> random bytes using a cryptographically secure
pseudo random generator (CSPRNG). OpenSSL uses a security level of 256
bits. Will return an error if a trusted entropy source such as the OS
isn't available. Use <b>-private</b> option if the values are intended
to remain private in case the public PRNG is compromised.</dd>
</dl>
<br>
<h3><a name="GLOSSARY">GLOSSARY</a></h3>
<p>The following is a list of the terminology used in this package along with
brief definitions. For more details, please consult with the OpenSSL documentation.</p>
|
>
>
>
>
>
>
>
>
>
>
>
>
|
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
|
<em>?</em><b>-private</b><em>? length</em></a></dt>
<dd>Generate <i>length</i> random bytes using a cryptographically secure
pseudo random generator (CSPRNG). OpenSSL uses a security level of 256
bits. Will return an error if a trusted entropy source such as the OS
isn't available. Use <b>-private</b> option if the values are intended
to remain private in case the public PRNG is compromised.</dd>
<br>
<h4><a name="PROVIDER">Load Provider</a></h4>
These commands provide access to the OpenSSL providers.
<br>
<br>
<dt><a name="tls::provider"><strong>tls::provider</strong>
<em>name</em></a></dt>
<dd>Load <i>name</i> default provider. Valid provider names are:
<b>default</b>, <b>base</b>, <b>fips</b>, and <b>legacy</b>. Use
<b>legacy</b> to load the legacy provider ciphers, digests, etc.</dd>
</dl>
<br>
<h3><a name="GLOSSARY">GLOSSARY</a></h3>
<p>The following is a list of the terminology used in this package along with
brief definitions. For more details, please consult with the OpenSSL documentation.</p>
|
︙ | | | ︙ | |