abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-07 17:06:25 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
cb3d98379ba9c8f23eafc8741987b4bc03dbc752
GmSSL/doc/apps/pkey.pod
Liu Shaotong 480b9e8d88 translation
2017-07-19 15:39:07 +08:00

196 lines
5.6 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
=pod
=encoding utf8
=head1 NAME
pkey - public or private key processing tool
=head1 SYNOPSIS
B<gmssl> B<pkey>
[B<-help>]
[B<-inform PEM|DER>]
[B<-outform PEM|DER>]
[B<-in filename>]
[B<-passin arg>]
[B<-out filename>]
[B<-passout arg>]
[B<-traditional>]
[B<-cipher>]
[B<-text>]
[B<-text_pub>]
[B<-noout>]
[B<-pubin>]
[B<-pubout>]
[B<-engine id>]
=head1 DESCRIPTION
The B<pkey> command processes public or private keys. They can be converted
between various forms and their components printed out.
pkey指令处理公钥或者私钥。
它们可以在各种形式之间进行转换,并将其组件打印出来。
=head1 OPTIONS
=over 4
=item B<-help>
Print out a usage message.
打印使用信息。
=item B<-inform DER|PEM>
This specifies the input format DER or PEM.
该选项指出了输入格式是DER还是PEM。
=item B<-outform DER|PEM>
This specifies the output format, the options have the same meaning as the
B<-inform> option.
该选项指出了输出格式,与-inform意义相同。
=item B<-in filename>
This specifies the input filename to read a key from or standard input if this
option is not specified. If the key is encrypted a pass phrase will be
prompted for.
如果该选项没有被指定,则指定从密钥中读取输入文件名或者标准输入。
如果密钥被加密,将提示输入密码。
=item B<-passin arg>
the input file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<gmssl(1)>.
输入文件的密码来源。有关arg格式的更多信息请参阅gmssl1中的PASS PHRASE ARGUMENTS部分。
=item B<-out filename>
This specifies the output filename to write a key to or standard output if this
option is not specified. If any encryption options are set then a pass phrase
will be prompted for. The output filename should B<not> be the same as the input
filename.
如果未指定此选项,则指定将密钥写入或输出的输出文件名。 如果设置了任何加密选项,
则会提示输入密码。 输出文件名不能与输入文件名相同。
=item B<-passout password>
the output file password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<gmssl(1)>.
输出文件的密码来源。有关arg格式的更多信息请参阅gmssl(1)中的PASS PHARSE ARGUMENTS部分。
=item B<-traditional>
normally a private key is written using standard format: this is PKCS#8 form
with the appropriate encryption algorithm (if any). If the B<-traditional>
option is specified then the older "traditional" format is used instead.
通常使用标准格式写入私钥这是具有适当加密算法如果有的话的PKCS8表单。
如果指定了-traditional选项则使用较旧的“traditional”格式。
=item B<-cipher>
These options encrypt the private key with the supplied cipher. Any algorithm
name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
这些选项使用提供的密码加密私钥。 EVP_get_cipherbyname接受的任何算法名称都可以接受如des3。
=item B<-text>
prints out the various public or private key components in
plain text in addition to the encoded version.
除了编码版本之外,以纯文本形式打印各种公共或私人密钥组件。
=item B<-text_pub>
print out only public key components even if a private key is being processed.
即使正在处理私钥,也打印公钥组件。
=item B<-noout>
do not output the encoded version of the key.
不打印出密钥的编码版本信息。
=item B<-pubin>
by default a private key is read from the input file: with this
option a public key is read instead.
默认从输入文件读取一个私钥:使用该选项后则变为读取一个公钥。
=item B<-pubout>
by default a private key is output: with this option a public
key will be output instead. This option is automatically set if
the input is a public key.
默认是输出一个私钥:使用该选项后则变为输出一个公钥。如果输入是公钥则该选项会自动设置。
=item B<-engine id>
specifying an engine (by its unique B<id> string) will cause B<pkey>
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.
指定要使用的硬件引擎。指定一个引擎通过其唯一的id字符串将导致pkey尝试获取对指定引擎的功能引用
,从而如果需要的话初始化它。 然后,引擎将被设置为所有可用算法的默认值。
=back
=head1 EXAMPLES
To remove the pass phrase on an RSA private key:
gmssl pkey -in key.pem -out keyout.pem
To encrypt a private key using triple DES:
gmssl pkey -in key.pem -des3 -out keyout.pem
To convert a private key from PEM to DER format:
gmssl pkey -in key.pem -outform DER -out keyout.der
To print out the components of a private key to standard output:
gmssl pkey -in key.pem -text -noout
To print out the public components of a private key to standard output:
gmssl pkey -in key.pem -text_pub -noout
To just output the public part of a private key:
gmssl pkey -in key.pem -pubout -out pubkey.pem
=head1 SEE ALSO
L<genpkey(1)>, L<rsa(1)>, L<pkcs8(1)>,
L<dsa(1)>, L<genrsa(1)>, L<gendsa(1)>
=head1 COPYRIGHT
Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the GmSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut
Reference in New Issue View Git Blame Copy Permalink