trim the dsaparam section; ok guenther

author: jmc <> 2016-08-08 18:13:51 +0000
committer: jmc <> 2016-08-08 18:13:51 +0000
commit: f3fe85e3ec23409ecae083e35a8314a50fb87c5d (patch)
tree: 65159ea416b7aa1996f21fdb5f1df853bf4a557b /src
parent: 6d9e31c685cdac8d6a067ddaed8712bed776ef5a (diff)
download: openbsd-f3fe85e3ec23409ecae083e35a8314a50fb87c5d.tar.gz
openbsd-f3fe85e3ec23409ecae083e35a8314a50fb87c5d.tar.bz2
openbsd-f3fe85e3ec23409ecae083e35a8314a50fb87c5d.zip
1 files changed, 36 insertions, 56 deletions
diff --git a/src/usr.bin/openssl/openssl.1 b/src/usr.bin/openssl/openssl.1
index cd0b057ac0..e30510ef7d 100644
--- a/src/usr.bin/openssl/openssl.1
+++ b/src/usr.bin/openssl/openssl.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: openssl.1,v 1.45 2016/08/05 08:12:12 jmc Exp $
+.\" $OpenBSD: openssl.1,v 1.46 2016/08/08 18:13:51 jmc Exp $
 .\" ====================================================================
 .\" Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
 .\"
@@ -112,7 +112,7 @@
 .\"
 .\" OPENSSL
 .\"
-.Dd $Mdocdate: August 5 2016 $
+.Dd $Mdocdate: August 8 2016 $
 .Dt OPENSSL 1
 .Os
 .Sh NAME
@@ -261,7 +261,7 @@ The input format.
 .It Fl length Ar number
 Number of bytes to parse; the default is until end of file.
 .It Fl noout
-Don't output the parsed version of the input file.
+Do not output the parsed version of the input file.
 .It Fl offset Ar number
 Starting offset to begin parsing; the default is start of file.
 .It Fl oid Ar file
@@ -1009,7 +1009,7 @@ Output the
 .Cm nextUpdate
 field.
 .It Fl noout
-Don't output the encoded version of the CRL.
+Do not output the encoded version of the CRL.
 .It Fl out Ar file
 The output file to write to, or standard output if not specified.
 .It Fl outform Cm der | pem
@@ -1239,7 +1239,7 @@ additional header and footer lines:
 -----END DH PARAMETERS-----
 .Ed
 .It Fl noout
-Inhibit the output of the encoded version of the parameters.
+Do not output the encoded version of the parameters.
 .It Fl out Ar file
 The output file to write to,
 or standard output if not specified.
@@ -1341,7 +1341,7 @@ In the case of a private key, PKCS#8 format is also accepted.
 .It Fl modulus
 Print the value of the public key component of the key.
 .It Fl noout
-Prevent output of the encoded version of the key.
+Do not output the encoded version of the key.
 .It Fl out Ar file
 The output file to write to,
 or standard output if not specified.
@@ -1363,90 +1363,70 @@ This option is automatically set if the input is a public key.
 .It Fl text
 Print out the public/private key components and parameters.
 .El
-.\"
-.\" DSAPARAM
-.\"
 .Sh DSAPARAM
 .nr nS 1
 .Nm "openssl dsaparam"
-.Bk -words
 .Op Fl C
 .Op Fl genkey
 .Op Fl in Ar file
-.Op Fl inform Ar DER | PEM
+.Op Fl inform Cm der | pem
 .Op Fl noout
 .Op Fl out Ar file
-.Op Fl outform Ar DER | PEM
+.Op Fl outform Cm der | pem
 .Op Fl text
 .Op Ar numbits
-.Ek
 .nr nS 0
 .Pp
 The
 .Nm dsaparam
 command is used to manipulate or generate DSA parameter files.
 .Pp
+PEM format DSA parameters use the header and footer lines:
+.Bd -unfilled -offset indent
+-----BEGIN DSA PARAMETERS-----
+-----END DSA PARAMETERS-----
+.Ed
+.Pp
 The options are as follows:
 .Bl -tag -width Ds
 .It Fl C
-This option converts the parameters into C code.
