diff options
| author | Rich Salz <rsalz@akamai.com> | 2019-10-12 17:45:56 -0400 |
|---|---|---|
| committer | Tomas Mraz <tmraz@fedoraproject.org> | 2019-10-31 14:19:29 +0100 |
| commit | 9fcb9702fba8aa135945f96aefddf050a6f4f11d (patch) | |
| tree | 5fa0e0061ca70c9b0678636ee68c713653e7dba8 /doc/man1/openssl-genrsa.pod.in | |
| parent | fb1ecf85c9f732e5827771ff243d7a70e06ce112 (diff) | |
Infrastructure for templated doc in POD files
Use new doc-build capabilities
Add -i flag to dofile.
Add doc/man1 to SUBDIRS for the new templated doc files
Rewrite commit a397aca (merged from PR 10118) to use the doc-template stuff.
Put template references in common place
Template options and text come at the end of command-specific options:
opt_x, opt_trust, opt_r (in that order).
Refactor xchain options.
Do doc-nits after building generated sources.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10159)
Diffstat (limited to 'doc/man1/openssl-genrsa.pod.in')
| -rw-r--r-- | doc/man1/openssl-genrsa.pod.in | 127 |
1 files changed, 127 insertions, 0 deletions
diff --git a/doc/man1/openssl-genrsa.pod.in b/doc/man1/openssl-genrsa.pod.in new file mode 100644 index 0000000000..6239cd8bee --- /dev/null +++ b/doc/man1/openssl-genrsa.pod.in @@ -0,0 +1,127 @@ +=pod + +=begin comment +{- join("\n", @autowarntext) -} + +=end comment + +=head1 NAME + +openssl-genrsa - generate an RSA private key + +=head1 SYNOPSIS + +B<openssl> B<genrsa> +[B<-help>] +[B<-out> I<filename>] +[B<-passout> I<arg>] +[B<-aes128>] +[B<-aes192>] +[B<-aes256>] +[B<-aria128>] +[B<-aria192>] +[B<-aria256>] +[B<-camellia128>] +[B<-camellia192>] +[B<-camellia256>] +[B<-des>] +[B<-des3>] +[B<-idea>] +[B<-f4>|B<-3>] +[B<-engine> I<id>] +[B<-primes> I<num>] +[B<-verbose>] +{- $OpenSSL::safe::opt_r_synopsis -} +[B<numbits>] + +=for openssl ifdef engine + +=head1 DESCRIPTION + +This command generates an RSA private key. + +=head1 OPTIONS + +=over 4 + +=item B<-help> + +Print out a usage message. + +=item B<-out> I<filename> + +Output the key to the specified file. If this argument is not specified then +standard output is used. + +=item B<-passout> I<arg> + +The output file password source. For more information about the format +see L<openssl(1)/Pass Phrase Options>. + +=item B<-aes128>, B<-aes192>, B<-aes256>, B<-aria128>, B<-aria192>, B<-aria256>, B<-camellia128>, B<-camellia192>, B<-camellia256>, B<-des>, B<-des3>, B<-idea> + +These options encrypt the private key with specified +cipher before outputting it. If none of these options is +specified no encryption is used. If encryption is used a pass phrase is prompted +for if it is not supplied via the B<-passout> argument. + +=item B<-F4>|B<-3> + +The public exponent to use, either 65537 or 3. The default is 65537. + +=item B<-engine> I<id> + +Specifying an engine (by its unique I<id> string) will cause this command +to attempt to obtain a functional reference to the specified engine, +thus initialising it if needed. The engine will then be set as the default +for all available algorithms. + +=item B<-primes> I<num> + +Specify the number of primes to use while generating the RSA key. The I<num> +parameter must be a positive integer that is greater than 1 and less than 16. +If I<num> is greater than 2, then the generated key is called a 'multi-prime' +RSA key, which is defined in RFC 8017. + +=item B<-verbose> + +Print extra details about the operations being performed. + +{- $OpenSSL::safe::opt_r_item -} + +=item B<numbits> + +The size of the private key to generate in bits. This must be the last option +specified. The default is 2048 and values less than 512 are not allowed. + +=back + +=head1 NOTES + +RSA private key generation essentially involves the generation of two or more +prime numbers. When generating a private key various symbols will be output to +indicate the progress of the generation. A B<.> represents each number which +has passed an initial sieve test, B<+> means a number has passed a single +round of the Miller-Rabin primality test, B<*> means the current prime starts +a regenerating progress due to some failed tests. A newline means that the number +has passed all the prime tests (the actual number depends on the key size). + +Because key generation is a random process the time taken to generate a key +may vary somewhat. But in general, more primes lead to less generation time +of a key. + +=head1 SEE ALSO + +L<openssl(1)>, +L<openssl-gendsa(1)> + +=head1 COPYRIGHT + +Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L<https://www.openssl.org/source/license.html>. + +=cut |