diff options
Diffstat (limited to 'crypto/openssl/doc/apps/rsa.pod')
| -rw-r--r-- | crypto/openssl/doc/apps/rsa.pod | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/crypto/openssl/doc/apps/rsa.pod b/crypto/openssl/doc/apps/rsa.pod index 69b2bef82cbe..21cbf8ee009b 100644 --- a/crypto/openssl/doc/apps/rsa.pod +++ b/crypto/openssl/doc/apps/rsa.pod @@ -15,6 +15,12 @@ B<openssl> B<rsa> [B<-out filename>] [B<-passout arg>] [B<-sgckey>] +[B<-aes128>] +[B<-aes192>] +[B<-aes256>] +[B<-camellia128>] +[B<-camellia192>] +[B<-camellia256>] [B<-des>] [B<-des3>] [B<-idea>] @@ -24,6 +30,8 @@ B<openssl> B<rsa> [B<-check>] [B<-pubin>] [B<-pubout>] +[B<-RSAPublicKey_in>] +[B<-RSAPublicKey_out>] [B<-engine id>] =head1 DESCRIPTION @@ -80,10 +88,10 @@ see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>. use the modified NET algorithm used with some versions of Microsoft IIS and SGC keys. -=item B<-des|-des3|-idea> +=item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea> -These options encrypt the private key with the DES, triple DES, or the -IDEA ciphers respectively before outputting it. A pass phrase is prompted for. +These options encrypt the private key with the specified +cipher before outputting it. A pass phrase is prompted for. If none of these options is specified the key is written in plain text. This means that using the B<rsa> utility to read in an encrypted key with no encryption option can be used to remove the pass phrase from a key, or by @@ -118,6 +126,10 @@ by default a private key is output: with this option a public key will be output instead. This option is automatically set if the input is a public key. +=item B<-RSAPublicKey_in>, B<-RSAPublicKey_out> + +like B<-pubin> and B<-pubout> except B<RSAPublicKey> format is used instead. + =item B<-engine id> specifying an engine (by its unique B<id> string) will cause B<rsa> @@ -139,6 +151,11 @@ The PEM public key format uses the header and footer lines: -----BEGIN PUBLIC KEY----- -----END PUBLIC KEY----- +The PEM B<RSAPublicKey> format uses the header and footer lines: + + -----BEGIN RSA PUBLIC KEY----- + -----END RSA PUBLIC KEY----- + The B<NET> form is a format compatible with older Netscape servers and Microsoft IIS .key files, this uses unsalted RC4 for its encryption. It is not very secure and so should only be used when necessary. @@ -173,6 +190,10 @@ To just output the public part of a private key: openssl rsa -in key.pem -pubout -out pubkey.pem +Output the public part of a private key in B<RSAPublicKey> format: + + openssl rsa -in key.pem -RSAPublicKey_out -out pubkey.pem + =head1 BUGS The command line password arguments don't currently work with |