+Convert the parameters into C code.
 The parameters can then be loaded by calling the
-.Cm get_dsa Ns Ar XXX Ns Li ()
+.No get_dsa Ns Ar XXX
 function.
 .It Fl genkey
-This option will generate a DSA either using the specified or generated
+Generate a DSA key either using the specified or generated
 parameters.
 .It Fl in Ar file
-This specifies the input
+The input file to read from,
-.Ar file
+or standard input if not specified.
-to read parameters from, or standard input if this option is not specified.
 If the
 .Ar numbits
-parameter is included, then this option will be ignored.
+parameter is included, then this option is ignored.
-.It Fl inform Ar DER | PEM
+.It Fl inform Cm der | pem
-This specifies the input format.
+The input format.
-The
+.Cm der
-.Ar DER
+uses an ASN1 DER-encoded form compatible with RFC 2459
-argument uses an ASN1 DER-encoded form compatible with RFC 2459
 .Pq PKIX
 DSS-Parms that is a SEQUENCE consisting of p, q and g, respectively.
-The
+.Cm pem
-.Ar PEM
+is the default format:
-form is the default format:
 it consists of the DER format base64-encoded with additional header
 and footer lines.
 .It Fl noout
-This option inhibits the output of the encoded version of the parameters.
+Do not output the encoded version of the parameters.
-.It Ar numbits
-This option specifies that a parameter set should be generated of size
-.Ar numbits .
-If this option is included, the input file
-.Pq if any
-is ignored.
 .It Fl out Ar file
-This specifies the output
+The output file to write to,
-.Ar file
+or standard output if not specified.
-to write parameters to.
+.It Fl outform Cm der | pem
-Standard output is used if this option is not present.
+The output format.
-The output filename should
-.Em not
-be the same as the input filename.
-.It Fl outform Ar DER | PEM
-This specifies the output format; the options have the same meaning as the
-.Fl inform
-option.
 .It Fl text
-This option prints out the DSA parameters in human readable form.
+Print the DSA parameters in human readable form.
+.It Ar numbits
+Generate a parameter set of size
+.Ar numbits .
+If this option is included, the input file is ignored.
 .El
-.Sh DSAPARAM NOTES
-PEM format DSA parameters use the header and footer lines:
-.Bd -unfilled -offset indent
-----BEGIN DSA PARAMETERS-----
-----END DSA PARAMETERS-----
-.Ed
-.Pp
-DSA parameter generation is a slow process and as a result the same set of
-DSA parameters is often used to generate several distinct keys.
 .\"
 .\" EC
 .\"
author	jmc <>	2016-08-08 18:13:51 +0000
committer	jmc <>	2016-08-08 18:13:51 +0000
commit	f3fe85e3ec23409ecae083e35a8314a50fb87c5d (patch)
tree	65159ea416b7aa1996f21fdb5f1df853bf4a557b /src
parent	6d9e31c685cdac8d6a067ddaed8712bed776ef5a (diff)
download	openbsd-f3fe85e3ec23409ecae083e35a8314a50fb87c5d.tar.gz openbsd-f3fe85e3ec23409ecae083e35a8314a50fb87c5d.tar.bz2 openbsd-f3fe85e3ec23409ecae083e35a8314a50fb87c5d.zip

diff --git a/src/usr.bin/openssl/openssl.1 b/src/usr.bin/openssl/openssl.1 index cd0b057ac0..e30510ef7d 100644 --- a/src/usr.bin/openssl/openssl.1 +++ b/src/usr.bin/openssl/openssl.1
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: openssl.1,v 1.45 2016/08/05 08:12:12 jmc Exp $	1	.\" $OpenBSD: openssl.1,v 1.46 2016/08/08 18:13:51 jmc Exp $
2	.\" ====================================================================	2	.\" ====================================================================
3	.\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.	3	.\" Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
4	.\"	4	.\"
@@ -112,7 +112,7 @@
112	.\"	112	.\"
113	.\" OPENSSL	113	.\" OPENSSL
114	.\"	114	.\"
115	.Dd $Mdocdate: August 5 2016 $	115	.Dd $Mdocdate: August 8 2016 $
116	.Dt OPENSSL 1	116	.Dt OPENSSL 1
117	.Os	117	.Os
118	.Sh NAME	118	.Sh NAME
@@ -261,7 +261,7 @@ The input format.
