shorten genrsa; ok jsing

author: jmc <> 2016-08-16 06:40:24 +0000
committer: jmc <> 2016-08-16 06:40:24 +0000
commit: 7c97cc2f5166301f886700ed4655631084c879aa (patch)
tree: b39e4b553df9e767d02d779b50c31f604357f257 /src
parent: 611f35319e7f723fa0f7aad315fdd0fd470f2235 (diff)
download: openbsd-7c97cc2f5166301f886700ed4655631084c879aa.tar.gz
openbsd-7c97cc2f5166301f886700ed4655631084c879aa.tar.bz2
openbsd-7c97cc2f5166301f886700ed4655631084c879aa.zip
1 files changed, 18 insertions, 42 deletions
diff --git a/src/usr.bin/openssl/openssl.1 b/src/usr.bin/openssl/openssl.1
index 48ec408ac5..4d3890b647 100644
--- a/src/usr.bin/openssl/openssl.1
+++ b/src/usr.bin/openssl/openssl.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: openssl.1,v 1.52 2016/08/14 09:02:52 jmc Exp $
+.\" $OpenBSD: openssl.1,v 1.53 2016/08/16 06:40:24 jmc Exp $
 .\" ====================================================================
 .\" Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
 .\"
@@ -112,7 +112,7 @@
 .\"
 .\" OPENSSL
 .\"
-.Dd $Mdocdate: August 14 2016 $
+.Dd $Mdocdate: August 16 2016 $
 .Dt OPENSSL 1
 .Os
 .Sh NAME
@@ -1993,38 +1993,37 @@ The EC curve to use.
 Print an unencrypted text representation of private and public keys and
 parameters along with the DER or PEM structure.
 .El
-.\"
-.\" GENRSA
-.\"
 .Sh GENRSA
 .nr nS 1
 .Nm "openssl genrsa"
-.Bk -words
 .Op Fl 3 | f4
-.Oo
+.Op Fl aes128 | aes192 | aes256 | des | des3
-.Fl aes128 | aes192 | aes256 |
-.Fl des | des3
-.Oc
 .Op Fl out Ar file
 .Op Fl passout Ar arg
 .Op Ar numbits
-.Ek
 .nr nS 0
 .Pp
 The
 .Nm genrsa
-command generates an RSA private key.
+command generates an RSA private key,
+which essentially involves the generation of two prime numbers.
+When generating the key,
+various symbols will be output to indicate the progress of the generation.
+A
+.Sq \&.
+represents each number which has passed an initial sieve test;
+.Sq +
+means a number has passed a single round of the Miller-Rabin primality test.
+A newline means that the number has passed all the prime tests
+(the actual number depends on the key size).
 .Pp
 The options are as follows:
 .Bl -tag -width Ds
 .It Fl 3 | f4
 The public exponent to use, either 3 or 65537.
 The default is 65537.
-.It Xo
+.It Fl aes128 | aes192 | aes256 | des | des3
-.Fl aes128 | aes192 | aes256 |
+Encrypt the private key with the AES, DES,
-.Fl des | des3
-.Xc
-These options encrypt the private key with the AES, DES,
 or the triple DES ciphers, respectively, before outputting it.
 If none of these options are specified, no encryption is used.
 If encryption is used, a pass phrase is prompted for,
@@ -2032,9 +2031,8 @@ if it is not supplied via the
 .Fl passout
 option.
 .It Fl out Ar file
-The output
+The output file to write to,
-.Ar file .
+or standard output if none is specified.
-If this argument is not specified, standard output is used.
 .It Fl passout Ar arg
 The output file password source.
 .It Ar numbits
@@ -2042,28 +2040,6 @@ The size of the private key to generate in bits.
 This must be the last option specified.
 The default is 2048.
 .El
-.Sh GENRSA NOTES
-RSA private key generation essentially involves the generation of two prime
-numbers.
-When generating a private key, various symbols will be output to
-indicate the progress of the generation.
-A
-.Sq \&.
-represents each number which has passed an initial sieve test;
-.Sq +
-means a number has passed a single round of the Miller-Rabin primality test.
-A newline means that the number has passed all the prime tests
-.Pq the actual number depends on the key size .
-.Pp
-Because key generation is a random process,
-the time taken to generate a key may vary somewhat.
-.Sh GENRSA BUGS
-A quirk of the prime generation algorithm is that it cannot generate small
-primes.
-Therefore the number of bits should not be less that 64.
-For typical private keys this will not matter because for security reasons
-they will be much larger
-.Pq typically 2048 bits .
 .\"
 .\" NSEQ
 .\"
author	jmc <>	2016-08-16 06:40:24 +0000
committer	jmc <>	2016-08-16 06:40:24 +0000
commit	7c97cc2f5166301f886700ed4655631084c879aa (patch)
tree	b39e4b553df9e767d02d779b50c31f604357f257 /src
parent	611f35319e7f723fa0f7aad315fdd0fd470f2235 (diff)
download	openbsd-7c97cc2f5166301f886700ed4655631084c879aa.tar.gz openbsd-7c97cc2f5166301f886700ed4655631084c879aa.tar.bz2 openbsd-7c97cc2f5166301f886700ed4655631084c879aa.zip

diff --git a/src/usr.bin/openssl/openssl.1 b/src/usr.bin/openssl/openssl.1 index 48ec408ac5..4d3890b647 100644 --- a/src/usr.bin/openssl/openssl.1 +++ b/src/usr.bin/openssl/openssl.1
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: openssl.1,v 1.52 2016/08/14 09:02:52 jmc Exp $	1	.\" $OpenBSD: openssl.1,v 1.53 2016/08/16 06:40:24 jmc Exp $
2	.\" ====================================================================	2	.\" ====================================================================
3	.\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.	3	.\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
4	.\"	4	.\"
@@ -112,7 +112,7 @@
112	.\"	112	.\"
113	.\" OPENSSL	113	.\" OPENSSL
114	.\"	114	.\"
115	.Dd $Mdocdate: August 14 2016 $	115	.Dd $Mdocdate: August 16 2016 $
116	.Dt OPENSSL 1	116	.Dt OPENSSL 1
117	.Os	117	.Os
118	.Sh NAME	118	.Sh NAME
@@ -1993,38 +1993,37 @@ The EC curve to use.
