diff options
Diffstat (limited to 'doc/man1')
| -rw-r--r-- | doc/man1/openssl-dhparam.pod.in | 4 | ||||
| -rw-r--r-- | doc/man1/openssl-genpkey.pod.in | 6 | ||||
| -rw-r--r-- | doc/man1/openssl-genrsa.pod.in | 9 | ||||
| -rw-r--r-- | doc/man1/openssl-kdf.pod.in | 41 | ||||
| -rw-r--r-- | doc/man1/openssl-rsautl.pod.in | 4 | ||||
| -rw-r--r-- | doc/man1/openssl-s_client.pod.in | 4 | ||||
| -rw-r--r-- | doc/man1/openssl-verification-options.pod | 4 | ||||
| -rw-r--r-- | doc/man1/openssl-x509.pod.in | 4 |
8 files changed, 47 insertions, 29 deletions
diff --git a/doc/man1/openssl-dhparam.pod.in b/doc/man1/openssl-dhparam.pod.in index d358ba95dcf3..7865e3b25b9d 100644 --- a/doc/man1/openssl-dhparam.pod.in +++ b/doc/man1/openssl-dhparam.pod.in @@ -88,7 +88,7 @@ I<numbits>. It must be the last option. If this option is present then the input file is ignored and parameters are generated instead. If this option is not present but a generator (B<-2>, B<-3> or B<-5>) is present, parameters are generated with a default length of 2048 bits. -The minimim length is 512 bits. The maximum length is 10000 bits. +The minimum length is 512 bits. The maximum length is 10000 bits. =item B<-noout> @@ -126,7 +126,7 @@ The B<-C> option was removed in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man1/openssl-genpkey.pod.in b/doc/man1/openssl-genpkey.pod.in index 181530670836..8f139d147f92 100644 --- a/doc/man1/openssl-genpkey.pod.in +++ b/doc/man1/openssl-genpkey.pod.in @@ -278,7 +278,7 @@ RFC5114 names "dh_1024_160", "dh_2048_224", "dh_2048_256". If this option is set, then the appropriate RFC5114 parameters are used instead of generating new parameters. The value I<num> can be one of -1, 2 or 3 that are equivalant to using the option B<group> with one of +1, 2 or 3 that are equivalent to using the option B<group> with one of "dh_1024_160", "dh_2048_224" or "dh_2048_256". All other options will be ignored if this value is set. @@ -333,7 +333,7 @@ The B<algorithm> option must be B<"DH">. =item "default" Selects a default type based on the B<algorithm>. This is used by the -OpenSSL default provider to set the type for backwards compatability. +OpenSSL default provider to set the type for backwards compatibility. If B<algorithm> is B<"DH"> then B<"generator"> is used. If B<algorithm> is B<"DHX"> then B<"fips186_2"> is used. @@ -494,7 +494,7 @@ The B<-engine> option was deprecated in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2006-2023 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man1/openssl-genrsa.pod.in b/doc/man1/openssl-genrsa.pod.in index 629640961517..db1cab6e41a3 100644 --- a/doc/man1/openssl-genrsa.pod.in +++ b/doc/man1/openssl-genrsa.pod.in @@ -35,9 +35,6 @@ B<openssl> B<genrsa> =head1 DESCRIPTION -This command has been deprecated. -The L<openssl-genpkey(1)> command should be used instead. - This command generates an RSA private key. =head1 OPTIONS @@ -118,13 +115,9 @@ L<openssl(1)>, L<openssl-genpkey(1)>, L<openssl-gendsa(1)> -=head1 HISTORY - -This command was deprecated in OpenSSL 3.0. - =head1 COPYRIGHT -Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man1/openssl-kdf.pod.in b/doc/man1/openssl-kdf.pod.in index 23776378a1be..6eed74d70d4c 100644 --- a/doc/man1/openssl-kdf.pod.in +++ b/doc/man1/openssl-kdf.pod.in @@ -66,8 +66,7 @@ cases. =item B<-kdfopt> I<nm>:I<v> Passes options to the KDF algorithm. -A comprehensive list of parameters can be found in the EVP_KDF_CTX -implementation documentation. +A comprehensive list of parameters can be found in L<EVP_KDF(3)/PARAMETERS>. Common parameter names used by EVP_KDF_CTX_set_params() are: =over 4 @@ -81,9 +80,8 @@ A key must be specified for most KDF algorithms. =item B<hexkey:>I<string> -Specifies the secret key in hexadecimal form (two hex digits per byte). -The key length must conform to any restrictions of the KDF algorithm. -A key must be specified for most KDF algorithms. +Alternative to the B<key:> option where +the secret key is specified in hexadecimal form (two hex digits per byte). =item B<pass:>I<string> @@ -93,8 +91,35 @@ The password must be specified for PBKDF2 and scrypt. =item B<hexpass:>I<string> -Specifies the password in hexadecimal form (two hex digits per byte). -The password must be specified for PBKDF2 and scrypt. +Alternative to the B<pass:> option where +the password is specified in hexadecimal form (two hex digits per byte). + +=item B<salt:>I<string> + +Specifies a non-secret unique cryptographic salt as an alphanumeric string +(use if it contains printable characters only). +The length must conform to any restrictions of the KDF algorithm. +A salt parameter is required for several KDF algorithms, +such as L<EVP_KDF-PBKDF2(7)>. + +=item B<hexsalt:>I<string> + +Alternative to the B<salt:> option where +the salt is specified in hexadecimal form (two hex digits per byte). + +=item B<info:>I<string> + +Some KDF implementations, such as L<EVP_KDF-HKDF(7)>, take an 'info' parameter +for binding the derived key material +to application- and context-specific information. +Specifies the info, fixed info, other info or shared info argument +as an alphanumeric string (use if it contains printable characters only). +The length must conform to any restrictions of the KDF algorithm. + +=item B<hexinfo:>I<string> + +Alternative to the B<info:> option where +the info is specified in hexadecimal form (two hex digits per byte). =item B<digest:>I<string> @@ -195,7 +220,7 @@ Added in OpenSSL 3.0 =head1 COPYRIGHT -Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man1/openssl-rsautl.pod.in b/doc/man1/openssl-rsautl.pod.in index 186e49e5e49b..0a32fd965bf1 100644 --- a/doc/man1/openssl-rsautl.pod.in +++ b/doc/man1/openssl-rsautl.pod.in @@ -99,7 +99,7 @@ Encrypt the input data using an RSA public key. Decrypt the input data using an RSA private key. -=item B<-pkcs>, B<-oaep>, B<-x931> B<-raw> +=item B<-pkcs>, B<-oaep>, B<-x931>, B<-raw> The padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP, ANSI X9.31, or no padding, respectively. @@ -232,7 +232,7 @@ The B<-engine> option was deprecated in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man1/openssl-s_client.pod.in b/doc/man1/openssl-s_client.pod.in index c921e3b4a25f..4b7b58b72d55 100644 --- a/doc/man1/openssl-s_client.pod.in +++ b/doc/man1/openssl-s_client.pod.in @@ -274,7 +274,7 @@ See L<openssl-format-options(1)> for details. =item B<-pass> I<arg> -the private key and certifiate file password source. +the private key and certificate file password source. For more information about the format of I<arg> see L<openssl-passphrase-options(1)>. @@ -910,7 +910,7 @@ The B<-engine> option was deprecated in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man1/openssl-verification-options.pod b/doc/man1/openssl-verification-options.pod index 5fa3907c2801..4998e452b549 100644 --- a/doc/man1/openssl-verification-options.pod +++ b/doc/man1/openssl-verification-options.pod @@ -92,7 +92,7 @@ It does not have a negative trust attribute rejecting the given use. =item * It has a positive trust attribute accepting the given use -or (by default) one of the following compatibilty conditions apply: +or (by default) one of the following compatibility conditions apply: It is self-signed or the B<-partial_chain> option is given (which corresponds to the B<X509_V_FLAG_PARTIAL_CHAIN> flag being set). @@ -686,7 +686,7 @@ The checks enabled by B<-x509_strict> have been extended in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man1/openssl-x509.pod.in b/doc/man1/openssl-x509.pod.in index dd8f17154af9..5a120287a845 100644 --- a/doc/man1/openssl-x509.pod.in +++ b/doc/man1/openssl-x509.pod.in @@ -478,7 +478,7 @@ unless the B<-new> option is given, which generates a certificate from scratch. =item B<-CAform> B<DER>|B<PEM>|B<P12>, -The format for the CA certificate; unspecifed by default. +The format for the CA certificate; unspecified by default. See L<openssl-format-options(1)> for details. =item B<-CAkey> I<filename>|I<uri> @@ -784,7 +784,7 @@ The B<-C> option was removed in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy |