1 files changed, 57 insertions, 57 deletions

diff --git a/src/usr.sbin/openssl/openssl.1 b/src/usr.sbin/openssl/openssl.1
index 86c02fa54a..481bf32726 100644
--- a/src/usr.sbin/openssl/openssl.1
+++ b/src/usr.sbin/openssl/openssl.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: openssl.1,v 1.23 2003/11/21 15:12:31 jmc Exp $
+.\" $OpenBSD: openssl.1,v 1.24 2003/11/26 21:17:17 jmc Exp $
 .\" ====================================================================
 .\" Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
 .\"
@@ -2138,22 +2138,22 @@ option was added in
 .Sh DSA
 .Nm openssl dsa
 .Bk -words
-.Op Fl inform Ar DER | PEM
-.Op Fl outform Ar DER | PEM
-.Op Fl in Ar filename
-.Op Fl passin Ar arg
-.Op Fl out Ar filename
-.Op Fl passout Ar arg
-.Op Fl pubin
-.Op Fl pubout
 .Oo
 .Fl des | des3 | aes128 | aes192 |
 .Fl aes256
 .Oc
-.Op Fl text
-.Op Fl noout
 .Op Fl modulus
+.Op Fl noout
+.Op Fl text
 .Op Fl engine Ar id
+.Op Fl in Ar filename
+.Op Fl inform Ar DER | PEM
+.Op Fl out Ar filename
+.Op Fl outform Ar DER | PEM
+.Op Fl passin Ar arg
+.Op Fl passout Ar arg
+.Op Fl pubin
+.Op Fl pubout
 .Ek
 .Pp
 The
@@ -2171,6 +2171,36 @@ command.
 .Pp
 The options are as follows:
 .Bl -tag -width "XXXX"
+.It Xo
+.Fl des | des3 | aes128 |
+.Fl aes192 | aes256
+.Xc
+These options encrypt the private key with the DES, triple DES, or the
+AES ciphers, respectively, before outputting it.
+A pass phrase is prompted for.
+If none of these options is specified, the key is written in plain text.
+This means that using the
+.Nm dsa
+utility to read in an encrypted key with no encryption option can be used to
+remove the pass phrase from a key,
+or by setting the encryption options it can be use to add or change
+the pass phrase.
+These options can only be used with
+.Ar PEM
+format output files.
+.It Fl engine Ar id
+Specifying an engine (by it's unique
+.Ar id
+string) will cause
+.Nm dsa
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed.
+The engine will then be set as the default for all available algorithms.
+.It Fl in Ar filename
+This specifies the input
+.Ar filename
+to read a key from or standard input if this option is not specified.
+If the key is encrypted, a pass phrase will be prompted for.
 .It Fl inform Ar DER | PEM
 This specifies the input format.
 The
@@ -2178,7 +2208,7 @@ The
 argument with a private key uses an ASN1 DER encoded form of an ASN.1
 SEQUENCE consisting of the values of version
 .Pq currently zero ,
-p, q, g,
+P, Q, G,
 the public and private key components, respectively, as ASN.1 INTEGERs.
 When used with a public key it uses a
 .Em SubjectPublicKeyInfo
@@ -2190,15 +2220,23 @@ form is the default format:
 It consists of the DER format base64
 encoded with additional header and footer lines.
 In the case of a private key, PKCS#8 format is also accepted.
+.It Fl modulus
+This option prints out the value of the public key component of the key.
+.It Fl noout
+This option prevents output of the encoded version of the key.
+.It Fl out Ar filename
+This specifies the output
+.Ar filename
+to write a key to, or standard output if not specified.
+If any encryption options are set then a pass phrase will be
+prompted for.
+The output filename should
+.Em not
+be the same as the input filename.
 .It Fl outform Ar DER | PEM
 This specifies the output format; the options have the same meaning as the
 .Fl inform
 option.
-.It Fl in Ar filename
-This specifies the input
-.Ar filename
-to read a key from or standard input if this option is not specified.
-If the key is encrypted, a pass phrase will be prompted for.
 .It Fl passin Ar arg
 The input file password source.
 For more information about the format of
@@ -2206,15 +2244,6 @@ For more information about the format of
 see the
 .Sx PASS PHRASE ARGUMENTS
 section above.
-.It Fl out Ar filename
-This specifies the output
-.Ar filename
-to write a key to, or standard output if not specified.
-If any encryption options are set then a pass phrase will be
-prompted for.
-The output filename should
-.Em not
-be the same as the input filename.
 .It Fl passout Ar arg
 The output file password source.
 For more information about the format of
@@ -2222,29 +2251,6 @@ For more information about the format of
 see the
 .Sx PASS PHRASE ARGUMENTS
 section above.
-.It Xo
-.Fl des | des3 | aes128 |
-.Fl aes192 | aes256
-.Xc
-These options encrypt the private key with the DES, triple DES, or the
-AES ciphers, respectively, before outputting it.
-A pass phrase is prompted for.
-If none of these options is specified, the key is written in plain text.
-This means that using the
-.Nm dsa
-utility to read in an encrypted key with no encryption option can be used to
-remove the pass phrase from a key,
-or by setting the encryption options it can be use to add or change
-the pass phrase.
-These options can only be used with
-.Ar PEM
-format output files.
-.It Fl text
-Prints out the public/private key components and parameters.
-.It Fl noout
-This option prevents output of the encoded version of the key.
-.It Fl modulus
-This option prints out the value of the public key component of the key.
 .It Fl pubin
 By default, a private key is read from the input file.
 With this option a public key is read instead.
@@ -2252,14 +2258,8 @@ With this option a public key is read instead.
 By default, a private key is output.
 With this option a public key will be output instead.
 This option is automatically set if the input is a public key.
-.It Fl engine Ar id
-Specifying an engine (by it's unique
-.Ar id
-string) will cause
-.Nm dsa
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed.
-The engine will then be set as the default for all available algorithms.
+.It Fl text
+Prints out the public/private key components and parameters.
 .El
 .Sh DSA NOTES
 The