X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=doc%2Fapps%2Fgenrsa.pod;h=25af4d1475cd54da9ffd8c53cef0ad72bd1a2b8f;hp=b224bd1fc8a6a6ec5fafaf615ea5d0dd79543401;hb=b325518f4588728c38d53586b0cfcdd235db6e34;hpb=dd46d58f65bd3a342bbcd8586680942be643fc7d diff --git a/doc/apps/genrsa.pod b/doc/apps/genrsa.pod index b224bd1fc8..25af4d1475 100644 --- a/doc/apps/genrsa.pod +++ b/doc/apps/genrsa.pod @@ -4,17 +4,18 @@ genrsa - generate an RSA private key - =head1 SYNOPSIS B B [B<-out filename>] +[B<-passout arg>] [B<-des>] [B<-des3>] [B<-idea>] [B<-f4>] [B<-3>] [B<-rand file(s)>] +[B<-engine id>] [B] =head1 DESCRIPTION @@ -25,11 +26,22 @@ The B command generates an RSA private key. =over 4 +=item B<-out filename> + +the output filename. If this argument is not specified then standard output is +used. + +=item B<-passout arg> + +the output file password source. For more information about the format of B +see the B section in L. + =item B<-des|-des3|-idea> These options encrypt the private key with the DES, triple DES, or the -IDEA ciphers respectively before outputting it. A pass phrase is prompted for. -If none of these options is specified no encryption is used. +IDEA ciphers respectively before outputting it. If none of these options is +specified no encryption is used. If encryption is used a pass phrase is prompted +for if it is not supplied via the B<-passout> argument. =item B<-F4|-3> @@ -38,9 +50,17 @@ the public exponent to use, either 65537 or 3. The default is 65537. =item B<-rand file(s)> a file or files containing random data used to seed the random number -generator. Multiple files can be specified separated by a OS-dependent -character. For MS-Windows, the separator is B<;>. For OpenVMS, it's -B<,>. For all others, it's B<:>. +generator, or an EGD socket (see L). +Multiple files can be specified separated by a OS-dependent character. +The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for +all others. + +=item B<-engine id> + +specifying an engine (by it's unique B string) will cause B +to attempt to obtain a functional reference to the specified engine, +thus initialising it if needed. The engine will then be set as the default +for all available algorithms. =item B @@ -53,9 +73,10 @@ specified. The default is 512. RSA private key generation essentially involves the generation of two prime numbers. When generating a private key various symbols will be output to -indicate the progress of the generation. A B<.> represents each number tested. -A B<+> means a number has passed a single primality test. A newline means that -the number has passed all the prime tests (currently set to 5 single tests). +indicate the progress of the generation. A B<.> represents each number which +has passed an initial sieve test, B<+> means a number has passed a single +round of the Miller-Rabin primality test. A newline means that the number has +passed all the prime tests (the actual number depends on the key size). Because key generation is a random process the time taken to generate a key may vary somewhat. @@ -69,4 +90,7 @@ be much larger (typically 1024 bits). =head1 SEE ALSO -gendsa(1) +L + +=cut +