openssl
diff --git a/‎master/man1/openssl-cmp/index.html
+1-1 b/‎master/man1/openssl-cmp/index.html
+1-1
diff --git a/‎master/man1/openssl-cms/index.html
+1-1 b/‎master/man1/openssl-cms/index.html
+1-1
@@ -71,4 +71,4 @@
 </code></pre></div><p>the above enrollment transactions reduce to</p><div class=highlight><pre><span></span><code>openssl cmp -section cmp,init
 openssl cmp -cmd kur -newkey cl_key_new.pem
 </code></pre></div><p>and the above transaction using a general message reduces to</p><div class=highlight><pre><span></span><code>openssl cmp -section cmp,init -cmd genm
-</code></pre></div><h2 id=see-also>SEE ALSO<a class=headerlink href=#see-also title="Permanent link">&para;</a></h2><p><a href=../openssl-genrsa/ >openssl-genrsa(1)</a>, <a href=../openssl-ecparam/ >openssl-ecparam(1)</a>, <a href=../openssl-list/ >openssl-list(1)</a>, <a href=../openssl-req/ >openssl-req(1)</a>, <a href=../openssl-x509/ >openssl-x509(1)</a>, <a href=../../man5/x509v3_config/ >x509v3_config(5)</a></p><h2 id=history>HISTORY<a class=headerlink href=#history title="Permanent link">&para;</a></h2><p>The <strong>cmp</strong> application was added in OpenSSL 3.0.</p><p>The <strong>-engine</strong> option was deprecated in OpenSSL 3.0.</p><p>The <strong>-oldwithold</strong>, <strong>-newwithnew</strong>, <strong>-newwithold</strong>, <strong>-oldwithnew</strong>, The <strong>-srvcertout</strong>, and <strong>-serial</strong> option were added in OpenSSL 3.2, as well as an extension of <strong>-cacertsout</strong> to use when getting CA certificates. Since then, the <strong>-issuer</strong> may be used also for certificates to be revoked.</p><p>The <strong>-profile</strong> and <strong>-no_cache_extracerts</strong> options were added in OpenSSL 3.3, as well as support for delayed delivery of all types of response messages.</p><p>The <strong>-template</strong>, <strong>-crlcert</strong>, <strong>-oldcrl</strong>, <strong>-crlout</strong>, <strong>-crlform</strong> and <strong>-rsp_crl</strong> options were added in OpenSSL 3.4.</p><p><strong>-centralkeygen</strong>, b&lt;-newkeyout&gt;, <strong>-rsp_key</strong> and <strong>-rsp_keypass</strong> were added in OpenSSL 3.5.</p><h2 id=copyright>COPYRIGHT<a class=headerlink href=#copyright title="Permanent link">&para;</a></h2><p>Copyright 2007-2024 The OpenSSL Project Authors. All Rights Reserved.</p><p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href=https://www.openssl.org/source/license.html>https://www.openssl.org/source/license.html</a>.</p></article></div><script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script></div></main><footer class=md-footer><div class="md-footer-meta md-typeset"><div class="md-footer-meta__inner md-grid"><div class=md-copyright> Made with <a href=https://squidfunk.github.io/mkdocs-material/ target=_blank rel=noopener> Material for MkDocs </a></div></div></div></footer></div><div class=md-dialog data-md-component=dialog><div class="md-dialog__inner md-typeset"></div></div><script id=__config type=application/json>{"base": "../..", "features": ["navigation.indexes", "navigation.instant", "navigation.path", "navigation.prune", "navigation.tabs", "navigation.tabs.sticky", "navigation.tracking", "search.suggest", "toc.follow"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}, "version": {"default": "master", "provider": "mike"}}</script><script src=../../assets/javascripts/bundle.ad660dcc.min.js></script></body></html>
+</code></pre></div><h2 id=see-also>SEE ALSO<a class=headerlink href=#see-also title="Permanent link">&para;</a></h2><p><a href=../openssl-genrsa/ >openssl-genrsa(1)</a>, <a href=../openssl-ecparam/ >openssl-ecparam(1)</a>, <a href=../openssl-list/ >openssl-list(1)</a>, <a href=../openssl-req/ >openssl-req(1)</a>, <a href=../openssl-x509/ >openssl-x509(1)</a>, <a href=../../man5/x509v3_config/ >x509v3_config(5)</a></p><h2 id=history>HISTORY<a class=headerlink href=#history title="Permanent link">&para;</a></h2><p>The <strong>cmp</strong> application was added in OpenSSL 3.0.</p><p>The <strong>-engine</strong> option was deprecated in OpenSSL 3.0.</p><p>The <strong>-oldwithold</strong>, <strong>-newwithnew</strong>, <strong>-newwithold</strong>, <strong>-oldwithnew</strong>, The <strong>-srvcertout</strong>, and <strong>-serial</strong> option were added in OpenSSL 3.2, as well as an extension of <strong>-cacertsout</strong> to use when getting CA certificates. Since then, the <strong>-issuer</strong> may be used also for certificates to be revoked.