security/nss/doc/html/cmsutil.html
author kaie%kuix.de
Sat, 16 Feb 2013 14:24:35 +0000
changeset 10634 51105e9c8c6692de32819bd3c575e7abedf379dc
permissions -rw-r--r--
Bug 841883 - manpages+html for tools: fix dependency tracking, integrate into build system

<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>CMSUTIL</title><meta name="generator" content="DocBook XSL Stylesheets V1.77.1"><link rel="home" href="index.html" title="CMSUTIL"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">CMSUTIL</th></tr></table><hr></div><div class="refentry"><a name="cmsutil"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>cmsutil — Performs basic cryptograpic operations, such as encryption and decryption, on Cryptographic Message Syntax (CMS) messages.</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">cmsutil</code>  [<em class="replaceable"><code>options</code></em>] [[<em class="replaceable"><code>arguments</code></em>]]</p></div></div><div class="refsection"><a name="idp187936"></a><h2>STATUS</h2><p>This documentation is still work in progress. Please contribute to the initial review in <a class="ulink" href="https://bugzilla.mozilla.org/show_bug.cgi?id=836477" target="_top">Mozilla NSS bug 836477</a>
    </p></div><div class="refsection"><a name="description"></a><h2>Description</h2><p>The <span class="command"><strong>cmsutil</strong></span> command-line uses the S/MIME Toolkit to perform basic operations, such as encryption and decryption, on Cryptographic Message Syntax (CMS) messages.
	</p><p>
To run cmsutil, type the command cmsutil option [arguments] where option and arguments are combinations of the options and arguments listed in the following section. 
Each command takes one option. Each option may take zero or more arguments. 
To see a usage string, issue the command without options. 
	</p></div><div class="refsection"><a name="options"></a><h2>Options and Arguments</h2><p>
	</p><p><span class="command"><strong>Options</strong></span></p><p>
Options specify an action. Option arguments modify an action. 
The options and arguments for the cmsutil command are defined as follows:
    </p><div class="variablelist"><dl class="variablelist"><dt><span class="term">-D </span></dt><dd><p>Decode a message.</p></dd><dt><span class="term">-C</span></dt><dd><p>Encrypt a message.</p></dd><dt><span class="term">-E </span></dt><dd><p>Envelope a message.</p></dd><dt><span class="term">-O </span></dt><dd><p>Create a certificates-only message.</p></dd><dt><span class="term">-S </span></dt><dd><p>Sign a message.</p></dd></dl></div><p><span class="command"><strong>Arguments</strong></span></p><p>Option arguments modify an action and are lowercase.</p><div class="variablelist"><dl class="variablelist"><dt><span class="term">-c content </span></dt><dd><p>Use this detached content (decode only).</p></dd><dt><span class="term">-d dbdir</span></dt><dd><p>Specify the key/certificate database directory (default is ".")</p></dd><dt><span class="term">-e envfile</span></dt><dd><p>Specify a file containing an enveloped message for a set of recipients to which you would like to send an encrypted message. If this is the first encrypted message for that set of recipients, a new enveloped message will be created that you can then use for future messages (encrypt only).</p></dd><dt><span class="term">-G</span></dt><dd><p>Include a signing time attribute (sign only).</p></dd><dt><span class="term">-h num</span></dt><dd><p>Generate email headers with info about CMS message (decode only).</p></dd><dt><span class="term">-i infile</span></dt><dd><p>Use infile as a source of data (default is stdin).</p></dd><dt><span class="term">-N nickname</span></dt><dd><p>Specify nickname of certificate to sign with (sign only).</p></dd><dt><span class="term">-n </span></dt><dd><p>Suppress output of contents (decode only).</p></dd><dt><span class="term">-o outfile</span></dt><dd><p>Use outfile as a destination of data (default is stdout).</p></dd><dt><span class="term">-P</span></dt><dd><p>Include an S/MIME capabilities attribute.</p></dd><dt><span class="term">-p password</span></dt><dd><p>Use password as key database password.</p></dd><dt><span class="term">-r recipient1,recipient2, ...</span></dt><dd><p>
Specify list of recipients (email addresses) for an encrypted or enveloped message. 
For certificates-only message, list of certificates to send.
          </p></dd><dt><span class="term">-T</span></dt><dd><p>Suppress content in CMS message (sign only).</p></dd><dt><span class="term">-u certusage</span></dt><dd><p>Set type of cert usage (default is certUsageEmailSigner).</p></dd><dt><span class="term">-Y ekprefnick</span></dt><dd><p>Specify an encryption key preference by nickname.</p></dd></dl></div></div><div class="refsection"><a name="usage"></a><h2>Usage</h2><p>Encrypt Example</p><pre class="programlisting">
cmsutil -C [-i infile] [-o outfile] [-d dbdir] [-p password] -r "recipient1,recipient2, . . ." -e envfile
      </pre><p>Decode Example</p><pre class="programlisting">
cmsutil -D [-i infile] [-o outfile] [-d dbdir] [-p password] [-c content] [-n] [-h num]
      </pre><p>Envelope Example</p><pre class="programlisting">
cmsutil -E [-i infile] [-o outfile] [-d dbdir] [-p password] -r "recipient1,recipient2, ..."
      </pre><p>Certificate-only Example</p><pre class="programlisting">
cmsutil -O [-i infile] [-o outfile] [-d dbdir] [-p password] -r "cert1,cert2, . . ."
      </pre><p>Sign Message Example</p><pre class="programlisting">
cmsutil -S [-i infile] [-o outfile] [-d dbdir] [-p password] -N nickname[-TGP] [-Y ekprefnick]
      </pre></div><div class="refsection"><a name="idp95504"></a><h2>See also</h2><p>certutil(1)</p></div><div class="refsection"><a name="seealso"></a><h2>See Also</h2><p></p><p>
	</p><p>
	</p><p>
	</p></div><div class="refsection"><a name="resources"></a><h2>Additional Resources</h2><p>For information about NSS and other tools related to NSS (like JSS), check out the NSS project wiki at <a class="ulink" href="http://www.mozilla.org/projects/security/pki/nss/" target="_top">http://www.mozilla.org/projects/security/pki/nss/</a>. The NSS site relates directly to NSS code changes and releases.</p><p>Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto</p><p>IRC: Freenode at #dogtag-pki</p></div><div class="refsection"><a name="authors"></a><h2>Authors</h2><p>The NSS tools were written and maintained by developers with Netscape, Red Hat, and Sun.</p><p>
	Authors: Elio Maldonado &lt;emaldona@redhat.com&gt;, Deon Lackey &lt;dlackey@redhat.com&gt;.
    </p></div><div class="refsection"><a name="license"></a><h2>LICENSE</h2><p>Licensed under the Mozilla Public License, version 1.1,
        and/or the GNU General Public License, version 2 or later,
        and/or the GNU Lesser General Public License, version 2.1 or later.
    </p></div></div><div class="navfooter"><hr></div></body></html>