cmsutil.1 (6311B)
1 '\" t 2 .\" Title: CMSUTIL 3 .\" Author: [see the "Authors" section] 4 .\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> 5 .\" Date: 5 June 2014 6 .\" Manual: NSS Security Tools 7 .\" Source: nss-tools 8 .\" Language: English 9 .\" 10 .TH "CMSUTIL" "1" "5 June 2014" "nss-tools" "NSS Security Tools" 11 .\" ----------------------------------------------------------------- 12 .\" * Define some portability stuff 13 .\" ----------------------------------------------------------------- 14 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 15 .\" http://bugs.debian.org/507673 16 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html 17 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 18 .ie \n(.g .ds Aq \(aq 19 .el .ds Aq ' 20 .\" ----------------------------------------------------------------- 21 .\" * set default formatting 22 .\" ----------------------------------------------------------------- 23 .\" disable hyphenation 24 .nh 25 .\" disable justification (adjust text to left margin only) 26 .ad l 27 .\" ----------------------------------------------------------------- 28 .\" * MAIN CONTENT STARTS HERE * 29 .\" ----------------------------------------------------------------- 30 .SH "NAME" 31 cmsutil \- Performs basic cryptograpic operations, such as encryption and decryption, on Cryptographic Message Syntax (CMS) messages\&. 32 .SH "SYNOPSIS" 33 .HP \w'\fBcmsutil\fR\ 'u 34 \fBcmsutil\fR [\fIoptions\fR] [[\fIarguments\fR]] 35 .SH "STATUS" 36 .PP 37 This documentation is still work in progress\&. Please contribute to the initial review in 38 \m[blue]\fBMozilla NSS bug 836477\fR\m[]\&\s-2\u[1]\d\s+2 39 .SH "DESCRIPTION" 40 .PP 41 The 42 \fBcmsutil\fR 43 command\-line uses the S/MIME Toolkit to perform basic operations, such as encryption and decryption, on Cryptographic Message Syntax (CMS) messages\&. 44 .PP 45 To run cmsutil, type the command cmsutil option [arguments] where option and arguments are combinations of the options and arguments listed in the following section\&. Each command takes one option\&. Each option may take zero or more arguments\&. To see a usage string, issue the command without options\&. 46 .SH "OPTIONS AND ARGUMENTS" 47 .PP 48 .PP 49 \fBOptions\fR 50 .PP 51 Options specify an action\&. Option arguments modify an action\&. The options and arguments for the cmsutil command are defined as follows: 52 .PP 53 \-C 54 .RS 4 55 Encrypt a message\&. 56 .RE 57 .PP 58 \-D 59 .RS 4 60 Decode a message\&. 61 .RE 62 .PP 63 \-E 64 .RS 4 65 Envelope a message\&. 66 .RE 67 .PP 68 \-O 69 .RS 4 70 Create a certificates\-only message\&. 71 .RE 72 .PP 73 \-S 74 .RS 4 75 Sign a message\&. 76 .RE 77 .PP 78 \fBArguments\fR 79 .PP 80 Option arguments modify an action\&. 81 .PP 82 \-b 83 .RS 4 84 Decode a batch of files named in infile\&. 85 .RE 86 .PP 87 \-c content 88 .RS 4 89 Use this detached content (decode only)\&. 90 .RE 91 .PP 92 \-d dbdir 93 .RS 4 94 Specify the key/certificate database directory (default is "\&.") 95 .RE 96 .PP 97 \-e envfile 98 .RS 4 99 Specify a file containing an enveloped message for a set of recipients to which you would like to send an encrypted message\&. If this is the first encrypted message for that set of recipients, a new enveloped message will be created that you can then use for future messages (encrypt only)\&. 100 .RE 101 .PP 102 \-f pwfile 103 .RS 4 104 Use password file to set password on all PKCS#11 tokens\&. 105 .RE 106 .PP 107 \-G 108 .RS 4 109 Include a signing time attribute (sign only)\&. 