</p><p>The <strong>-profile</strong> and <strong>-no_cache_extracerts</strong> options were added in OpenSSL 3.3, as well as support for delayed delivery of all types of response messages.</p><p>The <strong>-template</strong>, <strong>-crlcert</strong>, <strong>-oldcrl</strong>, <strong>-crlout</strong>, <strong>-crlform</strong> and <strong>-rsp_crl</strong> options were added in OpenSSL 3.4.</p><p><strong>-centralkeygen</strong>, b&lt;-newkeyout&gt;, <strong>-rsp_key</strong> and <strong>-rsp_keypass</strong> were added in OpenSSL 3.5.</p><h2 id=copyright>COPYRIGHT<a class=headerlink href=#copyright title="Permanent link">&para;</a></h2><p>Copyright 2007-2025 The OpenSSL Project Authors. All Rights Reserved.</p><p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href=https://www.openssl.org/source/license.html>https://www.openssl.org/source/license.html</a>.</p></article></div><script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script></div></main><footer class=md-footer><div class="md-footer-meta md-typeset"><div class="md-footer-meta__inner md-grid"><div class=md-copyright> Made with <a href=https://squidfunk.github.io/mkdocs-material/ target=_blank rel=noopener> Material for MkDocs </a></div></div></div></footer></div><div class=md-dialog data-md-component=dialog><div class="md-dialog__inner md-typeset"></div></div><script id=__config type=application/json>{"base": "../..", "features": ["navigation.indexes", "navigation.instant", "navigation.path", "navigation.prune", "navigation.tabs", "navigation.tabs.sticky", "navigation.tracking", "search.suggest", "toc.follow"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}, "version": {"default": "master", "provider": "mike"}}</script><script src=../../assets/javascripts/bundle.ad660dcc.min.js></script></body></html>
@@ -41,4 +41,4 @@
        -recip cert.pem -keyopt rsa_padding_mode:oaep
 </code></pre></div><p>Use SHA256 KDF with an ECDH certificate:</p><div class=highlight><pre><span></span><code>openssl cms -encrypt -in plain.txt -out mail.msg \
        -recip ecdhcert.pem -keyopt ecdh_kdf_md:sha256
-</code></pre></div><p>Print CMS signed binary data in human-readable form:</p><p>openssl cms -in signed.cms -binary -inform DER -cmsout -print</p><h2 id=bugs>BUGS<a class=headerlink href=#bugs title="Permanent link">&para;</a></h2><p>The MIME parser isn&#39;t very clever: it seems to handle most messages that I&#39;ve thrown at it but it may choke on others.</p><p>The code currently will only write out the signer&#39;s certificate to a file: if the signer has a separate encryption certificate this must be manually extracted. There should be some heuristic that determines the correct encryption certificate.</p><p>Ideally a database should be maintained of a certificates for each email address.</p><p>The code doesn&#39;t currently take note of the permitted symmetric encryption algorithms as supplied in the SMIMECapabilities signed attribute. this means the user has to manually include the correct encryption algorithm. It should store the list of permitted ciphers in a database and only use those.</p><p>No revocation checking is done on the signer&#39;s certificate.</p><h2 id=see-also>SEE ALSO<a class=headerlink href=#see-also title="Permanent link">&para;</a></h2><p><a href=../../man7/ossl_store-file/ >ossl_store-file(7)</a></p><h2 id=history>HISTORY<a class=headerlink href=#history title="Permanent link">&para;</a></h2><p>The default encryption cipher was changed from 3DES to AES-256 in OpenSSL 3.5.</p><p>The use of multiple <strong>-signer</strong> options and the <strong>-resign</strong> command were first added in OpenSSL 1.0.0.</p><p>The <strong>-keyopt</strong> option was added in OpenSSL 1.0.2.</p><p>Support for RSA-OAEP and RSA-PSS was added in OpenSSL 1.0.2.</p><p>The use of non-RSA keys with <strong>-encrypt</strong> and <strong>-decrypt</strong> was added in OpenSSL 1.0.2.</p><p>The -no_alt_chains option was added in OpenSSL 1.0.2b.</p><p>The <strong>-nameopt</strong> option was added in OpenSSL 3.0.0.</p><p>The <strong>-engine</strong> option was deprecated in OpenSSL 3.0.</p><p>The <strong>-digest</strong> option was added in OpenSSL 3.2.</p><h2 id=copyright>COPYRIGHT<a class=headerlink href=#copyright title="Permanent link">&para;</a></h2><p>Copyright 2008-2024 The OpenSSL Project Authors. All Rights Reserved.</p><p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href=https://www.openssl.org/source/license.html>https://www.openssl.org/source/license.html</a>.</p></article></div><script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script></div></main><footer class=md-footer><div class="md-footer-meta md-typeset"><div class="md-footer-meta__inner md-grid"><div class=md-copyright> Made with <a href=https://squidfunk.github.io/mkdocs-material/ target=_blank rel=noopener> Material for MkDocs </a></div></div></div></footer></div><div class=md-dialog data-md-component=dialog><div class="md-dialog__inner md-typeset"></div></div><script id=__config type=application/json>{"base": "../..", "features": ["navigation.indexes", "navigation.instant", "navigation.path", "navigation.prune", "navigation.tabs", "navigation.tabs.sticky", "navigation.tracking", "search.suggest", "toc.follow"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}, "version": {"default": "master", "provider": "mike"}}</script><script src=../../assets/javascripts/bundle.ad660dcc.min.js></script></body></html>
+</code></pre></div><p>Print CMS signed binary data in human-readable form:</p><p>openssl cms -in signed.cms -binary -inform DER -cmsout -print</p><h2 id=bugs>BUGS<a class=headerlink href=#bugs title="Permanent link">&para;</a></h2><p>The MIME parser isn&#39;t very clever: it seems to handle most messages that I&#39;ve thrown at it but it may choke on others.</p><p>The code currently will only write out the signer&#39;s certificate to a file: if the signer has a separate encryption certificate this must be manually extracted. There should be some heuristic that determines the correct encryption certificate.</p><p>Ideally a database should be maintained of a certificates for each email address.</p><p>The code doesn&#39;t currently take note of the permitted symmetric encryption algorithms as supplied in the SMIMECapabilities signed attribute. this means the user has to manually include the correct encryption algorithm. It should store the list of permitted ciphers in a database and only use those.</p><p>No revocation checking is done on the signer&#39;s certificate.</p><h2 id=see-also>SEE ALSO<a class=headerlink href=#see-also title="Permanent link">&para;</a></h2><p><a href=../../man7/ossl_store-file/ >ossl_store-file(7)</a></p><h2 id=history>HISTORY<a class=headerlink href=#history title="Permanent link">&para;</a></h2><p>The default encryption cipher was changed from 3DES to AES-256 in OpenSSL 3.5.</p><p>The use of multiple <strong>-signer</strong> options and the <strong>-resign</strong> command were first added in OpenSSL 1.0.0.</p><p>The <strong>-keyopt</strong> option was added in OpenSSL 1.0.2.</p><p>Support for RSA-OAEP and RSA-PSS was added in OpenSSL 1.0.2.</p><p>The use of non-RSA keys with <strong>-encrypt</strong> and <strong>-decrypt</strong> was added in OpenSSL 1.0.2.</p><p>The -no_alt_chains option was added in OpenSSL 1.0.2b.</p><p>The <strong>-nameopt</strong> option was added in OpenSSL 3.0.0.</p><p>The <strong>-engine</strong> option was deprecated in OpenSSL 3.0.</p><p>The <strong>-digest</strong> option was added in OpenSSL 3.2.</p><h2 id=copyright>COPYRIGHT<a class=headerlink href=#copyright title="Permanent link">&para;</a></h2><p>Copyright 2008-2025 The OpenSSL Project Authors. All Rights Reserved.</p><p>Licensed under the Apache License 2.0 (the &quot;License&quot;). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href=https://www.openssl.org/source/license.html>https://www.openssl.org/source/license.html</a>.</p></article></div><script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script></div></main><footer class=md-footer><div class="md-footer-meta md-typeset"><div class="md-footer-meta__inner md-grid"><div class=md-copyright> Made with <a href=https://squidfunk.github.io/mkdocs-material/ target=_blank rel=noopener> Material for MkDocs </a></div></div></div></footer></div><div class=md-dialog data-md-component=dialog><div class="md-dialog__inner md-typeset"></div></div><script id=__config type=application/json>{"base": "../..", "features": ["navigation.indexes", "navigation.instant", "navigation.path", "navigation.prune", "navigation.tabs", "navigation.tabs.sticky", "navigation.tracking", "search.suggest", "toc.follow"], "search": "../../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}, "version": {"default": "master", "provider": "mike"}}</script><script src=../../assets/javascripts/bundle.ad660dcc.min.js></script></body></html>