diff options
author | Rich Salz <rsalz@openssl.org> | 2017-07-05 10:58:48 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2017-07-16 19:20:45 -0400 |
commit | 3ee1eac27a2e3120fbdc60e12db091c082b8de21 (patch) | |
tree | c34ee07aa725e2019dbce1f7621702eb2bb5fd69 /doc/man1/pkcs8.pod | |
parent | e90fc053c33a2241004451cfdeecfbf3cbdeb728 (diff) |
Standardize apps use of -rand, etc.
Standardized the -rand flag and added a new one:
-rand file...
Always reads the specified files
-writerand file
Always writes to the file on exit
For apps that use a config file, the RANDFILE config parameter reads
the file at startup (to seed the RNG) and write to it on exit if
the -writerand flag isn't used.
Ensured that every app that took -rand also took -writerand, and
made sure all of that agreed with all the documentation.
Fix error reporting in write_file and -rand
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3862)
Diffstat (limited to 'doc/man1/pkcs8.pod')
-rw-r--r-- | doc/man1/pkcs8.pod | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/doc/man1/pkcs8.pod b/doc/man1/pkcs8.pod index ebdcea98b7..42e2468a27 100644 --- a/doc/man1/pkcs8.pod +++ b/doc/man1/pkcs8.pod @@ -17,6 +17,8 @@ B<openssl> B<pkcs8> [B<-passout arg>] [B<-iter count>] [B<-noiter>] +[B<-rand file...>] +[B<-writerand file>] [B<-nocrypt>] [B<-traditional>] [B<-v2 alg>] @@ -99,6 +101,19 @@ This option does not encrypt private keys at all and should only be used when absolutely necessary. Certain software such as some versions of Java code signing software used unencrypted private keys. +=item B<-rand file...> + +A file or files containing random data used to seed the random number +generator. +Multiple files can be specified separated by an OS-dependent character. +The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for +all others. + +=item [B<-writerand file>] + +Writes random data to the specified I<file> upon exit. +This can be used with a subsequent B<-rand> flag. + =item B<-v2 alg> This option sets the PKCS#5 v2.0 algorithm. |