gmssl - GmSSL command line tool
gmssl command [ command_opts ] [ command_args ]
gmssl list [ standard-commands | digest-commands | cipher-commands | cipher-algorithms | digest-algorithms | public-key-algorithms]
gmssl no-XXX [ arbitrary options ]
GmSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related cryptography standards required by them.
The gmssl program is a command line tool for using the various cryptography functions of GmSSL's crypto library from the shell. It can be used for
GmSSL是实现安全套接字层(SSL v2 / v3)和传输层安全(TLS v1)网络协议 及其所需的相关加密标准的加密工具包。
o Creation and management of private keys, public keys and parameters
o Public key cryptographic operations
o Creation of X.509 certificates, CSRs and CRLs
o Calculation of Message Digests
o Encryption and Decryption with Ciphers
o SSL/TLS Client and Server Tests
o Handling of S/MIME signed or encrypted mail
o Time Stamp requests, generation and verification创建并管理公钥,私钥和参数。
公钥加密操作。
x509,CSR和CRL的创建
计算消息摘要。
密码加密解密
SSC/TLS客户端服务器的测试
处理S / MIME签名或加密的邮件
时间戳请求,生成和验证
The gmssl program provides a rich variety of commands (command in the SYNOPSIS above), each of which often has a wealth of options and arguments (command_opts and command_args in the SYNOPSIS).
The list parameters standard-commands, digest-commands, and cipher-commands output a list (one entry per line) of the names of all standard commands, message digest commands, or cipher commands, respectively, that are available in the present gmssl utility.
The list parameters cipher-algorithms and digest-algorithms list all cipher and message digest names, one entry per line. Aliases are listed as:
from => toThe list parameter public-key-algorithms lists all supported public key algorithms.
The command no-XXX tests whether a command of the specified name is available. If no command named XXX exists, it returns 0 (success) and prints no-XXX; otherwise it returns 1 and prints XXX. In both cases, the output goes to stdout and nothing is printed to stderr. Additional command line arguments are always ignored. Since for each cipher there is a command of the same name, this provides an easy way for shell scripts to test for the availability of ciphers in the gmssl program. (no-XXX is not able to detect pseudo-commands such as quit, list, or no-XXX itself.)
gmssl程序提供丰富多样的命令(上面的概要中的命令),每个命令通常具有 丰富的选项和参数(概要中的command_opts和command_args)。
列表参数standard-commands,digest-commands和cipher-commands分别输出 目前gmssl实用程序中可用的所有标准命令,消息摘要命令或密码命令的列表 (每行一个条目)。
列表参数密码算法和摘要算法列出所有密码和消息摘要名称,每行一个条目。
列表参数public-key-algorithms列出了所有支持的公钥算法。
命令no-XXX测试指定名称的命令是否可用。 如果没有命名为XXX的命令, 则返回0(成功),并打印no-XXX; 否则返回1并打印XXX。 在这两种情况下, 输出到stdout,没有什么打印到stderr。 其他命令行参数始终被忽略。 因为每个密码都有一个相同名称的命令,这为shell脚本提供了一个简 单的方法来测试gmssl程序中密码的可用性。 (否 - XXX无法检测到伪命令 ,如quit,list或no-XXX本身。)
Diffie-Hellman Parameter Management. Obsoleted by genpkey and genpkey and gendh
Generation of Diffie-Hellman Parameters. Obsoleted by genpkey and genpkey. RSA私钥的生成
用于签名,验证,加密和解密的RSA实用程序。 取而代之的是pkeyutl
SM3 Digest
SM3摘要
MD5 Digest
MD5摘要
MDC2 Digest
MDC2摘要
RMD-160 Digest
RMD-160摘要
SHA Digest
SHA摘要
SHA-1 Digest
SHA-1摘要
SHA-224 Digest
SHA-224摘要
SHA-256 Digest
SHA-256摘要
SHA-384 Digest
SHA-384摘要
SHA-512 Digest
SHA-512摘要
Base64 Encoding
Base64 编码
SMS4 Cipher
SMS4密码
CAST Cipher
CAST密码
CAST5 Cipher
CAST5密码
DES Cipher
DES密码
Triple-DES Cipher
三重DES密码
IDEA Cipher
IDEA密码
RC2 Cipher
RC2密码
RC4 Cipher
RC4密码
RC5 Cipher
RC5密码
Details of which options are available depend on the specific command. This section describes some common options with common behavior.
哪些选项可用的详细信息取决于具体的命令。 本节介绍一些常见的常见选项。
Provides a terse summary of all options.
输出所有选项的摘要
Several commands accept password arguments, typically using -passin and -passout for input and output passwords respectively. These allow the password to be obtained from a variety of sources. Both of these options take a single argument whose format is described below. If no password argument is given and a password is required then the user is prompted to enter one: this will typically be read from the current terminal with echoing turned off.
几个命令接受密码参数,通常分别使用-passin和-passout来输入和输出密码。 这些允许从各种来源获取密码。 这两个选项都有一个参数,其格式如下所述。 如果没有提供密码参数并且需要密码,则会提示用户输入密码:通常将从当前终端读取,并且回显关闭。
the actual password is password. Since the password is visible to utilities (like 'ps' under Unix) this form should only be used where security is not important.
实际的密码是password。 由于密码对于实用程序是可见的(例如Unix下的“ps”) ,因此只能在安全性不重要的地方使用此表单。
obtain the password from the environment variable var. Since the environment of other processes is visible on certain platforms (e.g. ps under certain Unix OSes) this option should be used with caution.
从环境变量var获取密码。 由于其他进程的环境在某些平台上可见(例如某些Unix操作系统下的ps),因此谨慎使用此选项。
the first line of pathname is the password. If the same pathname argument is supplied to -passin and -passout arguments then the first line will be used for the input password and the next line for the output password. pathname need not refer to a regular file: it could for example refer to a device or named pipe.
路径名的第一行是密码。 如果相同的pathname参数提供给-passin和-passout参数, 则第一行将用于输入密码,输出密码的下一行将被使用。 路径名不需要引用常规文件: 例如可以参考设备或命名管道。
read the password from the file descriptor number. This can be used to send the data via a pipe for example.
从文件描述符编号读取密码。比方说这可以用于通过管道发送数据。
read the password from standard input.
从标准输入读取密码。
ca(1), crl(1), dgst(1), dsa(1), enc(1), gendsa(1), genrsa(1), gmssl(1), pkcs12(1), pkcs8(1), req(1), rsautl(1), s_server(1), smime(1), verify(1), x509(1), ssl(7), HISTORY
The list-XXX-algorithms pseudo-commands were added in GmSSL 1.0.0; For notes on the availability of other commands, see their individual manual pages. Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. Licensed under the GmSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.COPYRIGHT