<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>Man page of XMLSEC1</title> </head> <body><table witdh="100%" valign="top"><tr valign="top"> <td valign="top" align="left" width="210"> <img src="images/logo.gif" alt="XML Security Library" border="0"><p></p> <ul> <li><a href="index.html">Home</a></li> <li><a href="download.html">Download</a></li> <li><a href="news.html">News</a></li> <li><a href="documentation.html">Documentation</a></li> <ul> <li><a href="faq.html">FAQ</a></li> <li><a href="api/xmlsec-notes.html">Tutorial</a></li> <li><a href="api/xmlsec-reference.html">API reference</a></li> <li><a href="api/xmlsec-examples.html">Examples</a></li> </ul> <li><a href="xmldsig.html">XML Digital Signature</a></li> <ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul> <li><a href="xmlenc.html">XML Encryption</a></li> <li><a href="c14n.html">XML Canonicalization</a></li> <li><a href="bugs.html">Reporting Bugs</a></li> <li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li> <li><a href="related.html">Related</a></li> <li><a href="authors.html">Authors</a></li> </ul> <table width="100%"> <tr> <td width="15"></td> <td><a href="http://xmlsoft.org/"><img src="images/libxml2-logo.png" alt="LibXML2" border="0"></a></td> </tr> <tr> <td width="15"></td> <td><a href="http://xmlsoft.org/XSLT"><img src="images/libxslt-logo.png" alt="LibXSLT" border="0"></a></td> </tr> <tr> <td width="15"></td> <td><a href="http://www.openssl.org/"><img src="images/openssl-logo.png" alt="OpenSSL" border="0"></a></td> </tr> <!--Links - start--><!--Links - end--> </table> </td> <td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent"> <h1>XMLSEC1</h1> <br><br><a href="#index">Index</a><a href="/cgi-bin/man/man2html">Return to Main Contents</a><hr> <a name="lbAB"> </a><h2>NAME</h2> <a name="lbAC"> </a><h2>SYNOPSIS</h2> <b>xmlsec</b><i><command> </i><i><options></i><i><files></i><a name="lbAD"> </a><h2>DESCRIPTION</h2> <dl compact> <dt><b>--help</b></dt> <dd> display this help information and exit </dd> <dt><b>--help-all</b></dt> <dd> display help information for all commands/options and exit </dd> <dt> <b>--help-</b><cmd></dt> <dd> display help information for command <cmd> and exit </dd> <dt><b>--version</b></dt> <dd> print version information and exit </dd> <dt><b>--keys</b></dt> <dd> keys XML file manipulation </dd> <dt><b>--sign</b></dt> <dd> sign data and output XML document </dd> <dt><b>--verify</b></dt> <dd> verify signed document </dd> <dt><b>--sign-tmpl</b></dt> <dd> create and sign dynamicaly generated signature template </dd> <dt><b>--encrypt</b></dt> <dd> encrypt data and output XML document </dd> <dt><b>--decrypt</b></dt> <dd> decrypt data from XML document </dd> </dl> <a name="lbAE"> </a><h2>OPTIONS</h2> <dl compact> <dt> <b>--ignore-manifests</b> <dt></dt> </dt> <dd> <dd>do not process <dsig:Manifest> elements </dd> </dd> <dt> <b>--store-references</b> <dt></dt> </dt> <dd> <dd>store and print the result of <dsig:Reference/> element processing just before calculating digest </dd> </dd> <dt> <b>--store-signatures</b> <dt></dt> </dt> <dd> <dd>store and print the result of <dsig:Signature> processing just before calculating signature </dd> </dd> <dt> <b>--enabled-reference-uris</b> <list> <dt></dt> </dt> <dd> <dd>comma separated list of of the following values: "empty", "same-doc", "local","remote" to restrict possible URI attribute values for the <dsig:Reference> element </dd> </dd> <dt> <b>--enable-visa3d-hack</b> <dt></dt> </dt> <dd> <dd>enables Visa3D protocol specific hack for URI attributes processing when we are trying not to use XPath/XPointer engine; this is a hack and