261	.It Fl length Ar number	261	.It Fl length Ar number
262	Number of bytes to parse; the default is until end of file.	262	Number of bytes to parse; the default is until end of file.
263	.It Fl noout	263	.It Fl noout
264	Don't output the parsed version of the input file.	264	Do not output the parsed version of the input file.
265	.It Fl offset Ar number	265	.It Fl offset Ar number
266	Starting offset to begin parsing; the default is start of file.	266	Starting offset to begin parsing; the default is start of file.
267	.It Fl oid Ar file	267	.It Fl oid Ar file
@@ -1009,7 +1009,7 @@ Output the
1009	.Cm nextUpdate	1009	.Cm nextUpdate
1010	field.	1010	field.
1011	.It Fl noout	1011	.It Fl noout
1012	Don't output the encoded version of the CRL.	1012	Do not output the encoded version of the CRL.
1013	.It Fl out Ar file	1013	.It Fl out Ar file
1014	The output file to write to, or standard output if not specified.	1014	The output file to write to, or standard output if not specified.
1015	.It Fl outform Cm der \| pem	1015	.It Fl outform Cm der \| pem
@@ -1239,7 +1239,7 @@ additional header and footer lines:
1239	-----END DH PARAMETERS-----	1239	-----END DH PARAMETERS-----
1240	.Ed	1240	.Ed
1241	.It Fl noout	1241	.It Fl noout
1242	Inhibit the output of the encoded version of the parameters.	1242	Do not output the encoded version of the parameters.
1243	.It Fl out Ar file	1243	.It Fl out Ar file
1244	The output file to write to,	1244	The output file to write to,
1245	or standard output if not specified.	1245	or standard output if not specified.
@@ -1341,7 +1341,7 @@ In the case of a private key, PKCS#8 format is also accepted.
1341	.It Fl modulus	1341	.It Fl modulus
1342	Print the value of the public key component of the key.	1342	Print the value of the public key component of the key.
1343	.It Fl noout	1343	.It Fl noout
1344	Prevent output of the encoded version of the key.	1344	Do not output the encoded version of the key.
1345	.It Fl out Ar file	1345	.It Fl out Ar file
1346	The output file to write to,	1346	The output file to write to,
1347	or standard output if not specified.	1347	or standard output if not specified.
@@ -1363,90 +1363,70 @@ This option is automatically set if the input is a public key.
1363	.It Fl text	1363	.It Fl text
1364	Print out the public/private key components and parameters.	1364	Print out the public/private key components and parameters.
1365	.El	1365	.El
1366	.\"
1367	.\" DSAPARAM
1368	.\"
1369	.Sh DSAPARAM	1366	.Sh DSAPARAM
1370	.nr nS 1	1367	.nr nS 1
1371	.Nm "openssl dsaparam"	1368	.Nm "openssl dsaparam"
1372	.Bk -words
1373	.Op Fl C	1369	.Op Fl C
1374	.Op Fl genkey	1370	.Op Fl genkey
1375	.Op Fl in Ar file	1371	.Op Fl in Ar file
1376	.Op Fl inform Ar DER \| PEM	1372	.Op Fl inform Cm der \| pem
1377	.Op Fl noout	1373	.Op Fl noout
1378	.Op Fl out Ar file	1374	.Op Fl out Ar file
1379	.Op Fl outform Ar DER \| PEM	1375	.Op Fl outform Cm der \| pem
1380	.Op Fl text	1376	.Op Fl text
1381	.Op Ar numbits	1377	.Op Ar numbits
1382	.Ek
1383	.nr nS 0	1378	.nr nS 0
1384	.Pp	1379	.Pp
1385	The	1380	The
1386	.Nm dsaparam	1381	.Nm dsaparam
1387	command is used to manipulate or generate DSA parameter files.	1382	command is used to manipulate or generate DSA parameter files.
