This command can be used to perform low-level public key
operations using any supported algorithm.
+By default the signing operation (see B<-sign> option) is assumed.
+
=head1 OPTIONS
=over 4
used. For signature algorithms like RSA, DSA and ECDSA, SHA-256 will be the
default digest algorithm. For SM2, it will be SM3.
At this time, HashEdDSA (the ph or "prehash" variant of EdDSA) is not supported,
-so the B<-digest> option cannot be used with EdDSA).
+so the B<-digest> option cannot be used with EdDSA.
=item B<-out> I<filename>
=item B<-rev>
Reverse the order of the input buffer. This is useful for some libraries
-(such as CryptoAPI) which represent the buffer in little endian format.
+(such as CryptoAPI) which represent the buffer in little-endian format.
This cannot be used in conjunction with B<-rawin>.
=item B<-sign>
-Sign the input data (which must be a hash) and output the signed result. This
-requires a private key.
+Sign the input data and output the signed result. This requires a private key.
+The input data given with the B<-in> option should be a hash value
+unless the use of a message digest operation is implied,
=item B<-verify>
-Verify the input data (which must be a hash) against the signature file and
-indicate if the verification succeeded or failed.
+Verify the input data against the signature given with the B<-sigfile> option
+and indicate if the verification succeeded or failed.
+The input data given with the B<-in> option should be a hash value
+unless the use of a message digest operation is implied,
=item B<-verifyrecover>
-Verify the input data (which must be a hash) and output the recovered data.
+Verify the input data and output the recovered data.
+The input data given with the B<-in> option should be a hash value.
=item B<-encrypt>
projects / thirdparty / openssl.git / commitdiff