I don't know what else might be broken in your application when you use it (also check "--id-attr" option because you might need it) </dd> </dd> <dt> <b>--binary-data</b> <file> <dt></dt> </dt> <dd> <dd>binary <file> to encrypt </dd> </dd> <dt> <b>--xml-data</b> <file> <dt></dt> </dt> <dd> <dd>XML <file> to encrypt </dd> </dd> <dt> <b>--enabled-cipher-reference-uris</b> <list> <dt></dt> </dt> <dd> <dd>comma separated list of of the following values: "empty", "same-doc", "local","remote" to restrict possible URI attribute values for the <enc:CipherReference> element </dd> </dd> <dt> <b>--session-key</b> <keyKlass>-<keySize> <dt></dt> </dt> <dd> <dd>generate new session <keyKlass> key of <keySize> bits size (for example, "--session des-192" generates a new 192 bits DES key for DES3 encryption) </dd> </dd> <dt> <b>--output</b> <filename> <dt></dt> </dt> <dd> <dd>write result document to file <filename> </dd> </dd> <dt> <b>--print-debug</b> <dt></dt> </dt> <dd> <dd>print debug information to stdout </dd> </dd> <dt> <b>--print-xml-debug</b> <dt></dt> </dt> <dd> <dd>print debug information to stdout in xml format </dd> </dd> <dt> <b>--dtd-file</b> <file> <dt></dt> </dt> <dd> <dd>load the specified file as the DTD </dd> </dd> <dt> <b>--node-id</b> <id> <dt></dt> </dt> <dd> <dd>set the operation start point to the node with given <id> </dd> </dd> <dt> <b>--node-name</b> [<namespace-uri>:]<name> <dt></dt> </dt> <dd> <dd>set the operation start point to the first node with given <name> and <namespace> URI </dd> </dd> <dt> <b>--node-xpath</b> <expr> <dt></dt> </dt> <dd> <dd>set the operation start point to the first node selected by the specified XPath expression </dd> </dd> <dt> <b>--id-attr[</b>:<attr-name>] [<node-namespace-uri>:]<node-name> <dt></dt> </dt> <dd> <dd>adds attributes <attr-name> (default value "id") from all nodes with<node-name> and namespace <node-namespace-uri> to the list of known ID attributes; this is a hack and if you can use DTD or schema to declare ID attributes instead (see "--dtd-file" option), I don't know what else might be broken in your application when you use this hack </dd> </dd> <dt> <b>--enabled-key-data</b> <list> <dt></dt> </dt> <dd> <dd>comma separated list of enabled key data (list of registered key data klasses is available with "--list-key-data" command); by default, all registered key data are enabled </dd> </dd> <dt> <b>--enabled-retrieval-uris</b> <list> <dt></dt> </dt> <dd> <dd>comma separated list of of the following values: "empty", "same-doc", "local","remote" to restrict possible URI attribute values for the <dsig:RetrievalMethod> element. </dd> </dd> <dt> <b>--gen-key[</b>:<name>] <keyKlass>-<keySize> <dt></dt> </dt> <dd> <dd>generate new <keyKlass> key of <keySize> bits size, set the key name to <name> and add the result to keys manager (for example, "--gen:mykey rsa-1024" generates a new 1024 bits RSA key and sets it's name to "mykey") </dd> </dd> <dt> <b>--keys-file</b> <file> <dt></dt> </dt> <dd> <dd>load keys from XML file </dd> </dd> <dt> <b>--privkey-pem[</b>:<name>] <file>[,<cafile>[,<cafile>[...]]] <dt></dt> </dt> <dd> <dd>load private key from PEM file and certificates that verify this key </dd> </dd> <dt> <b>--privkey-der[</b>:<name>] <file>[,<cafile>[,<cafile>[...]]] <dt></dt> </dt> <dd> <dd>load private key from DER file and certificates that verify this key </dd> </dd> <dt> <b>--pkcs8-pem[</b>:<name>] <file>[,<cafile>[,<cafile>[...]]] <dt></dt> </dt> <dd> <dd>load private key from PKCS8 PEM file and PEM certificates that verify this key </dd> </dd> <dt> <b>--pkcs8-der[</b>:<name>] <file>[,<cafile>[,<cafile>[...]]] <dt></dt> </dt> <dd> <dd>load private key from PKCS8 DER file and DER certificates that verify this key </dd> </dd> <dt> <b>--pubkey-pem[</b>:<name>] <file> <dt></dt> </dt> <dd> <dd>load public key from PEM file </dd> </dd> <dt> <b>--pubkey-der[</b>:<name>] <file> <dt></dt> </dt> <dd> <dd>load public key from DER file </dd> </dd> <dt> <b>--aeskey[</b>:<name>] <file> <dt></dt> </dt> <dd> <dd>load AES key from binary file <file> </dd> </dd> <dt> <b>--deskey[</b>:<name>] <file> <dt></dt> </dt> <dd> <dd>load DES key from binary file <file> </dd> </dd> <dt> <b>--hmackey[</b>:<name>] <file> <dt></dt> </dt> <dd> <dd>load HMAC key from binary file <file> </dd> </dd> <dt> <b>--pwd</b> <password> <dt></dt> </dt> <dd> <dd>the password to use for reading keys and certs </dd> </dd> <dt> <b>--pkcs12[</b>:<name>] <file> <dt></dt> </dt> <dd> <dd>load load private key from pkcs12 file <file> </dd> </dd> <dt> <b>--pubkey-cert-pem[</b>:<name>] <file> <dt></dt> </dt> <dd> <dd>load public key from PEM cert file </dd> </dd> <dt> <b>--pubkey-cert-der[</b>:<name>] <file> <dt></dt> </dt> <dd> <dd>load public key from DER cert file </dd> </dd> <dt> <b>--trusted-pem</b> <file> <dt></dt> </dt> <dd> <dd>load trusted (root) certificate from PEM file <file> </dd> </dd> <dt> <b>--untrusted-pem</b> <file> <dt></dt> </dt> <dd> <dd>load untrusted certificate from PEM file <file> </dd> </dd> <dt> <b>--trusted-der</b> <file> <dt></dt> </dt> <dd> <dd>load trusted (root) certificate from DER file <file> </dd> </dd> <dt> <b>--untrusted-der</b> <file> <dt></dt> </dt> <dd> <dd>load untrusted certificate from DER file <file> </dd> </dd> <dt> <b>--verification-time</b> <time> <dt></dt> </dt> <dd> <dd>the local time in "YYYY-MM-DD HH:MM:SS" format used certificates verification </dd> </dd> <dt> <b>--depth</b> <number> <dt></dt> </dt> <dd> <dd>maximum certificates chain depth </dd> </dd> <dt> <b>--X509-skip-strict-checks</b> <dt></dt> </dt> <dd> <dd>skip strict checking of X509 data </dd> </dd> <dt> <b>--crypto</b> <name> <dt></dt> </dt> <dd> <dd>the name of the crypto engine to use from the following list: openssl, mscrypto, nss, gnutls, gcrypt (if no crypto engine is specified then the default one is used) </dd> </dd> <dt> <b>--crypto-config</b> <path> <dt></dt> </dt> <dd> <dd>path to crypto engine configuration </dd> </dd> <dt> <b>--repeat</b> <number> <dt></dt> </dt> <dd> <dd>repeat the operation <number> times </dd> </dd> <dt> <b>--disable-error-msgs</b> <dt></dt> </dt> <dd> <dd>do not print xmlsec error messages </dd> </dd> <dt> <b>--print-crypto-error-msgs</b> <dt></dt> </dt> <dd> <dd>print errors stack at the end </dd> </dd> <dt> <b>--help</b> <dt></dt> </dt> <dd> <dd>print help information about the command </dd> </dd> </dl> <a name="lbAF"> </a><h2>AUTHOR</h2> <a href="mailto:aleksey@aleksey.com">aleksey@aleksey.com</a><a name="lbAG"> </a><h2>REPORTING BUGS</h2> <a href="http://www.aleksey.com/xmlsec/bugs.html">http://www.aleksey.com/xmlsec/bugs.html</a><a name="lbAH"> </a><h2>COPYRIGHT</h2> <br><p> </p> <hr> <a name="index"> </a><h2>Index</h2> <dl> <dt><a href="#lbAB">NAME</a></dt> <dd> </dd> <dt><a href="#lbAC">SYNOPSIS</a></dt> <dd> </dd> <dt><a href="#lbAD">DESCRIPTION</a></dt> <dd> </dd> <dt><a href="#lbAE">OPTIONS</a></dt> <dd> </dd> <dt><a href="#lbAF">AUTHOR</a></dt> <dd> </dd> <dt><a href="#lbAG">REPORTING BUGS</a></dt> <dd> </dd> <dt><a href="#lbAH">COPYRIGHT</a></dt> <dd> </dd> </dl> <hr> <a href="/cgi-bin/man/man2html">man2html</a><br> </td></tr></table></td> </tr></table></body> </html>
distrib
>
Fedora
>
14
>
x86_64
>
media
>
updates
>
by-pkgid
>
ee41bef0820a285a79baf4270ee6c699
>
files
>
195