110 .RE 111 .PP 112 \-H hash 113 .RS 4 114 Use specified hash algorithm (default:SHA1)\&. 115 .RE 116 .PP 117 \-h num 118 .RS 4 119 Generate email headers with info about CMS message (decode only)\&. 120 .RE 121 .PP 122 \-i infile 123 .RS 4 124 Use infile as a source of data (default is stdin)\&. 125 .RE 126 .PP 127 \-k 128 .RS 4 129 Keep decoded encryption certs in permanent cert db\&. 130 .RE 131 .PP 132 \-N nickname 133 .RS 4 134 Specify nickname of certificate to sign with (sign only)\&. 135 .RE 136 .PP 137 \-n 138 .RS 4 139 Suppress output of contents (decode only)\&. 140 .RE 141 .PP 142 \-o outfile 143 .RS 4 144 Use outfile as a destination of data (default is stdout)\&. 145 .RE 146 .PP 147 \-P 148 .RS 4 149 Include an S/MIME capabilities attribute\&. 150 .RE 151 .PP 152 \-p password 153 .RS 4 154 Use password as key database password\&. 155 .RE 156 .PP 157 \-r recipient1,recipient2, \&.\&.\&. 158 .RS 4 159 Specify list of recipients (email addresses) for an encrypted or enveloped message\&. For certificates\-only message, list of certificates to send\&. 160 .RE 161 .PP 162 \-T 163 .RS 4 164 Suppress content in CMS message (sign only)\&. 165 .RE 166 .PP 167 \-u certusage 168 .RS 4 169 Set type of cert usage (default is certUsageEmailSigner)\&. 170 .RE 171 .PP 172 \-v 173 .RS 4 174 Print debugging information\&. 175 .RE 176 .PP 177 \-Y ekprefnick 178 .RS 4 179 Specify an encryption key preference by nickname\&. 180 .RE 181 .SH "USAGE" 182 .PP 183 Encrypt Example 184 .sp 185 .if n \{\ 186 .RS 4 187 .\} 188 .nf 189 cmsutil \-C [\-i infile] [\-o outfile] [\-d dbdir] [\-p password] \-r "recipient1,recipient2, \&. \&. \&." \-e envfile 190 191 .fi 192 .if n \{\ 193 .RE 194 .\} 195 .PP 196 Decode Example 197 .sp 198 .if n \{\ 199 .RS 4 200 .\} 201 .nf 202 cmsutil \-D [\-i infile] [\-o outfile] [\-d dbdir] [\-p password] [\-c content] [\-n] [\-h num] 203 204 .fi 205 .if n \{\ 206 .RE 207 .\} 208 .PP 209 Envelope Example 210 .sp 211 .if n \{\ 212 .RS 4 213 .\} 214 .nf 215 cmsutil \-E [\-i infile] [\-o outfile] [\-d dbdir] [\-p password] \-r "recipient1,recipient2, \&.\&.\&." 216 217 .fi 218 .if n \{\ 219 .RE 220 .\} 221 .PP 222 Certificate\-only Example 223 .sp 224 .if n \{\ 225 .RS 4 226 .\} 227 .nf 228 cmsutil \-O [\-i infile] [\-o outfile] [\-d dbdir] [\-p password] \-r "cert1,cert2, \&. \&. \&." 229 230 .fi 231 .if n \{\ 232 .RE 233 .\} 234 .PP 235 Sign Message Example 236 .sp 237 .if n \{\ 238 .RS 4 239 .\} 240 .nf 241 cmsutil \-S [\-i infile] [\-o outfile] [\-d dbdir] [\-p password] \-N nickname[\-TGP] [\-Y ekprefnick] 242 243 .fi 244 .if n \{\ 245 .RE 246 .\} 247 .SH "SEE ALSO" 248 .PP 249 certutil(1) 250 .SH "ADDITIONAL RESOURCES" 251 .PP 252 For information about NSS and other tools related to NSS (like JSS), check out the NSS project wiki at 253 \m[blue]\fBhttp://www\&.mozilla\&.org/projects/security/pki/nss/\fR\m[]\&. The NSS site relates directly to NSS code changes and releases\&. 254 .PP 255 Mailing lists: https://lists\&.mozilla\&.org/listinfo/dev\-tech\-crypto 256 .PP 257 IRC: Freenode at #dogtag\-pki 258 .SH "AUTHORS" 259 .PP 260 The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google\&. 261 .PP 262 Authors: Elio Maldonado <emaldona@redhat\&.com>, Deon Lackey <dlackey@redhat\&.com>\&. 263 .SH "LICENSE" 264 .PP 265 Licensed under the Mozilla Public License, v\&. 2\&.0\&. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla\&.org/MPL/2\&.0/\&. 266 .SH "NOTES" 267 .IP " 1." 4 268 Mozilla NSS bug 836477 269 .RS 4 270 \%https://bugzilla.mozilla.org/show_bug.cgi?id=836477 271 .RE