1993	Print an unencrypted text representation of private and public keys and	1993	Print an unencrypted text representation of private and public keys and
1994	parameters along with the DER or PEM structure.	1994	parameters along with the DER or PEM structure.
1995	.El	1995	.El
1996	.\"
1997	.\" GENRSA
1998	.\"
1999	.Sh GENRSA	1996	.Sh GENRSA
2000	.nr nS 1	1997	.nr nS 1
2001	.Nm "openssl genrsa"	1998	.Nm "openssl genrsa"
2002	.Bk -words
2003	.Op Fl 3 \| f4	1999	.Op Fl 3 \| f4
2004	.Oo	2000	.Op Fl aes128 \| aes192 \| aes256 \| des \| des3
2005	.Fl aes128 \| aes192 \| aes256 \|
2006	.Fl des \| des3
2007	.Oc
2008	.Op Fl out Ar file	2001	.Op Fl out Ar file
2009	.Op Fl passout Ar arg	2002	.Op Fl passout Ar arg
2010	.Op Ar numbits	2003	.Op Ar numbits
2011	.Ek
2012	.nr nS 0	2004	.nr nS 0
2013	.Pp	2005	.Pp
2014	The	2006	The
2015	.Nm genrsa	2007	.Nm genrsa
2016	command generates an RSA private key.	2008	command generates an RSA private key,
		2009	which essentially involves the generation of two prime numbers.
		2010	When generating the key,
		2011	various symbols will be output to indicate the progress of the generation.
		2012	A
		2013	.Sq \&.
		2014	represents each number which has passed an initial sieve test;
		2015	.Sq +
		2016	means a number has passed a single round of the Miller-Rabin primality test.
		2017	A newline means that the number has passed all the prime tests
		2018	(the actual number depends on the key size).
2017	.Pp	2019	.Pp
2018	The options are as follows:	2020	The options are as follows:
2019	.Bl -tag -width Ds	2021	.Bl -tag -width Ds
2020	.It Fl 3 \| f4	2022	.It Fl 3 \| f4
2021	The public exponent to use, either 3 or 65537.	2023	The public exponent to use, either 3 or 65537.
2022	The default is 65537.	2024	The default is 65537.
2023	.It Xo	2025	.It Fl aes128 \| aes192 \| aes256 \| des \| des3
2024	.Fl aes128 \| aes192 \| aes256 \|	2026	Encrypt the private key with the AES, DES,
2025	.Fl des \| des3
2026	.Xc
2027	These options encrypt the private key with the AES, DES,
2028	or the triple DES ciphers, respectively, before outputting it.	2027	or the triple DES ciphers, respectively, before outputting it.
2029	If none of these options are specified, no encryption is used.	2028	If none of these options are specified, no encryption is used.
2030	If encryption is used, a pass phrase is prompted for,	2029	If encryption is used, a pass phrase is prompted for,
@@ -2032,9 +2031,8 @@ if it is not supplied via the
2032	.Fl passout	2031	.Fl passout
2033	option.	2032	option.
2034	.It Fl out Ar file	2033	.It Fl out Ar file
2035	The output	2034	The output file to write to,
2036	.Ar file .	2035	or standard output if none is specified.
2037	If this argument is not specified, standard output is used.
2038	.It Fl passout Ar arg	2036	.It Fl passout Ar arg
2039	The output file password source.	2037	The output file password source.
2040	.It Ar numbits	2038	.It Ar numbits
@@ -2042,28 +2040,6 @@ The size of the private key to generate in bits.
2042	This must be the last option specified.	2040	This must be the last option specified.
2043	The default is 2048.	2041	The default is 2048.
2044	.El	2042	.El
2045	.Sh GENRSA NOTES
2046	RSA private key generation essentially involves the generation of two prime
2047	numbers.
2048	When generating a private key, various symbols will be output to
2049	indicate the progress of the generation.
2050	A
2051	.Sq \&.
2052	represents each number which has passed an initial sieve test;
2053	.Sq +
2054	means a number has passed a single round of the Miller-Rabin primality test.
2055	A newline means that the number has passed all the prime tests
2056	.Pq the actual number depends on the key size .
2057	.Pp
2058	Because key generation is a random process,
2059	the time taken to generate a key may vary somewhat.
2060	.Sh GENRSA BUGS
2061	A quirk of the prime generation algorithm is that it cannot generate small
2062	primes.
2063	Therefore the number of bits should not be less that 64.
2064	For typical private keys this will not matter because for security reasons
2065	they will be much larger
2066	.Pq typically 2048 bits .
2067	.\"	2043	.\"
2068	.\" NSEQ	2044	.\" NSEQ
2069	.\"	2045	.\"