X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=doc%2Fapps%2Fdsa.pod;h=77d66089beacd0d93f73baf3738a2a5c9d870433;hb=9668efbcf3b924f23320b58b8f44bbe8b9490e5e;hp=e6a587b7292eace7c5865cfa42397d6af29689ed;hpb=bb075f883356589425b7e57f788c7498a83b0219;p=oweals%2Fopenssl.git diff --git a/doc/apps/dsa.pod b/doc/apps/dsa.pod index e6a587b729..77d66089be 100644 --- a/doc/apps/dsa.pod +++ b/doc/apps/dsa.pod @@ -2,6 +2,7 @@ =head1 NAME +openssl-dsa, dsa - DSA key processing =head1 SYNOPSIS @@ -10,11 +11,15 @@ B B [B<-inform PEM|DER>] [B<-outform PEM|DER>] [B<-in filename>] -[B<-passin password>] -[B<-envpassin var>] +[B<-passin arg>] [B<-out filename>] -[B<-passout password>] -[B<-envpassout var>] +[B<-passout arg>] +[B<-aes128>] +[B<-aes192>] +[B<-aes256>] +[B<-camellia128>] +[B<-camellia192>] +[B<-camellia256>] [B<-des>] [B<-des3>] [B<-idea>] @@ -23,6 +28,7 @@ B B [B<-modulus>] [B<-pubin>] [B<-pubout>] +[B<-engine id>] =head1 DESCRIPTION @@ -58,14 +64,10 @@ This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for. -=item B<-passin password> +=item B<-passin arg> -the input file password. Since certain utilities like "ps" make the command line -visible this option should be used with caution. - -=item B<-envpassin var> - -read the input file password from the environment variable B. +the input file password source. For more information about the format of B +see the B section in L. =item B<-out filename> @@ -74,21 +76,17 @@ is not specified. If any encryption options are set then a pass phrase will be prompted for. The output filename should B be the same as the input filename. -=item B<-passout password> - -the output file password. Since certain utilities like "ps" make the command line -visible this option should be used with caution. - -=item B<-envpassout var> +=item B<-passout arg> -read the output file password from the environment variable B. +the output file password source. For more information about the format of B +see the B section in L. -=item B<-des|-des3|-idea> +=item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea> -These options encrypt the private key with the DES, triple DES, or the -IDEA ciphers respectively before outputting it. A pass phrase is prompted for. +These options encrypt the private key with the specified +cipher before outputting it. A pass phrase is prompted for. If none of these options is specified the key is written in plain text. This -means that using the B utility to read in an encrypted key with no +means that using the B utility to read in an encrypted key with no encryption option can be used to remove the pass phrase from a key, or by setting the encryption options it can be use to add or change the pass phrase. These options can only be used with PEM format output files. @@ -107,8 +105,8 @@ this option prints out the value of the public key component of the key. =item B<-pubin> -by default a private key is input file with this option a public key is input -instead. +by default a private key is read from the input file: with this option a +public key is read instead. =item B<-pubout> @@ -116,6 +114,13 @@ by default a private key is output. With this option a public key will be output instead. This option is automatically set if the input is a public key. +=item B<-engine id> + +specifying an engine (by its unique B string) will cause B +to attempt to obtain a functional reference to the specified engine, +thus initialising it if needed. The engine will then be set as the default +for all available algorithms. + =back =head1 NOTES @@ -125,6 +130,11 @@ The PEM private key format uses the header and footer lines: -----BEGIN DSA PRIVATE KEY----- -----END DSA PRIVATE KEY----- +The PEM public key format uses the header and footer lines: + + -----BEGIN PUBLIC KEY----- + -----END PUBLIC KEY----- + =head1 EXAMPLES To remove the pass phrase on a DSA private key: