diff --git a/wolfCLU/Makefile b/wolfCLU/Makefile index bf044aad..add73469 100644 --- a/wolfCLU/Makefile +++ b/wolfCLU/Makefile @@ -18,6 +18,8 @@ SOURCES = Intro.md \ hash.md \ md5.md \ pkcs12.md \ + pkcs7.md \ + pkcs8.md \ pkey.md \ rand.md \ req.md \ @@ -25,7 +27,8 @@ SOURCES = Intro.md \ sha.md \ s_client.md \ verify.md \ - x509.md + x509.md \ + base64.md ifeq ($(DOC_LANG),JA) PDF = wolfCLU-Manual-jp.pdf diff --git a/wolfCLU/src/base64.md b/wolfCLU/src/base64.md new file mode 100644 index 00000000..46f7dd9c --- /dev/null +++ b/wolfCLU/src/base64.md @@ -0,0 +1,19 @@ +### BASE64 Command + +Encodes or decodes data using base64 encoding. By default, data is encoded to base64. Use the -d option to decode base64 data. + +- [-in] input file to read from (default stdin) +- [-out] output file to write to (default stdout) +- [-d] decode the input data instead of encoding + +Example for encoding: + +``` +wolfssl base64 -in plain_file.txt -out encoded_file.txt +``` + +Example for decoding: + +``` +wolfssl base64 -d -in encoded_file.txt -out decoded_file.txt +``` diff --git a/wolfCLU/src/command_list.md b/wolfCLU/src/command_list.md index d352d8e7..e34b99b6 100644 --- a/wolfCLU/src/command_list.md +++ b/wolfCLU/src/command_list.md @@ -1,4 +1,5 @@ ## List Of Commands: +- base64 - bench - ca - crl @@ -10,6 +11,8 @@ - hash - md5 - pkcs12 +- pkcs7 +- pkcs8 - pkey - rand - req diff --git a/wolfCLU/src/pkcs7.md b/wolfCLU/src/pkcs7.md new file mode 100644 index 00000000..bc497e60 --- /dev/null +++ b/wolfCLU/src/pkcs7.md @@ -0,0 +1,21 @@ +### PKCS7 Command + +Processes PKCS#7 data, allowing operations such as extracting certificates from PKCS#7 files. PKCS#7 is a standard for cryptographically signed and/or encrypted data. + +- [-in] input file containing PKCS#7 data (required) +- [-out] output file to write results to (default stdout) +- [-inform] input format (PEM or DER, default PEM) +- [-outform] output format (PEM or DER, default PEM) +- [-print_certs] extract and output certificates from the PKCS#7 file + +Example for extracting certificates from a PKCS#7 file: + +``` +wolfssl pkcs7 -in pkcs7.pem -print_certs +``` + +Example for converting PKCS#7 data from PEM to DER format: + +``` +wolfssl pkcs7 -in pkcs7.pem -outform DER -out pkcs7.der +``` diff --git a/wolfCLU/src/pkcs8.md b/wolfCLU/src/pkcs8.md new file mode 100644 index 00000000..bc30fbab --- /dev/null +++ b/wolfCLU/src/pkcs8.md @@ -0,0 +1,24 @@ +### PKCS8 Command + +Processes PKCS#8 private key files. Allows conversion between different formats (PEM/DER) and decryption of private keys. Encrypting PKCS#8 keys is not yet supported. + +- [-in] input file containing the private key (required) +- [-out] output file to write the processed key to (default stdout) +- [-inform] input format (PEM or DER, default PEM) +- [-outform] output format (PEM or DER, default PEM) +- [-passin] password source for encrypted input key +- [-traditional] output key in traditional (non-PKCS#8) format +- [-topk8] convert input to PKCS#8 format +- [-nocrypt] don't encrypt the output key (no password) + +Example for converting an encrypted PEM key to DER format: + +``` +wolfssl pkcs8 -in server-keyEnc.pem -passin pass:mypassword -outform DER -out key.der +``` + +Example for converting a key to traditional format: + +``` +wolfssl pkcs8 -in server-key.pem -traditional -out traditional-key.pem +``` diff --git a/wolfCLU/src/verify.md b/wolfCLU/src/verify.md index 0061c074..a6da2f9a 100644 --- a/wolfCLU/src/verify.md +++ b/wolfCLU/src/verify.md @@ -3,9 +3,10 @@ Verifies an X509 certificate given a CA. The last argument passed into the comma - [-CAfile] file name for CA to be used with verify - [-crl_check] if CRL checking should be used +- [-untrusted] file name for intermediate certificate to be used in verification (only one -untrusted cert is currently supported) Example: ``` wolfssl verify -CAfile ./certs/ca-cert.pem ./certs/server-cert.pem -``` \ No newline at end of file +```