diff options
author | Tomas Mraz <tomas@openssl.org> | 2022-07-12 12:32:44 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-11-21 10:49:52 +0100 |
commit | ba86c086c72d168353434531db7954681e20ac0b (patch) | |
tree | 8cf0fddb3af90615593c0217dd9233e720e45b3b | |
parent | 4890f26e398835dca66af837a4134ac3af6f93e7 (diff) | |
download | openssl-ba86c086c72d168353434531db7954681e20ac0b.zip openssl-ba86c086c72d168353434531db7954681e20ac0b.tar.gz openssl-ba86c086c72d168353434531db7954681e20ac0b.tar.bz2 |
dhparam: Correct the documentation of -dsaparam
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18480)
(cherry picked from commit 2885b2ca4eee5586baa50208e41a1ca54532eb3a)
-rw-r--r-- | doc/man1/openssl-dhparam.pod.in | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/doc/man1/openssl-dhparam.pod.in b/doc/man1/openssl-dhparam.pod.in index d358ba9..2a442ba 100644 --- a/doc/man1/openssl-dhparam.pod.in +++ b/doc/man1/openssl-dhparam.pod.in @@ -60,14 +60,13 @@ as the input filename. =item B<-dsaparam> If this option is used, DSA rather than DH parameters are read or created; -they are converted to DH format. Otherwise, "strong" primes (such +they are converted to DH format. Otherwise, safe primes (such that (p-1)/2 is also prime) will be used for DH parameter generation. -DH parameter generation with the B<-dsaparam> option is much faster, -and the recommended exponent length is shorter, which makes DH key -exchange more efficient. Beware that with such DSA-style DH -parameters, a fresh DH key should be created for each use to -avoid small-subgroup attacks that may be possible otherwise. +DH parameter generation with the B<-dsaparam> option is much faster. +Beware that with such DSA-style DH parameters, a fresh DH key should be +created for each use to avoid small-subgroup attacks that may be possible +otherwise. =item B<-check> |