[BACK]Return to openssl.1 CVS log [TXT][DIR] Up to [local] / src / usr.bin / openssl

Diff for /src/usr.bin/openssl/openssl.1 between version 1.52 and 1.53

version 1.52, 2016/08/14 09:02:52 version 1.53, 2016/08/16 06:40:24
Line 1993 
Line 1993 
 Print an unencrypted text representation of private and public keys and  Print an unencrypted text representation of private and public keys and
 parameters along with the DER or PEM structure.  parameters along with the DER or PEM structure.
 .El  .El
 .\"  
 .\" GENRSA  
 .\"  
 .Sh GENRSA  .Sh GENRSA
 .nr nS 1  .nr nS 1
 .Nm "openssl genrsa"  .Nm "openssl genrsa"
 .Bk -words  
 .Op Fl 3 | f4  .Op Fl 3 | f4
 .Oo  .Op Fl aes128 | aes192 | aes256 | des | des3
 .Fl aes128 | aes192 | aes256 |  
 .Fl des | des3  
 .Oc  
 .Op Fl out Ar file  .Op Fl out Ar file
 .Op Fl passout Ar arg  .Op Fl passout Ar arg
 .Op Ar numbits  .Op Ar numbits
 .Ek  
 .nr nS 0  .nr nS 0
 .Pp  .Pp
 The  The
 .Nm genrsa  .Nm genrsa
 command generates an RSA private key.  command generates an RSA private key,
   which essentially involves the generation of two prime numbers.
   When generating the key,
   various symbols will be output to indicate the progress of the generation.
   A
   .Sq \&.
   represents each number which has passed an initial sieve test;
   .Sq +
   means a number has passed a single round of the Miller-Rabin primality test.
   A newline means that the number has passed all the prime tests
   (the actual number depends on the key size).
 .Pp  .Pp
 The options are as follows:  The options are as follows:
 .Bl -tag -width Ds  .Bl -tag -width Ds
 .It Fl 3 | f4  .It Fl 3 | f4
 The public exponent to use, either 3 or 65537.  The public exponent to use, either 3 or 65537.
 The default is 65537.  The default is 65537.
 .It Xo  .It Fl aes128 | aes192 | aes256 | des | des3
 .Fl aes128 | aes192 | aes256 |  Encrypt the private key with the AES, DES,
 .Fl des | des3  
 .Xc  
 These options encrypt the private key with the AES, DES,  
 or the triple DES ciphers, respectively, before outputting it.  or the triple DES ciphers, respectively, before outputting it.
 If none of these options are specified, no encryption is used.  If none of these options are specified, no encryption is used.
 If encryption is used, a pass phrase is prompted for,  If encryption is used, a pass phrase is prompted for,
Line 2032 
Line 2031 
 .Fl passout  .Fl passout
 option.  option.
 .It Fl out Ar file  .It Fl out Ar file
 The output  The output file to write to,
 .Ar file .  or standard output if none is specified.
 If this argument is not specified, standard output is used.  
 .It Fl passout Ar arg  .It Fl passout Ar arg
 The output file password source.  The output file password source.
 .It Ar numbits  .It Ar numbits
Line 2042 
Line 2040 
 This must be the last option specified.  This must be the last option specified.
 The default is 2048.  The default is 2048.
 .El  .El
 .Sh GENRSA NOTES  
 RSA private key generation essentially involves the generation of two prime  
 numbers.  
 When generating a private key, various symbols will be output to  
 indicate the progress of the generation.  
 A  
 .Sq \&.  
 represents each number which has passed an initial sieve test;  
 .Sq +  
 means a number has passed a single round of the Miller-Rabin primality test.  
 A newline means that the number has passed all the prime tests  
 .Pq the actual number depends on the key size .  
 .Pp  
 Because key generation is a random process,  
 the time taken to generate a key may vary somewhat.  
 .Sh GENRSA BUGS  
 A quirk of the prime generation algorithm is that it cannot generate small  
 primes.  
 Therefore the number of bits should not be less that 64.  
 For typical private keys this will not matter because for security reasons  
 they will be much larger  
 .Pq typically 2048 bits .  
 .\"  .\"
 .\" NSEQ  .\" NSEQ
 .\"  .\"
Legend:
Removed from v.1.52  
changed lines
  Added in v.1.53