apps/cms: Clean up order of options in help output and documentation

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15126)

1 files changed, 361 insertions, 256 deletions

diff --git a/doc/man1/openssl-cms.pod.in b/doc/man1/openssl-cms.pod.in
index bdfb607134..6e0f86804a 100644
--- a/doc/man1/openssl-cms.pod.in
+++ b/doc/man1/openssl-cms.pod.in
@@ -9,96 +9,131 @@ openssl-cms - CMS command
 
 B<openssl> B<cms>
 [B<-help>]
+
+General options:
+
+[B<-in> I<filename>]
+[B<-out> I<filename>]
+{- $OpenSSL::safe::opt_config_synopsis -}
+
+Operation options:
+
 [B<-encrypt>]
 [B<-decrypt>]
-[B<-debug_decrypt>]
 [B<-sign>]
 [B<-verify>]
-[B<-verify_retcode>]
-[B<-no_attr_verify>]
-[B<-nosigs>]
-[B<-no_content_verify>]
-[B<-cmsout>]
 [B<-resign>]
-[B<-cades>]
-[B<-data_create>]
-[B<-data_out>]
+[B<-sign_receipt>]
+[B<-verify_receipt> I<receipt>]
 [B<-digest_create>]
 [B<-digest_verify>]
 [B<-compress>]
 [B<-uncompress>]
-[B<-EncryptedData_decrypt>]
 [B<-EncryptedData_encrypt>]
-[B<-sign_receipt>]
-[B<-verify_receipt> I<receipt>]
-[B<-in> I<filename>]
-[B<-out> I<filename>]
+[B<-EncryptedData_decrypt>]
+[B<-data_create>]
+[B<-data_out>]
+[B<-cmsout>]
+
+File format options:
+
 [B<-inform> B<DER>|B<PEM>|B<SMIME>]
 [B<-outform> B<DER>|B<PEM>|B<SMIME>]
 [B<-rctform> B<DER>|B<PEM>|B<SMIME>]
-[B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>]
 [B<-stream>]
 [B<-indef>]
 [B<-noindef>]
-[B<-content> I<filename>]
-[B<-text>]
-[B<-noout>]
-[B<-print>]
-[B<-nameopt> I<option>]
-[B<-md> I<digest>]
+[B<-binary>]
+[B<-crlfeol>]
+[B<-asciicrlf>]
+
+Keys and password options:
+
+[B<-pwri_password> I<password>]
+[B<-secretkey> I<key>]
+[B<-secretkeyid> I<id>]
+[B<-inkey> I<filename>|I<uri>]
+[B<-passin> I<arg>]
+[B<-keyopt> I<name>:I<parameter>]
+[B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>]
+{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -}
+{- $OpenSSL::safe::opt_r_synopsis -}
+
+Encryption options:
+
+[B<-originator> I<file>]
+[B<-recip> I<file>]
+[I<recipient-cert> ...]
 [B<-I<cipher>>]
 [B<-wrap> I<cipher>]
 [B<-aes128-wrap>]
 [B<-aes192-wrap>]
 [B<-aes256-wrap>]
 [B<-des3-wrap>]
-[B<-nointern>]
-[B<-noverify>]
+[B<-debug_decrypt>]
+
+Signing options:
+
+[B<-md> I<digest>]
+[B<-signer> I<file>]
+[B<-certfile> I<file>]
+[B<-cades>]
+[B<-nodetach>]
 [B<-nocerts>]
 [B<-noattr>]
 [B<-nosmimecap>]
-[B<-binary>]
-[B<-crlfeol>]
-[B<-asciicrlf>]
-[B<-nodetach>]
-[B<-certfile> I<file>]
-[B<-certsout> I<file>]
-[B<-signer> I<file>]
-[B<-originator> I<file>]
-[B<-recip> I<file>]
-[B<-keyid>]
 [B<-receipt_request_all>]
 [B<-receipt_request_first>]
 [B<-receipt_request_from> I<emailaddress>]
 [B<-receipt_request_to> I<emailaddress>]
-[B<-receipt_request_print>]
-[B<-pwri_password> I<password>]
-[B<-secretkey> I<key>]
-[B<-secretkeyid> I<id>]
+
+Verification options:
+
+[B<-signer> I<file>]
+[B<-content> I<filename>]
+[B<-no_content_verify>]
+[B<-no_attr_verify>]
+[B<-nosigs>]
+[B<-noverify>]
+[B<-nointern>]
+[B<-cades>]
+[B<-verify_retcode>]
+{- $OpenSSL::safe::opt_trust_synopsis -}
+
+Output options:
+
+[B<-keyid>]
 [B<-econtent_type> I<type>]
-[B<-inkey> I<filename>|I<uri>]
-[B<-keyopt> I<name>:I<parameter>]
-[B<-passin> I<arg>]
+[B<-text>]
+[B<-certsout> I<file>]
 [B<-to> I<addr>]
 [B<-from> I<addr>]
 [B<-subject> I<subj>]
+
+Printing options:
+
+[B<-noout>]
+[B<-print>]
+[B<-nameopt> I<option>]
+[B<-receipt_request_print>]
+
+Validation options:
+
 {- $OpenSSL::safe::opt_v_synopsis -}
-{- $OpenSSL::safe::opt_trust_synopsis -}
-{- $OpenSSL::safe::opt_r_synopsis -}
-{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -}
-{- $OpenSSL::safe::opt_config_synopsis -}
-[I<recipient-cert> ...]
 
 =head1 DESCRIPTION
 
-This command handles S/MIME v3.1 mail. It can encrypt, decrypt,
-sign and verify, compress and uncompress S/MIME messages.
+This command handles data in CMS format such as S/MIME v3.1 email messages.
+It can encrypt, decrypt, sign, verify, compress, uncompress, and print messages.
 
 =head1 OPTIONS
 
-There are fourteen operation options that set the type of operation to be
-performed. The meaning of the other options varies according to the operation
-type.
+There are a number of operation options that set the type of operation to be
+performed: encrypt, decrypt, sign, verify, resign, sign_receipt, verify_receipt,
+digest_create, digest_verify, compress, uncompress,
+EncryptedData_encrypt, EncryptedData_decrypt, data_create, data_out, or cmsout.
+The relevance of the other options depends on the operation type
+and their meaning may vary according to it.
 
 =over 4
 
@@ -106,77 +141,71 @@ type.
 
 Print out a usage message.
 
-=item B<-encrypt>
+=back
 
-Encrypt mail for the given recipient certificates. Input file is the message
-to be encrypted. The output file is the encrypted mail in MIME format. The
-actual CMS type is B<EnvelopedData>.
+=head2 General options
 
-Note that no revocation check is done for the recipient cert, so if that
-key has been compromised, others may be able to decrypt the text.
-
-=item B<-decrypt>
+=over 4
 
-Decrypt mail using the supplied certificate and private key. Expects an
-encrypted mail message in MIME format for the input file. The decrypted mail
-is written to the output file.
+=item B<-in> I<filename>
 
-=item B<-debug_decrypt>
+The input message to be encrypted or signed or the message to be decrypted
+or verified.
 
-This option sets the B<CMS_DEBUG_DECRYPT> flag. This option should be used
-with caution: see the notes section below.
+=item B<-out> I<filename>
 
-=item B<-sign>
+The message text that has been decrypted or verified or the output MIME
+format message that has been signed or verified.
 
-Sign mail using the supplied certificate and private key. Input file is
-the message to be signed. The signed message in MIME format is written
-to the output file.
+{- $OpenSSL::safe::opt_config_item -}
 
-=item B<-verify>
+=back
 
-Verify signed mail. Expects a signed mail message on input and outputs
-the signed data. Both clear text and opaque signing is supported.
+=head2 Operation options
 
-=item B<-verify_retcode>
+=over 4
 
-Exit nonzero on verification failure.
+=item B<-encrypt>
 
-=item B<-no_attr_verify>
+Encrypt data for the given recipient certificates. Input file is the message
+to be encrypted. The output file is the encrypted data in MIME format. The
+actual CMS type is B<EnvelopedData>.
 
-Do not verify signed attribute signatures.
+Note that no revocation check is done for the recipient cert, so if that
+key has been compromised, others may be able to decrypt the text.
 
-=item B<-no_content_verify>
+=item B<-decrypt>
 
-Do not verify signed content signatures.
+Decrypt data using the supplied certificate and private key. Expects
+encrypted datain MIME format for the input file. The decrypted data
+is written to the output file.
 
