diff options
| author | jmc <> | 2016-08-16 06:40:24 +0000 | 
|---|---|---|
| committer | jmc <> | 2016-08-16 06:40:24 +0000 | 
| commit | ba4f1602402ad8059a40e7df1eace5ddbc08d286 (patch) | |
| tree | b39e4b553df9e767d02d779b50c31f604357f257 | |
| parent | 2bd14b8b686c9cda6b430a3ab19f25722b3bfaa8 (diff) | |
| download | openbsd-ba4f1602402ad8059a40e7df1eace5ddbc08d286.tar.gz openbsd-ba4f1602402ad8059a40e7df1eace5ddbc08d286.tar.bz2 openbsd-ba4f1602402ad8059a40e7df1eace5ddbc08d286.zip | |
shorten genrsa; ok jsing
| -rw-r--r-- | src/usr.bin/openssl/openssl.1 | 60 | 
1 files changed, 18 insertions, 42 deletions
| diff --git a/src/usr.bin/openssl/openssl.1 b/src/usr.bin/openssl/openssl.1 index 48ec408ac5..4d3890b647 100644 --- a/src/usr.bin/openssl/openssl.1 +++ b/src/usr.bin/openssl/openssl.1 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: openssl.1,v 1.52 2016/08/14 09:02:52 jmc Exp $ | 1 | .\" $OpenBSD: openssl.1,v 1.53 2016/08/16 06:40:24 jmc Exp $ | 
| 2 | .\" ==================================================================== | 2 | .\" ==================================================================== | 
| 3 | .\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. | 3 | .\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. | 
| 4 | .\" | 4 | .\" | 
| @@ -112,7 +112,7 @@ | |||
| 112 | .\" | 112 | .\" | 
| 113 | .\" OPENSSL | 113 | .\" OPENSSL | 
| 114 | .\" | 114 | .\" | 
| 115 | .Dd $Mdocdate: August 14 2016 $ | 115 | .Dd $Mdocdate: August 16 2016 $ | 
| 116 | .Dt OPENSSL 1 | 116 | .Dt OPENSSL 1 | 
| 117 | .Os | 117 | .Os | 
| 118 | .Sh NAME | 118 | .Sh NAME | 
| @@ -1993,38 +1993,37 @@ The EC curve to use. | |||
| 1993 | Print an unencrypted text representation of private and public keys and | 1993 | Print an unencrypted text representation of private and public keys and | 
| 1994 | parameters along with the DER or PEM structure. | 1994 | parameters along with the DER or PEM structure. | 
| 1995 | .El | 1995 | .El | 
| 1996 | .\" | ||
| 1997 | .\" GENRSA | ||
| 1998 | .\" | ||
| 1999 | .Sh GENRSA | 1996 | .Sh GENRSA | 
| 2000 | .nr nS 1 | 1997 | .nr nS 1 | 
| 2001 | .Nm "openssl genrsa" | 1998 | .Nm "openssl genrsa" | 
| 2002 | .Bk -words | ||
| 2003 | .Op Fl 3 | f4 | 1999 | .Op Fl 3 | f4 | 
| 2004 | .Oo | 2000 | .Op Fl aes128 | aes192 | aes256 | des | des3 | 
| 2005 | .Fl aes128 | aes192 | aes256 | | ||
| 2006 | .Fl des | des3 | ||
| 2007 | .Oc | ||
| 2008 | .Op Fl out Ar file | 2001 | .Op Fl out Ar file | 
| 2009 | .Op Fl passout Ar arg | 2002 | .Op Fl passout Ar arg | 
| 2010 | .Op Ar numbits | 2003 | .Op Ar numbits | 
| 2011 | .Ek | ||
| 2012 | .nr nS 0 | 2004 | .nr nS 0 | 
| 2013 | .Pp | 2005 | .Pp | 
| 2014 | The | 2006 | The | 
| 2015 | .Nm genrsa | 2007 | .Nm genrsa | 
| 2016 | command generates an RSA private key. | 2008 | command generates an RSA private key, | 
| 2009 | which essentially involves the generation of two prime numbers. | ||
| 2010 | When generating the key, | ||
| 2011 | various symbols will be output to indicate the progress of the generation. | ||
| 2012 | A | ||
| 2013 | .Sq \&. | ||
| 2014 | represents each number which has passed an initial sieve test; | ||
| 2015 | .Sq + | ||
| 2016 | means a number has passed a single round of the Miller-Rabin primality test. | ||
| 2017 | A newline means that the number has passed all the prime tests | ||
