openssl-pkeyutl, pkeyutl - public key algorithm utility
openssl pkeyutl [-help] [-in file] [-out file] [-sigfile file] [-inkey file] [-keyform PEM|DER|ENGINE] [-passin arg] [-peerkey file] [-peerform PEM|DER|ENGINE] [-pubin] [-certin] [-rev] [-sign] [-verify] [-verifyrecover] [-encrypt] [-decrypt] [-derive] [-kdf algorithm] [-kdflen length] [-pkeyopt opt:value] [-hexdump] [-asn1parse] [-rand file...] [-writerand file] [-engine id] [-engine_impl]
The pkeyutl command can be used to perform low-level public key operations using any supported algorithm.
Print out a usage message.
This specifies the input filename to read data from or standard input if this option is not specified.
Specifies the output filename to write to or standard output by default.
Signature file, required for verify operations only
The input key file, by default it should be a private key.
The key format PEM, DER or ENGINE. Default is PEM.
The input key password source. For more information about the format of arg see "Pass Phrase Options" in openssl(1).
The peer key file, used by key derivation (agreement) operations.
The peer key format PEM, DER or ENGINE. Default is PEM.
The input file is a public key.
The input is a certificate containing a public key.
Reverse the order of the input buffer. This is useful for some libraries (such as CryptoAPI) which represent the buffer in little endian format.
Sign the input data (which must be a hash) and output the signed result. This requires a private key.
Verify the input data (which must be a hash) against the signature file and indicate if the verification succ