diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2000-01-22 13:58:29 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2000-01-22 13:58:29 +0000 |
commit | 09483c58e3b21841d2761ce90b1f12b24f814881 (patch) | |
tree | 1d4c10fea6c9b3fab92e7104bf7ce984d9adb9d4 /doc/apps | |
parent | bda70ed43087b6412b3742ce345ee9dacd57c30a (diff) | |
download | openssl-09483c58e3b21841d2761ce90b1f12b24f814881.tar.gz |
Add new program dhparam and update docs.
Diffstat (limited to 'doc/apps')
-rw-r--r-- | doc/apps/dhparam.pod (renamed from doc/apps/dh.pod) | 35 | ||||
-rw-r--r-- | doc/apps/gendh.pod | 74 |
2 files changed, 31 insertions, 78 deletions
diff --git a/doc/apps/dh.pod b/doc/apps/dhparam.pod index 99b307368f..59d1f68300 100644 --- a/doc/apps/dh.pod +++ b/doc/apps/dhparam.pod @@ -2,7 +2,7 @@ =head1 NAME -dh - DH parameter manipulation and generation +dhparam - DH parameter manipulation and generation =head1 SYNOPSIS @@ -14,6 +14,10 @@ B<openssl dh> [B<-noout>] [B<-text>] [B<-C>] +[B<-2>] +[B<-5>] +[B<-rand file(s)>] +[numbits] =head1 DESCRIPTION @@ -46,6 +50,25 @@ This specifies the output filename parameters to. Standard output is used if this option is not present. The output filename should B<not> be the same as the input filename. +=item B<-2>, B<-5> + +The generator to use, either 2 or 5. 2 is the default. If present then the +input file is ignored and parameters are generated instead. + +=item B<-rand file(s)> + +a file or files containing random data used to seed the random number +generator. Multiple files can be specified separated by a OS-dependent +character. For MS-Windows, the separator is B<;>. For OpenVMS, it's +B<,>. For all others, it's B<:>. + +=item B<numbits> + +this option specifies that a parameter set should be generated of size +B<numbits>. It must be the last option. If not present then a value of 512 +is used. If this option is present then the input file is ignored and +parameters are generated instead. + =item B<-noout> this option inhibits the output of the encoded version of the parameters. @@ -61,6 +84,13 @@ be loaded by calling the B<get_dhXXX()> function. =back +=head1 WARNINGS + +The program B<dhparam> combines the functionality of the programs B<dh> and +B<gendh> in previous versions of OpenSSL and SSLeay. The B<dh> and B<gendh> +programs are retained for now but may have different purposes in future +versions of OpenSSL. + =head1 NOTES PEM format DH parameters use the header and footer lines: @@ -75,9 +105,6 @@ This program manipulates DH parameters not keys. =head1 BUGS -This program is badly named: the B<rsa> and B<dsa> programs manipulate keys -and not parameters. - There should be a way to generate and manipulate DH keys. =head1 SEE ALSO diff --git a/doc/apps/gendh.pod b/doc/apps/gendh.pod deleted file mode 100644 index 8262622a3d..0000000000 --- a/doc/apps/gendh.pod +++ /dev/null @@ -1,74 +0,0 @@ -=pod - -=head1 NAME - -gendh - DH parameter generation - -=head1 SYNOPSIS - -B<openssl gendh> -[B<-out filename>] -[B<-2>] -[B<-5>] -[B<-rand file(s)>] -[numbits] - -=head1 DESCRIPTION - -This command is used to generate DH parameter files. - -=head1 OPTIONS - -=over 4 - -=item B<-out filename> - -This specifies the output filename parameters to. Standard output is used -if this option is not present. The output format is a base64 encoded form of -a PKCS#5 DHParameter structure. - -=item B<-2>, B<-5> - -The generator to use, either 2 or 5. 2 is the default. - -=item B<-rand file(s)> - -a file or files containing random data used to seed the random number -generator. Multiple files can be specified separated by a OS-dependent -character. For MS-Windows, the separator is B<;>. For OpenVMS, it's -B<,>. For all others, it's B<:>. - -=item B<numbits> - -this option specifies that a parameter set should be generated of size -B<numbits>. It must be the last option. If not present then a value of 512 -is used. - -=back - -=head1 NOTES - -PEM format DH parameters use the header and footer lines: - - -----BEGIN DH PARAMETERS----- - -----END DH PARAMETERS----- - -DH parameter generation is a slow process and as a result the same set of -DH parameters is often reused. - -OpenSSL currently uses PKCS#3 DH not the more recent X9.42 DH. - -This program creates DH parameters only, not DH keys. - -=head1 BUGS - -The program is badly named. The programs B<gendsa> and B<genrsa> generate -actual keys and not parameters. - -There should be a way to generate and manipulate DH keys. - -=head1 SEE ALSO - -dsaparam(1) - -=cut |