| 2018 | (the actual number depends on the key size). | ||
| 2017 | .Pp | 2019 | .Pp | 
| 2018 | The options are as follows: | 2020 | The options are as follows: | 
| 2019 | .Bl -tag -width Ds | 2021 | .Bl -tag -width Ds | 
| 2020 | .It Fl 3 | f4 | 2022 | .It Fl 3 | f4 | 
| 2021 | The public exponent to use, either 3 or 65537. | 2023 | The public exponent to use, either 3 or 65537. | 
| 2022 | The default is 65537. | 2024 | The default is 65537. | 
| 2023 | .It Xo | 2025 | .It Fl aes128 | aes192 | aes256 | des | des3 | 
| 2024 | .Fl aes128 | aes192 | aes256 | | 2026 | Encrypt the private key with the AES, DES, | 
| 2025 | .Fl des | des3 | ||
| 2026 | .Xc | ||
| 2027 | These options encrypt the private key with the AES, DES, | ||
| 2028 | or the triple DES ciphers, respectively, before outputting it. | 2027 | or the triple DES ciphers, respectively, before outputting it. | 
| 2029 | If none of these options are specified, no encryption is used. | 2028 | If none of these options are specified, no encryption is used. | 
| 2030 | If encryption is used, a pass phrase is prompted for, | 2029 | If encryption is used, a pass phrase is prompted for, | 
| @@ -2032,9 +2031,8 @@ if it is not supplied via the | |||
| 2032 | .Fl passout | 2031 | .Fl passout | 
| 2033 | option. | 2032 | option. | 
| 2034 | .It Fl out Ar file | 2033 | .It Fl out Ar file | 
| 2035 | The output | 2034 | The output file to write to, | 
| 2036 | .Ar file . | 2035 | or standard output if none is specified. | 
| 2037 | If this argument is not specified, standard output is used. | ||
| 2038 | .It Fl passout Ar arg | 2036 | .It Fl passout Ar arg | 
| 2039 | The output file password source. | 2037 | The output file password source. | 
| 2040 | .It Ar numbits | 2038 | .It Ar numbits | 
| @@ -2042,28 +2040,6 @@ The size of the private key to generate in bits. | |||
| 2042 | This must be the last option specified. | 2040 | This must be the last option specified. | 
| 2043 | The default is 2048. | 2041 | The default is 2048. | 
| 2044 | .El | 2042 | .El | 
| 2045 | .Sh GENRSA NOTES | ||
| 2046 | RSA private key generation essentially involves the generation of two prime | ||
| 2047 | numbers. | ||
| 2048 | When generating a private key, various symbols will be output to | ||
| 2049 | indicate the progress of the generation. | ||
| 2050 | A | ||
| 2051 | .Sq \&. | ||
| 2052 | represents each number which has passed an initial sieve test; | ||
| 2053 | .Sq + | ||
| 2054 | means a number has passed a single round of the Miller-Rabin primality test. | ||
| 2055 | A newline means that the number has passed all the prime tests | ||
| 2056 | .Pq the actual number depends on the key size . | ||
| 2057 | .Pp | ||
| 2058 | Because key generation is a random process, | ||
| 2059 | the time taken to generate a key may vary somewhat. | ||
| 2060 | .Sh GENRSA BUGS | ||
| 2061 | A quirk of the prime generation algorithm is that it cannot generate small | ||
| 2062 | primes. | ||
| 2063 | Therefore the number of bits should not be less that 64. | ||
| 2064 | For typical private keys this will not matter because for security reasons | ||
| 2065 | they will be much larger | ||
| 2066 | .Pq typically 2048 bits . | ||
| 2067 | .\" | 2043 | .\" | 
| 2068 | .\" NSEQ | 2044 | .\" NSEQ | 
| 2069 | .\" | 2045 | .\" | 
