diff options
| author | Karen Arutyunov <karen@codesynthesis.com> | 2021-11-17 21:35:23 +0300 |
|---|---|---|
| committer | Karen Arutyunov <karen@codesynthesis.com> | 2021-11-19 12:31:03 +0300 |
| commit | 31549ac997a12bdb70b76cae8b46d4c729bb1243 (patch) | |
| tree | a07454664d4584145d8eeb438803222c4589debf | |
| parent | 3c5665c690064e91b912fe2df01735c78e3d47be (diff) | |
Rename rsautl command to pkeyutl
Note that the rsautl command name is still accepted for backward compatibility.
| -rw-r--r-- | openssl/client/client.cxx | 2 | ||||
| -rw-r--r-- | openssl/client/options.cli | 13 | ||||
| -rw-r--r-- | tests/client.testscript | 2 |
3 files changed, 10 insertions, 7 deletions
diff --git a/openssl/client/client.cxx b/openssl/client/client.cxx index 2e76f31..72ee18f 100644 --- a/openssl/client/client.cxx +++ b/openssl/client/client.cxx @@ -59,7 +59,7 @@ namespace openssl return p.wait () ? 0 : 1; } - if (cmd != "rsautl") + if (cmd != "pkeyutl" && cmd != "rsautl") fail << "openssl-client command expected" << info << "run '" << argv[0] << " --help' for more information"; diff --git a/openssl/client/options.cli b/openssl/client/options.cli index b1d3416..c1f991b 100644 --- a/openssl/client/options.cli +++ b/openssl/client/options.cli @@ -19,27 +19,30 @@ namespace openssl \c{\b{openssl-client --help}\n \b{openssl-client --version}\n - \b{openssl-client} rsautl [<options>]} + \b{openssl-client} pkeyutl [<options>]} \h|DESCRIPTION| - The \cb{rsautl} command is a drop-in replacement for the - \cb{openssl-rsautl(1)} cryptographic operations. Instead of performing + The \cb{pkeyutl} command is a drop-in replacement for the + \cb{openssl-pkeyutl(1)} cryptographic operations. Instead of performing the operations itself, it forwards the request to an OpenSSL key agent that keeps the private key unlocked for the session. Currently, data signing with a private key stored in a \cb{PKCS#11} token is the only supported arrangement. This limits the - \cb{openssl-rsautl(1)} options and values to the following usage: + \cb{openssl-pkeyutl(1)} options and values to the following usage: \ - $ openssl-client rsautl -sign -keyform engine -engine pkcs11 -inkey pkcs11:... + $ openssl-client pkeyutl -sign -keyform engine -engine pkcs11 -inkey pkcs11:... \ This command reads data from \cb{stdin}, asks \cb{openssl-agent-pkcs11(1)} to sign it using the specified unlocked private key, and prints the resulting signature to \cb{stdout}. + Note that the \cb{rsautl} command is also accepted for backwards + compatibility. + The command can be simulated without actually performing any cryptographic operations. If the \cb{--simulate} option is specified with the \cb{success} outcome, then the command prints a dummy signature diff --git a/tests/client.testscript b/tests/client.testscript index c64e6ed..bd2e865 100644 --- a/tests/client.testscript +++ b/tests/client.testscript @@ -1,7 +1,7 @@ # file : tests/client.testscript # license : MIT; see accompanying LICENSE file -test.arguments += rsautl -sign -keyform engine -engine pkcs11 +test.arguments += pkeyutl -sign -keyform engine -engine pkcs11 : args : |