The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

xmlsec1 (1)
  • >> xmlsec1 (1) ( Linux man: Команды и прикладные программы пользовательского уровня )
  •  

    NAME

    xmlsec1 - sign, verify, encrypt and decrypt XML documents
     
    

    SYNOPSIS

    xmlsec <command> [<options>] [<file>]  

    DESCRIPTION

    xmlsec is a command line tool for signing, verifying, encrypting and decrypting XML documents. The allowed <command> values are:
    --help
    display this help information and exit
    --help-all
    display help information for all commands/options and exit
    --help-<cmd>
    display help information for command <cmd> and exit
    --version
    print version information and exit
    --keys
    keys XML file manipulation
    --sign
    sign data and output XML document
    --verify
    verify signed document
    --sign-tmpl
    create and sign dynamicaly generated signature template
    --encrypt
    encrypt data and output XML document
    --decrypt
    decrypt data from XML document
     

    OPTIONS

    --ignore-manifests
    do not process <dsig:Manifest> elements
    --store-references
    store and print the result of <dsig:Reference/> element processing just before calculating digest
    --store-signatures
    store and print the result of <dsig:Signature> processing just before calculating signature
    --enabled-reference-uris <list>
    comma separated list of of the following values: "empty", "same-doc", "local","remote" to restrict possible URI attribute values for the <dsig:Reference> element
    --enable-visa3d-hack
    enables Visa3D protocol specific hack for URI attributes processing when we are trying not to use XPath/XPointer engine; this is a hack and I don't know what else might be broken in your application when you use it (also check "--id-attr" option because you might need it)
    --binary-data <file>
    binary <file> to encrypt
    --xml-data <file>
    XML <file> to encrypt
    --enabled-cipher-reference-uris <list>
    comma separated list of of the following values: "empty", "same-doc", "local","remote" to restrict possible URI attribute values for the <enc:CipherReference> element
    --session-key <keyKlass>-<keySize>
    generate new session <keyKlass> key of <keySize> bits size (for example, "--session des-192" generates a new 192 bits DES key for DES3 encryption)
    --output <filename>
    write result document to file <filename>
    --print-debug
    print debug information to stdout
    --print-xml-debug
    print debug information to stdout in xml format
    --dtd-file <file>
    load the specified file as the DTD
    --node-id <id>
    set the operation start point to the node with given <id>
    --node-name [<namespace-uri>:]<name>
    set the operation start point to the first node with given <name> and <namespace> URI
    --node-xpath <expr>
    set the operation start point to the first node selected by the specified XPath expression
    --id-attr[:<attr-name>] [<node-namespace-uri>:]<node-name>
    adds attributes <attr-name> (default value "id") from all nodes with<node-name> and namespace <node-namespace-uri> to the list of known ID attributes; this is a hack and if you can use DTD or schema to declare ID attributes instead (see "--dtd-file" option), I don't know what else might be broken in your application when you use this hack
    --enabled-key-data <list>
    comma separated list of enabled key data (list of registered key data klasses is available with "--list-key-data" command); by default, all registered key data are enabled
    --enabled-retrieval-uris <list>
    comma separated list of of the following values: "empty", "same-doc", "local","remote" to restrict possible URI attribute values for the <dsig:RetrievalMethod> element.
    --gen-key[:<name>] <keyKlass>-<keySize>
    generate new <keyKlass> key of <keySize> bits size, set the key name to <name> and add the result to keys manager (for example, "--gen:mykey rsa-1024" generates a new 1024 bits RSA key and sets it's name to "mykey")
    --keys-file <file>
    load keys from XML file
    --privkey-pem[:<name>] <file>[,<cafile>[,<cafile>[...]]]
    load private key from PEM file and certificates that verify this key
    --privkey-der[:<name>] <file>[,<cafile>[,<cafile>[...]]]
    load private key from DER file and certificates that verify this key
    --pkcs-pem[:<name>] <file>[,<cafile>[,<cafile>[...]]]
    load private key from PKCS8 PEM file and PEM certificates that verify this key
    --pkcs8-der[:<name>] <file>[,<cafile>[,<cafile>[...]]]
    load private key from PKCS8 DER file and DER certificates that verify this key
    --pubkey-pem[:<name>] <file>
    load public key from PEM file
    --pubkey-der[:<name>] <file>
    load public key from DER file
    --aeskey[:<name>] <file>
    load AES key from binary file <file>
    --deskey[:<name>] <file>
    load DES key from binary file <file>
    --hmackey[:<name>] <file>
    load HMAC key from binary file <file>
    --pwd <password>
    the password to use for reading keys and certs
    --pkcs12[:<name>] <file>
    load load private key from pkcs12 file <file>
    --pubkey-cert-pem[:<name>] <file>
    load public key from PEM cert file
    --pubkey-cert-der[:<name>] <file>
    load public key from DER cert file
    --trusted-pem <file>
    load trusted (root) certificate from PEM file <file>
    --untrusted-pem <file>
    load untrusted certificate from PEM file <file>
    --trusted-der <file>
    load trusted (root) certificate from DER file <file>
    --untrusted-der <file>
    load untrusted certificate from DER file <file>
    --verification-time <time>
    the local time in "YYYY-MM-DD HH:MM:SS" format used certificates verification
    --depth <number>
    maximum certificates chain depth
    --X509-skip-strict-checks
    skip strict checking of X509 data
    --crypto <name>
    the name of the crypto engine to use from the following list: openssl, gnutls, nss, mscrypto (if no crypto engine is specified then the default one is used)
    --crypto-config <path>
    path to crypto engine configuration
    --repeat <number>
    repeat the operation <number> times
    --disable-error-msgs
    do not print xmlsec error messages
    --print-crypto-error-msgs
    print errors stack at the end
    --help
    print help information about the command
     

    AUTHOR

    Written by Aleksey Sanin <[email protected]>.  

    REPORTING BUGS

    Report bugs to http://www.aleksey.com/xmlsec/bugs.html  

    COPYRIGHT

    Copyright © 2002-2003 Aleksey Sanin.
    This is free software: see the source for copying information.


     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    OPTIONS
    AUTHOR
    REPORTING BUGS
    COPYRIGHT


    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру