diff options
Diffstat (limited to 'upstream/debian-unstable/man1/openssl-dsa.1ssl')
| -rw-r--r-- | upstream/debian-unstable/man1/openssl-dsa.1ssl | 244 |
1 files changed, 244 insertions, 0 deletions
diff --git a/upstream/debian-unstable/man1/openssl-dsa.1ssl b/upstream/debian-unstable/man1/openssl-dsa.1ssl new file mode 100644 index 00000000..40f877db --- /dev/null +++ b/upstream/debian-unstable/man1/openssl-dsa.1ssl @@ -0,0 +1,244 @@ +.\" -*- mode: troff; coding: utf-8 -*- +.\" Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43) +.\" +.\" Standard preamble: +.\" ======================================================================== +.de Sp \" Vertical space (when we can't use .PP) +.if t .sp .5v +.if n .sp +.. +.de Vb \" Begin verbatim text +.ft CW +.nf +.ne \\$1 +.. +.de Ve \" End verbatim text +.ft R +.fi +.. +.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>. +.ie n \{\ +. ds C` "" +. ds C' "" +'br\} +.el\{\ +. ds C` +. ds C' +'br\} +.\" +.\" Escape single quotes in literal strings from groff's Unicode transform. +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" +.\" If the F register is >0, we'll generate index entries on stderr for +.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index +.\" entries marked with X<> in POD. Of course, you'll have to process the +.\" output yourself in some meaningful fashion. +.\" +.\" Avoid warning from groff about undefined register 'F'. +.de IX +.. +.nr rF 0 +.if \n(.g .if rF .nr rF 1 +.if (\n(rF:(\n(.g==0)) \{\ +. if \nF \{\ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" +.. +. if !\nF==2 \{\ +. nr % 0 +. nr F 2 +. \} +. \} +.\} +.rr rF +.\" ======================================================================== +.\" +.IX Title "OPENSSL-DSA 1SSL" +.TH OPENSSL-DSA 1SSL 2024-02-03 3.1.5 OpenSSL +.\" For nroff, turn off justification. Always turn off hyphenation; it makes +.\" way too many mistakes in technical documents. +.if n .ad l +.nh +.SH NAME +openssl\-dsa \- DSA key processing +.SH SYNOPSIS +.IX Header "SYNOPSIS" +\&\fBopenssl\fR \fBdsa\fR +[\fB\-help\fR] +[\fB\-inform\fR \fBDER\fR|\fBPEM\fR] +[\fB\-outform\fR \fBDER\fR|\fBPEM\fR] +[\fB\-in\fR \fIfilename\fR] +[\fB\-passin\fR \fIarg\fR] +[\fB\-out\fR \fIfilename\fR] +[\fB\-passout\fR \fIarg\fR] +[\fB\-aes128\fR] +[\fB\-aes192\fR] +[\fB\-aes256\fR] +[\fB\-aria128\fR] +[\fB\-aria192\fR] +[\fB\-aria256\fR] +[\fB\-camellia128\fR] +[\fB\-camellia192\fR] +[\fB\-camellia256\fR] +[\fB\-des\fR] +[\fB\-des3\fR] +[\fB\-idea\fR] +[\fB\-text\fR] +[\fB\-noout\fR] +[\fB\-modulus\fR] +[\fB\-pubin\fR] +[\fB\-pubout\fR] +[\fB\-pvk\-strong\fR] +[\fB\-pvk\-weak\fR] +[\fB\-pvk\-none\fR] +[\fB\-engine\fR \fIid\fR] +[\fB\-provider\fR \fIname\fR] +[\fB\-provider\-path\fR \fIpath\fR] +[\fB\-propquery\fR \fIpropq\fR] +.SH DESCRIPTION +.IX Header "DESCRIPTION" +This command processes DSA keys. They can be converted between various +forms and their components printed out. \fBNote\fR This command uses the +traditional SSLeay compatible format for private key encryption: newer +applications should use the more secure PKCS#8 format using the \fBpkcs8\fR +.SH OPTIONS +.IX Header "OPTIONS" +.IP \fB\-help\fR 4 +.IX Item "-help" +Print out a usage message. +.IP "\fB\-inform\fR \fBDER\fR|\fBPEM\fR" 4 +.IX Item "-inform DER|PEM" +The key input format; unspecified by default. +See \fBopenssl\-format\-options\fR\|(1) for details. +.IP "\fB\-outform\fR \fBDER\fR|\fBPEM\fR" 4 +.IX Item "-outform DER|PEM" +The key output format; the default is \fBPEM\fR. +See \fBopenssl\-format\-options\fR\|(1) for details. +.Sp +Private keys are a sequence of \fBASN.1 INTEGERS\fR: the version (zero), \fBp\fR, +\&\fBq\fR, \fBg\fR, and the public and private key components. Public keys +are a \fBSubjectPublicKeyInfo\fR structure with the \fBDSA\fR type. +.Sp +The \fBPEM\fR format also accepts PKCS#8 data. +.IP "\fB\-in\fR \fIfilename\fR" 4 +.IX Item "-in filename" +This specifies the input filename to read a key from or standard input if this +option is not specified. If the key is encrypted a pass phrase will be +prompted for. +.IP "\fB\-out\fR \fIfilename\fR" 4 +.IX Item "-out filename" +This specifies the output filename to write a key to or standard output by +is not specified. If any encryption options are set then a pass phrase will be +prompted for. The output filename should \fBnot\fR be the same as the input +filename. +.IP "\fB\-passin\fR \fIarg\fR, \fB\-passout\fR \fIarg\fR" 4 +.IX Item "-passin arg, -passout arg" +The password source for the input and output file. +For more information about the format of \fBarg\fR +see \fBopenssl\-passphrase\-options\fR\|(1). +.IP "\fB\-aes128\fR, \fB\-aes192\fR, \fB\-aes256\fR, \fB\-aria128\fR, \fB\-aria192\fR, \fB\-aria256\fR, \fB\-camellia128\fR, \fB\-camellia192\fR, \fB\-camellia256\fR, \fB\-des\fR, \fB\-des3\fR, \fB\-idea\fR" 4 +.IX Item "-aes128, -aes192, -aes256, -aria128, -aria192, -aria256, -camellia128, -camellia192, -camellia256, -des, -des3, -idea" +These options encrypt the private key with the specified +cipher before outputting it. A pass phrase is prompted for. +If none of these options is specified the key is written in plain text. This +means that this command can be used to remove the pass phrase from a key +by not giving any encryption option is given, or to add or change the pass +phrase by setting them. +These options can only be used with PEM format output files. +.IP \fB\-text\fR 4 +.IX Item "-text" +Prints out the public, private key components and parameters. +.IP \fB\-noout\fR 4 +.IX Item "-noout" +This option prevents output of the encoded version of the key. +.IP \fB\-modulus\fR 4 +.IX Item "-modulus" +This option prints out the value of the public key component of the key. +.IP \fB\-pubin\fR 4 +.IX Item "-pubin" +By default, a private key is read from the input file. With this option a +public key is read instead. +.IP \fB\-pubout\fR 4 +.IX Item "-pubout" +By default, a private key is output. With this option a public +key will be output instead. This option is automatically set if the input is +a public key. +.IP \fB\-pvk\-strong\fR 4 +.IX Item "-pvk-strong" +Enable 'Strong' PVK encoding level (default). +.IP \fB\-pvk\-weak\fR 4 +.IX Item "-pvk-weak" +Enable 'Weak' PVK encoding level. +.IP \fB\-pvk\-none\fR 4 +.IX Item "-pvk-none" +Don't enforce PVK encoding. +.IP "\fB\-engine\fR \fIid\fR" 4 +.IX Item "-engine id" +See "Engine Options" in \fBopenssl\fR\|(1). +This option is deprecated. +.IP "\fB\-provider\fR \fIname\fR" 4 +.IX Item "-provider name" +.PD 0 +.IP "\fB\-provider\-path\fR \fIpath\fR" 4 +.IX Item "-provider-path path" +.IP "\fB\-propquery\fR \fIpropq\fR" 4 +.IX Item "-propquery propq" +.PD +See "Provider Options" in \fBopenssl\fR\|(1), \fBprovider\fR\|(7), and \fBproperty\fR\|(7). +.PP +The \fBopenssl\-pkey\fR\|(1) command is capable of performing all the operations +this command can, as well as supporting other public key types. +.SH EXAMPLES +.IX Header "EXAMPLES" +The documentation for the \fBopenssl\-pkey\fR\|(1) command contains examples +equivalent to the ones listed here. +.PP +To remove the pass phrase on a DSA private key: +.PP +.Vb 1 +\& openssl dsa \-in key.pem \-out keyout.pem +.Ve +.PP +To encrypt a private key using triple DES: +.PP +.Vb 1 +\& openssl dsa \-in key.pem \-des3 \-out keyout.pem +.Ve +.PP +To convert a private key from PEM to DER format: +.PP +.Vb 1 +\& openssl dsa \-in key.pem \-outform DER \-out keyout.der +.Ve +.PP +To print out the components of a private key to standard output: +.PP +.Vb 1 +\& openssl dsa \-in key.pem \-text \-noout +.Ve +.PP +To just output the public part of a private key: +.PP +.Vb 1 +\& openssl dsa \-in key.pem \-pubout \-out pubkey.pem +.Ve +.SH "SEE ALSO" +.IX Header "SEE ALSO" +\&\fBopenssl\fR\|(1), +\&\fBopenssl\-pkey\fR\|(1), +\&\fBopenssl\-dsaparam\fR\|(1), +\&\fBopenssl\-gendsa\fR\|(1), +\&\fBopenssl\-rsa\fR\|(1), +\&\fBopenssl\-genrsa\fR\|(1) +.SH HISTORY +.IX Header "HISTORY" +The \fB\-engine\fR option was deprecated in OpenSSL 3.0. +.SH COPYRIGHT +.IX Header "COPYRIGHT" +Copyright 2000\-2021 The OpenSSL Project Authors. All Rights Reserved. +.PP +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +<https://www.openssl.org/source/license.html>. |