-=item B<-nosigs>
+=item B<-sign>
 
-Don't verify message signature.
+Sign data using the supplied certificate and private key. Input file is
+the message to be signed. The signed data in MIME format is written
+to the output file.
 
-=item B<-cmsout>
+=item B<-verify>
 
-Takes an input message and writes out a PEM encoded CMS structure.
+Verify signed data. Expects a signed data on input and outputs
+the signed data. Both clear text and opaque signing is supported.
 
 =item B<-resign>
 
 Resign a message: take an existing message and one or more new signers.
 
-=item B<-cades>
-
-When used with B<-sign>,
-add an ESS signingCertificate or ESS signingCertificateV2 signed-attribute
-to the SignerInfo, in order to make the signature comply with the requirements
-for a CAdES Basic Electronic Signature (CAdES-BES).
-When used with B<-verify>, require and check signer certificate digest.
-See the NOTES section for more details.
-
-=item B<-data_create>
+=item B<-sign_receipt>
 
-Create a CMS B<Data> type.
+Generate and output a signed receipt for the supplied message. The input
+message B<must> contain a signed receipt request. Functionality is otherwise
+similar to the B<-sign> operation.
 
-=item B<-data_out>
+=item B<-verify_receipt> I<receipt>
 
-B<Data> type and output the content.
+Verify a signed receipt in filename B<receipt>. The input message B<must>
+contain the original receipt request. Functionality is otherwise similar
+to the B<-verify> operation.
 
 =item B<-digest_create>
 
@@ -197,37 +226,33 @@ Uncompress a CMS B<CompressedData> type and output the content. OpenSSL must be
 compiled with B<zlib> support for this option to work, otherwise it will
 output an error.
 
-=item B<-EncryptedData_decrypt>
+=item B<-EncryptedData_encrypt>
 
-Decrypt content using supplied symmetric key and algorithm using a CMS
+Encrypt content using supplied symmetric key and algorithm using a CMS
 B<EncryptedData> type and output the content.
 
-=item B<-EncryptedData_encrypt>
+=item B<-EncryptedData_decrypt>
 
-Encrypt content using supplied symmetric key and algorithm using a CMS
+Decrypt content using supplied symmetric key and algorithm using a CMS
 B<EncryptedData> type and output the content.
 
-=item B<-sign_receipt>
+=item B<-data_create>
 
-Generate and output a signed receipt for the supplied message. The input
-message B<must> contain a signed receipt request. Functionality is otherwise
-similar to the B<-sign> operation.
+Create a CMS B<Data> type.
 
-=item B<-verify_receipt> I<receipt>
+=item B<-data_out>
 
-Verify a signed receipt in filename B<receipt>. The input message B<must>
-contain the original receipt request. Functionality is otherwise similar
-to the B<-verify> operation.
+B<Data> type and output the content.
 
-=item B<-in> I<filename>
+=item B<-cmsout>
 
-The input message to be encrypted or signed or the message to be decrypted
-or verified.
+Takes an input message and writes out a PEM encoded CMS structure.
 
-=item B<-out> I<filename>
+=back
 
-The message text that has been decrypted or verified or the output MIME
-format message that has been signed or verified.
+=head2 File format options
+
+=over 4
 
 =item B<-inform> B<DER>|B<PEM>|B<SMIME>
 
@@ -241,11 +266,6 @@ The output format of the CMS structure (if one is being written);
 the default is B<SMIME>.
 See L<openssl-format-options(1)> for details.
 
-=item B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>
-
-The format of the private key file; unspecified by default.
-See L<openssl-format-options(1)> for details.
-
 =item B<-rctform> B<DER>|B<PEM>|B<SMIME>
 
 The signed receipt format for use with the B<-receipt_verify>; the default
@@ -267,42 +287,111 @@ Disable streaming I/O where it would produce and indefinite length constructed
 encoding. This option currently has no effect. In future streaming will be
 enabled by default on all relevant operations and this option will disable it.
 
-=item B<-content> I<filename>
+=item B<-binary>
 
-This specifies a file containing the detached content, this is only
-useful with the B<-verify> command. This is only usable if the CMS
-structure is using the detached signature form where the content is
-not included. This option will override any content if the input format
-is S/MIME and it uses the multipart/signed MIME content type.
+Normally the input message is converted to "canonical" format which is
+effectively using CR and LF as end of line: as required by the S/MIME
+specification. When this option is present no translation occurs. This
+is useful when handling binary data which may not be in MIME format.
 
-=item B<-text>
+=item B<-crlfeol>
 
-This option adds plain text (text/plain) MIME headers to the supplied
-message if encrypting or signing. If decrypting or verifying it strips
-off text headers: if the decrypted or verified message is not of MIME
-type text/plain then an error occurs.
+Normally the output file uses a single B<LF> as end of line. When this
+option is present B<CRLF> is used instead.
 
-=item B<-noout>
+=item B<-asciicrlf>
 
-For the B<-cmsout> operation do not output the parsed CMS structure. This
-is useful when combined with the B<-print> option or if the syntax of the CMS
-structure is being checked.
+When signing use ASCII CRLF format canonicalisation. This strips trailing
+whitespace from all lines, deletes trailing blank lines at EOF and sets
+the encapsulated content type. This option is normally used with detached
+content and an output signature format of DER. This option is not normally
+needed when verifying as it is enabled automatically if the encapsulated
+content format is detected.
 
-=item B<-print>
+=back
 
-For the B<-cmsout> operation print out all fields of the CMS structure. This
-is mainly useful for testing purposes.
+=head2 Keys and password options
 
-=item B<-nameopt> I<option>
+=over 4
 
-For the B<-cmsout> operation when B<-print> option is in use, specifies
-printing options for string fields. For most cases B<utf8> is reasonable value.
-See L<openssl-namedisplay-options(1)> for details.
+=item B<-pwri_password> I<password>
 
-=item B<-md> I<digest>
+Specify password for recipient.
 
-Digest algorithm to use when signing or resigning. If not present then the
-default digest algorithm for the signing key will be used (usually SHA1).
+=item B<-secretkey> I<key>
+
+Specify symmetric key to use. The key must be supplied in hex format and be
+consistent with the algorithm used. Supported by the B<-EncryptedData_encrypt>
+B<-EncryptedData_decrypt>, B<-encrypt> and B<-decrypt> options. When used
+with B<-encrypt> or B<-decrypt> the supplied key is used to wrap or unwrap the
+content encryption key using an AES key in the B<KEKRecipientInfo> type.
+
+=item B<-secretkeyid> I<id>
+
+The key identifier for the supplied symmetric key for B<KEKRecipientInfo> type.
+This option B<must> be present if the B<-secretkey> option is used with
+B<-encrypt>. With B<-decrypt> operations the I<id> is used to locate the
+relevant key if it is not supplied then an attempt is used to decrypt any
+B<KEKRecipientInfo> structures.
+
+=item B<-inkey> I<filename>|I<uri>
+
+The private key to use when signing or decrypting. This must match the
+corresponding certificate. If this option is not specified then the
+private key must be included in the certificate file specified with
+the B<-recip> or B<-signer> file. When signing this option can be used
+multiple times to specify successive keys.
+
+=item B<-passin> I<arg>
+
+The private key password source. For more information about the format of B<arg>
+see L<openssl-passphrase-options(1)>.
+
+=item B<-keyopt> I<name>:I<parameter>
+
+For signing and encryption this option can be used multiple times to
+set customised parameters for the preceding key or certificate. It can
+currently be used to set RSA-PSS for signing, RSA-OAEP for encryption
+or to modify default parameters for ECDH.
+
+=item B<-keyform> B<DER>|B<PEM>|B<P12>|B<ENGINE>
+
+The format of the private key file; unspecified by default.
+See L<openssl-format-options(1)> for details.
+
+{- $OpenSSL::safe::opt_engine_item -}
+
+{- $OpenSSL::safe::opt_provider_item -}
+
+{- $OpenSSL::safe::opt_r_item -}
+
+=back
+
+=head2 Encryption and decryption options
+
+=over 4
+
+=item B<-originator> I<file>
+
+A certificate of the originator of the encrypted message. Necessary for
+decryption when Key Agreement is in use for a shared key.
+
+=item B<-recip> I<file>
+
+When decrypting a message this specifies the certificate of the recipient.
+The certificate must match one of the recipients of the message.
+
+When encrypting a message this option may be used multiple times to specify
+each recipient. This form B<must> be used if customised parameters are
+required (for example to specify RSA-OAEP).
+
+Only certificates carrying RSA, Diffie-Hellman or EC keys are supported by this
+option.
+
+=item I<recipient-cert> ...
+
+This is an alternative to using the B<-recip> option when encrypting a message.
+One or more certificate filennames may be given.
 
