2013-08-23 16:19:36 -07:00

277 lines
6.2 KiB

'\" t
.\" Title: CMSUTIL
.\" Author: [see the "Authors" section]
.\" Generator: DocBook XSL Stylesheets v1.78.1 <>
.\" Date: 19 July 2013
.\" Manual: NSS Security Tools
.\" Source: nss-tools
.\" Language: English
.TH "CMSUTIL" "1" "19 July 2013" "nss-tools" "NSS Security Tools"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" -----------------------------------------------------------------
cmsutil \- Performs basic cryptograpic operations, such as encryption and decryption, on Cryptographic Message Syntax (CMS) messages\&.
.HP \w'\fBcmsutil\fR\ 'u
\fBcmsutil\fR [\fIoptions\fR] [[\fIarguments\fR]]
This documentation is still work in progress\&. Please contribute to the initial review in
\m[blue]\fBMozilla NSS bug 836477\fR\m[]\&\s-2\u[1]\d\s+2
command\-line uses the S/MIME Toolkit to perform basic operations, such as encryption and decryption, on Cryptographic Message Syntax (CMS) messages\&.
To run cmsutil, type the command cmsutil option [arguments] where option and arguments are combinations of the options and arguments listed in the following section\&. Each command takes one option\&. Each option may take zero or more arguments\&. To see a usage string, issue the command without options\&.
Options specify an action\&. Option arguments modify an action\&. The options and arguments for the cmsutil command are defined as follows:
.RS 4
Decode a message\&.
.RS 4
Encrypt a message\&.
.RS 4
Envelope a message\&.
.RS 4
Create a certificates\-only message\&.
.RS 4
Sign a message\&.
Option arguments modify an action\&.
.RS 4
Decode a batch of files named in infile\&.
\-c content
.RS 4
Use this detached content (decode only)\&.
\-d dbdir
.RS 4
Specify the key/certificate database directory (default is "\&.")
\-e envfile
.RS 4
Specify a file containing an enveloped message for a set of recipients to which you would like to send an encrypted message\&. If this is the first encrypted message for that set of recipients, a new enveloped message will be created that you can then use for future messages (encrypt only)\&.
\-f pwfile
.RS 4
Use password file to set password on all PKCS#11 tokens\&.
.RS 4
Include a signing time attribute (sign only)\&.
\-H hash
.RS 4
Use specified hash algorithm (default:SHA1)\&.
\-h num
.RS 4
Generate email headers with info about CMS message (decode only)\&.
\-i infile
.RS 4
Use infile as a source of data (default is stdin)\&.
.RS 4
Keep decoded encryption certs in permanent cert db\&.
\-N nickname
.RS 4
Specify nickname of certificate to sign with (sign only)\&.
.RS 4
Suppress output of contents (decode only)\&.
\-o outfile
.RS 4
Use outfile as a destination of data (default is stdout)\&.
.RS 4
Include an S/MIME capabilities attribute\&.
\-p password
.RS 4
Use password as key database password\&.
\-r recipient1,recipient2, \&.\&.\&.
.RS 4
Specify list of recipients (email addresses) for an encrypted or enveloped message\&. For certificates\-only message, list of certificates to send\&.
.RS 4
Suppress content in CMS message (sign only)\&.
\-u certusage
.RS 4
Set type of cert usage (default is certUsageEmailSigner)\&.
.RS 4
Print debugging information\&.
\-Y ekprefnick
.RS 4
Specify an encryption key preference by nickname\&.
Encrypt Example
.if n \{\
.RS 4
cmsutil \-C [\-i infile] [\-o outfile] [\-d dbdir] [\-p password] \-r "recipient1,recipient2, \&. \&. \&." \-e envfile
.if n \{\
Decode Example
.if n \{\
.RS 4
cmsutil \-D [\-i infile] [\-o outfile] [\-d dbdir] [\-p password] [\-c content] [\-n] [\-h num]
.if n \{\
Envelope Example
.if n \{\
.RS 4
cmsutil \-E [\-i infile] [\-o outfile] [\-d dbdir] [\-p password] \-r "recipient1,recipient2, \&.\&.\&."
.if n \{\
Certificate\-only Example
.if n \{\
.RS 4
cmsutil \-O [\-i infile] [\-o outfile] [\-d dbdir] [\-p password] \-r "cert1,cert2, \&. \&. \&."
.if n \{\
Sign Message Example
.if n \{\
.RS 4
cmsutil \-S [\-i infile] [\-o outfile] [\-d dbdir] [\-p password] \-N nickname[\-TGP] [\-Y ekprefnick]
.if n \{\
For information about NSS and other tools related to NSS (like JSS), check out the NSS project wiki at
\m[blue]\fBhttp://www\&.mozilla\&.org/projects/security/pki/nss/\fR\m[]\&. The NSS site relates directly to NSS code changes and releases\&.
Mailing lists: https://lists\&.mozilla\&.org/listinfo/dev\-tech\-crypto
IRC: Freenode at #dogtag\-pki
The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google\&.
Authors: Elio Maldonado <emaldona@redhat\&.com>, Deon Lackey <dlackey@redhat\&.com>\&.
Licensed under the Mozilla Public License, v\&. 2\&.0\&. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla\&.org/MPL/2\&.0/\&.
.IP " 1." 4
Mozilla NSS bug 836477
.RS 4