[B<-passin arg>]
[B<-out filename>]
[B<-passout arg>]
+[B<-aes128>]
+[B<-aes192>]
+[B<-aes256>]
+[B<-camellia128>]
+[B<-camellia192>]
+[B<-camellia256>]
[B<-des>]
[B<-des3>]
[B<-idea>]
[B<-modulus>]
[B<-pubin>]
[B<-pubout>]
+[B<-engine id>]
=head1 DESCRIPTION
=item B<-passin arg>
the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
=item B<-out filename>
=item B<-passout arg>
the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
-=item B<-des|-des3|-idea>
+=item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea>
-These options encrypt the private key with the DES, triple DES, or the
-IDEA ciphers respectively before outputting it. A pass phrase is prompted for.
+These options encrypt the private key with the specified
+cipher before outputting it. A pass phrase is prompted for.
If none of these options is specified the key is written in plain text. This
means that using the B<dsa> utility to read in an encrypted key with no
encryption option can be used to remove the pass phrase from a key, or by
key will be output instead. This option is automatically set if the input is
a public key.
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<dsa>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
=back
=head1 NOTES
=head1 SEE ALSO
-L<dsaparam(1)|dsaparam(1)>, L<gendsa(1)|gendsa(1)>, L<rsa(1)|rsa(1)>,
-L<genrsa(1)|genrsa(1)>
+L<dsaparam(1)>, L<gendsa(1)>, L<rsa(1)>,
+L<genrsa(1)>
=cut