 =item B<-I<cipher>>
 
@@ -327,17 +416,49 @@ wrap.
 =item B<-aes128-wrap>, B<-aes192-wrap>, B<-aes256-wrap>, B<-des3-wrap>
 
 Use AES128, AES192, AES256, or 3DES-EDE, respectively, to wrap key.
+Depending on the OpenSSL build options used, B<-des3-wrap> may not be supported.
 
-=item B<-nointern>
+=item B<-debug_decrypt>
 
-When verifying a message normally certificates (if any) included in
-the message are searched for the signing certificate. With this option
-only the certificates specified in the B<-certfile> option are used.
-The supplied certificates can still be used as untrusted CAs however.
+This option sets the B<CMS_DEBUG_DECRYPT> flag. This option should be used
+with caution: see the notes section below.
 
-=item B<-noverify>
+=back
 
-Do not verify the signers certificate of a signed message.
+=head2 Signing options
+
+=over 4
+
+=item B<-md> I<digest>
+
+Digest algorithm to use when signing or resigning. If not present then the
+default digest algorithm for the signing key will be used (usually SHA1).
+
+=item B<-signer> I<file>
+
+A signing certificate.  When signing or resigning a message, this option can be
+used multiple times if more than one signer is required.
+
+=item B<-certfile> I<file>
+
+Allows additional certificates to be specified. When signing these will
+be included with the message. When verifying these will be searched for
+the signers certificates.
+The input can be in PEM, DER, or PKCS#12 format.
+
+=item B<-cades>
+
+When used with B<-sign>,
+add an ESS signingCertificate or ESS signingCertificateV2 signed-attribute
+to the SignerInfo, in order to make the signature comply with the requirements
+for a CAdES Basic Electronic Signature (CAdES-BES).
+
+=item B<-nodetach>
+
+When signing a message use opaque signing: this form is more resistant
+to translation by mail relays but it cannot be read by mail agents that
+do not support S/MIME.  Without this option cleartext signing with
+the MIME type multipart/signed is used.
 
 =item B<-nocerts>
 
@@ -357,116 +478,86 @@ option they are not included.
 Exclude the list of supported algorithms from signed attributes, other options
 such as signing time and content type are still included.
 
-=item B<-binary>
-
-Normally the input message is converted to "canonical" format which is
-effectively using CR and LF as end of line: as required by the S/MIME
-specification. When this option is present no translation occurs. This
-is useful when handling binary data which may not be in MIME format.
-
-=item B<-crlfeol>
-
-Normally the output file uses a single B<LF> as end of line. When this
-option is present B<CRLF> is used instead.
+=item B<-receipt_request_all>, B<-receipt_request_first>
 
-=item B<-asciicrlf>
+For B<-sign> option include a signed receipt request. Indicate requests should
+be provided by all recipient or first tier recipients (those mailed directly
+and not from a mailing list). Ignored it B<-receipt_request_from> is included.
 
-When signing use ASCII CRLF format canonicalisation. This strips trailing
-whitespace from all lines, deletes trailing blank lines at EOF and sets
-the encapsulated content type. This option is normally used with detached
-content and an output signature format of DER. This option is not normally
-needed when verifying as it is enabled automatically if the encapsulated
-content format is detected.
+=item B<-receipt_request_from> I<emailaddress>
 
-=item B<-nodetach>
+For B<-sign> option include a signed receipt request. Add an explicit email
+address where receipts should be supplied.
 
-When signing a message use opaque signing: this form is more resistant
-to translation by mail relays but it cannot be read by mail agents that
-do not support S/MIME.  Without this option cleartext signing with
-the MIME type multipart/signed is used.
+=item B<-receipt_request_to> I<emailaddress>
 
-=item B<-certfile> I<file>
+Add an explicit email address where signed receipts should be sent to. This
+option B<must> but supplied if a signed receipt is requested.
 