1388	.Pp	1383	.Pp
		1384	PEM format DSA parameters use the header and footer lines:
		1385	.Bd -unfilled -offset indent
		1386	-----BEGIN DSA PARAMETERS-----
		1387	-----END DSA PARAMETERS-----
		1388	.Ed
		1389	.Pp
1389	The options are as follows:	1390	The options are as follows:
1390	.Bl -tag -width Ds	1391	.Bl -tag -width Ds
1391	.It Fl C	1392	.It Fl C
1392	This option converts the parameters into C code.	1393	Convert the parameters into C code.
1393	The parameters can then be loaded by calling the	1394	The parameters can then be loaded by calling the
1394	.Cm get_dsa Ns Ar XXX Ns Li ()	1395	.No get_dsa Ns Ar XXX
1395	function.	1396	function.
1396	.It Fl genkey	1397	.It Fl genkey
1397	This option will generate a DSA either using the specified or generated	1398	Generate a DSA key either using the specified or generated
1398	parameters.	1399	parameters.
1399	.It Fl in Ar file	1400	.It Fl in Ar file
1400	This specifies the input	1401	The input file to read from,
1401	.Ar file	1402	or standard input if not specified.
1402	to read parameters from, or standard input if this option is not specified.
1403	If the	1403	If the
1404	.Ar numbits	1404	.Ar numbits
1405	parameter is included, then this option will be ignored.	1405	parameter is included, then this option is ignored.
1406	.It Fl inform Ar DER \| PEM	1406	.It Fl inform Cm der \| pem
1407	This specifies the input format.	1407	The input format.
1408	The	1408	.Cm der
1409	.Ar DER	1409	uses an ASN1 DER-encoded form compatible with RFC 2459
1410	argument uses an ASN1 DER-encoded form compatible with RFC 2459
1411	.Pq PKIX	1410	.Pq PKIX
1412	DSS-Parms that is a SEQUENCE consisting of p, q and g, respectively.	1411	DSS-Parms that is a SEQUENCE consisting of p, q and g, respectively.
1413	The	1412	.Cm pem
1414	.Ar PEM	1413	is the default format:
1415	form is the default format:
1416	it consists of the DER format base64-encoded with additional header	1414	it consists of the DER format base64-encoded with additional header
1417	and footer lines.	1415	and footer lines.
1418	.It Fl noout	1416	.It Fl noout
1419	This option inhibits the output of the encoded version of the parameters.	1417	Do not output the encoded version of the parameters.
1420	.It Ar numbits
1421	This option specifies that a parameter set should be generated of size
1422	.Ar numbits .
1423	If this option is included, the input file
1424	.Pq if any
1425	is ignored.
1426	.It Fl out Ar file	1418	.It Fl out Ar file
1427	This specifies the output	1419	The output file to write to,
1428	.Ar file	1420	or standard output if not specified.
1429	to write parameters to.	1421	.It Fl outform Cm der \| pem
1430	Standard output is used if this option is not present.	1422	The output format.
1431	The output filename should
1432	.Em not
1433	be the same as the input filename.
1434	.It Fl outform Ar DER \| PEM
1435	This specifies the output format; the options have the same meaning as the
1436	.Fl inform
1437	option.
1438	.It Fl text	1423	.It Fl text
1439	This option prints out the DSA parameters in human readable form.	1424	Print the DSA parameters in human readable form.
		1425	.It Ar numbits
		1426	Generate a parameter set of size
		1427	.Ar numbits .
		1428	If this option is included, the input file is ignored.
1440	.El	1429	.El
1441	.Sh DSAPARAM NOTES
1442	PEM format DSA parameters use the header and footer lines:
1443	.Bd -unfilled -offset indent
1444	-----BEGIN DSA PARAMETERS-----
1445	-----END DSA PARAMETERS-----
1446	.Ed
1447	.Pp
1448	DSA parameter generation is a slow process and as a result the same set of
1449	DSA parameters is often used to generate several distinct keys.
1450	.\"	1430	.\"
1451	.\" EC	1431	.\" EC
1452	.\"	1432	.\"