-Allows additional certificates to be specified. When signing these will
-be included with the message. When verifying these will be searched for
-the signers certificates.
-The input can be in PEM, DER, or PKCS#12 format.
+=back
 
-=item B<-certsout> I<file>
+=head2 Verification options
 
-Any certificates contained in the message are written to I<file>.
+=over 4
 
 =item B<-signer> I<file>
 
-A signing certificate when signing or resigning a message, this option can be
-used multiple times if more than one signer is required. If a message is being
-verified then the signers certificates will be written to this file if the
-verification was successful.
+If a message has been verified successfully then the signers certificate(s)
+will be written to this file if the verification was successful.
 
-=item B<-originator> I<file>
+=item B<-content> I<filename>
 
-A certificate of the originator of the encrypted message. Necessary for
-decryption when Key Agreement is in use for a shared key.
+This specifies a file containing the detached content, this is only
+useful with the B<-verify> command. This is only usable if the CMS
+structure is using the detached signature form where the content is
+not included. This option will override any content if the input format
+is S/MIME and it uses the multipart/signed MIME content type.
 
-=item B<-recip> I<file>
+=item B<-no_content_verify>
 
-When decrypting a message this specifies the recipients certificate. The
-certificate must match one of the recipients of the message or an error
-occurs.
+Do not verify signed content signatures.
 
-When encrypting a message this option may be used multiple times to specify
-each recipient. This form B<must> be used if customised parameters are
-required (for example to specify RSA-OAEP).
+=item B<-no_attr_verify>
 
-Only certificates carrying RSA, Diffie-Hellman or EC keys are supported by this
-option.
+Do not verify signed attribute signatures.
 
-=item B<-keyid>
+=item B<-nosigs>
 
-Use subject key identifier to identify certificates instead of issuer name and
-serial number. The supplied certificate B<must> include a subject key
-identifier extension. Supported by B<-sign> and B<-encrypt> options.
+Don't verify message signature.
 
-=item B<-receipt_request_all>, B<-receipt_request_first>
+=item B<-noverify>
 
-For B<-sign> option include a signed receipt request. Indicate requests should
-be provided by all recipient or first tier recipients (those mailed directly
-and not from a mailing list). Ignored it B<-receipt_request_from> is included.
+Do not verify the signers certificate of a signed message.
 
-=item B<-receipt_request_from> I<emailaddress>
+=item B<-nointern>
 
-For B<-sign> option include a signed receipt request. Add an explicit email
-address where receipts should be supplied.
+When verifying a message normally certificates (if any) included in
+the message are searched for the signing certificate. With this option
+only the certificates specified in the B<-certfile> option are used.
+The supplied certificates can still be used as untrusted CAs however.
 
-=item B<-receipt_request_to> I<emailaddress>
+=item B<-cades>
 
-Add an explicit email address where signed receipts should be sent to. This
-option B<must> but supplied if a signed receipt it requested.
+When used with B<-verify>, require and check signer certificate digest.
+See the NOTES section for more details.
 
-=item B<-receipt_request_print>
+=item B<-verify_retcode>
 
-For the B<-verify> operation print out the contents of any signed receipt
-requests.
+Exit nonzero on verification failure.
 
-=item B<-pwri_password> I<password>
+{- $OpenSSL::safe::opt_trust_item -}
 
-Specify password for recipient.
+=back
 
-=item B<-secretkey> I<key>
+=head2 Output options
 
-Specify symmetric key to use. The key must be supplied in hex format and be
-consistent with the algorithm used. Supported by the B<-EncryptedData_encrypt>
-B<-EncryptedData_decrypt>, B<-encrypt> and B<-decrypt> options. When used
-with B<-encrypt> or B<-decrypt> the supplied key is used to wrap or unwrap the
-content encryption key using an AES key in the B<KEKRecipientInfo> type.
+=over 4
 
-=item B<-secretkeyid> I<id>
+=item B<-keyid>
 
-The key identifier for the supplied symmetric key for B<KEKRecipientInfo> type.
-This option B<must> be present if the B<-secretkey> option is used with
-B<-encrypt>. With B<-decrypt> operations the I<id> is used to locate the
-relevant key if it is not supplied then an attempt is used to decrypt any
-B<KEKRecipientInfo> structures.
+Use subject key identifier to identify certificates instead of issuer name and
+serial number. The supplied certificate B<must> include a subject key
+identifier extension. Supported by B<-sign> and B<-encrypt> options.
 
 =item B<-econtent_type> I<type>
 
@@ -474,51 +565,61 @@ Set the encapsulated content type to I<type> if not supplied the B<Data> type
 is used. The I<type> argument can be any valid OID name in either text or
 numerical format.
 
-=item B<-inkey> I<filename>|I<uri>
-
-The private key to use when signing or decrypting. This must match the
-corresponding certificate. If this option is not specified then the
-private key must be included in the certificate file specified with
-the B<-recip> or B<-signer> file. When signing this option can be used
-multiple times to specify successive keys.
+=item B<-text>
 
-=item B<-keyopt> I<name>:I<parameter>
+This option adds plain text (text/plain) MIME headers to the supplied
+message if encrypting or signing. If decrypting or verifying it strips
+off text headers: if the decrypted or verified message is not of MIME
+type text/plain then an error occurs.
 
-For signing and encryption this option can be used multiple times to
-set customised parameters for the preceding key or certificate. It can
-currently be used to set RSA-PSS for signing, RSA-OAEP for encryption
-or to modify default parameters for ECDH.
+=item B<-certsout> I<file>
 
-=item B<-passin> I<arg>
-
-The private key password source. For more information about the format of B<arg>
-see L<openssl-passphrase-options(1)>.
+Any certificates contained in the input message are written to I<file>.
 
 =item B<-to>, B<-from>, B<-subject>
 
-The relevant mail headers. These are included outside the signed
+The relevant email headers. These are included outside the signed
 portion of a message so they may be included manually. If signing
 then many S/MIME mail clients check the signers certificate's email
 address matches that specified in the From: address.
 
-{- $OpenSSL::safe::opt_v_item -}
+=back
 
-Any verification errors cause the command to exit.
+=head2 Printing options
 
-{- $OpenSSL::safe::opt_trust_item -}
+=over 4
 
-{- $OpenSSL::safe::opt_r_item -}
+=item B<-noout>
 
-{- $OpenSSL::safe::opt_engine_item -}
+For the B<-cmsout> operation do not output the parsed CMS structure.
+This is useful if the syntax of the CMS structure is being checked.
 
-{- $OpenSSL::safe::opt_provider_item -}
+=item B<-print>
 
-{- $OpenSSL::safe::opt_config_item -}
+For the B<-cmsout> operation print out all fields of the CMS structure.
+This implies B<-noout>.
+This is mainly useful for testing purposes.
 
-=item I<recipient-cert> ...
+=item B<-nameopt> I<option>
+
+For the B<-cmsout> operation when B<-print> option is in use, specifies
+printing options for string fields. For most cases B<utf8> is reasonable value.
+See L<openssl-namedisplay-options(1)> for details.
+
+=item B<-receipt_request_print>
+
+For the B<-verify> operation print out the contents of any signed receipt
+requests.
+
+=back
+
+=head2 Validation options
+
+=over 4
 
-One or more certificates of message recipients: used when encrypting
-a message.
+{- $OpenSSL::safe::opt_v_item -}
+
+Any validation errors cause the command to exit.
 
 =back
 
@@ -710,7 +811,7 @@ Sign and encrypt mail:
 Note: the encryption command does not include the B<-text> option because the
 message being encrypted already has MIME headers.
 
-Decrypt mail:
+Decrypt a message:
 
  openssl cms -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
 
@@ -738,12 +839,12 @@ Add a signer to an existing message:
 
  openssl cms -resign -in mail.msg -signer newsign.pem -out mail2.msg
 
-Sign mail using RSA-PSS:
+Sign a message using RSA-PSS:
 
  openssl cms -sign -in message.txt -text -out mail.msg \
         -signer mycert.pem -keyopt rsa_padding_mode:pss
 
-Create encrypted mail using RSA-OAEP:
+Create an encrypted message using RSA-OAEP:
 
  openssl cms -encrypt -in plain.txt -out mail.msg \
         -recip cert.pem -keyopt rsa_padding_mode:oaep
@@ -753,6 +854,10 @@ Use SHA256 KDF with an ECDH certificate:
  openssl cms -encrypt -in plain.txt -out mail.msg \
         -recip ecdhcert.pem -keyopt ecdh_kdf_md:sha256
 
+Print CMS signed binary data in human-readable form:
+
+openssl cms -in signed.cms -binary -inform DER -cmsout -print
+
 =head1 BUGS
 
 The MIME parser isn't very clever: it seems to handle most messages that I've