[thirdparty/openssl.git] / doc / man1 / openssl-dsaparam.pod

=pod

=head1 NAME

openssl-dsaparam - DSA parameter manipulation and generation

=head1 SYNOPSIS

B<openssl dsaparam>
[B<-help>]
[B<-inform> B<DER>|B<PEM>]
[B<-outform> B<DER>|B<PEM>]
[B<-in> I<filename>]
[B<-out> I<filename>]
[B<-noout>]
[B<-text>]
[B<-C>]
[B<-rand> I<files>]
[B<-writerand> I<file>]
[B<-genkey>]
[B<-engine> I<id>]
[B<-verbose>]
[I<numbits>]

=head1 DESCRIPTION

This command is used to manipulate or generate DSA parameter files.

=head1 OPTIONS

=over 4

=item B<-help>

Print out a usage message.

=item B<-inform> B<DER>|B<PEM>

This specifies the input format. The B<DER> option uses an ASN1 DER encoded
form compatible with RFC2459 (PKIX) DSS-Parms that is a SEQUENCE consisting
of p, q and g respectively. The PEM form is the default format: it consists
of the B<DER> format base64 encoded with additional header and footer lines.

=item B<-outform> B<DER>|B<PEM>

This specifies the output format, the options have the same meaning and default
as the B<-inform> option.

=item B<-in> I<filename>

This specifies the input filename to read parameters from or standard input if
this option is not specified. If the I<numbits> parameter is included then
this option will be ignored.

=item B<-out> I<filename>

This specifies the output filename parameters to. Standard output is used
if this option is not present. The output filename should B<not> be the same
as the input filename.

=item B<-noout>

This option inhibits the output of the encoded version of the parameters.

=item B<-text>

This option prints out the DSA parameters in human readable form.

=item B<-C>

This option converts the parameters into C code. The parameters can then
be loaded by calling the get_dsaXXX() function.

=item B<-genkey>

This option will generate a DSA either using the specified or generated
parameters.

=item B<-rand> I<files>, B<-writerand> I<file>

See L<openssl(1)/Random State Options> for more information.

=item B<-engine> I<id>

Specifying an engine (by its unique I<id> string) will cause this command
to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default
for all available algorithms.

=item B<-verbose>

Print extra details about the operations being performed.

=item I<numbits>

This option specifies that a parameter set should be generated of size
I<numbits>. It must be the last option. If this option is included then
the input file (if any) is ignored.

=back

=head1 NOTES

PEM format DSA parameters use the header and footer lines:

 -----BEGIN DSA PARAMETERS-----
 -----END DSA PARAMETERS-----

DSA parameter generation is a slow process and as a result the same set of
DSA parameters is often used to generate several distinct keys.

=head1 SEE ALSO

L<openssl(1)>,
L<openssl-gendsa(1)>,
L<openssl-dsa(1)>,
L<openssl-genrsa(1)>,
L<openssl-rsa(1)>

=head1 COPYRIGHT

Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
aba3e65f	1	=pod
69396b41	2
aba3e65f DSH	3	=head1 NAME
aba3e65f DSH	4
b6b66573	5	openssl-dsaparam - DSA parameter manipulation and generation
aba3e65f DSH	6
	7	=head1 SYNOPSIS
	8
	9	B<openssl dsaparam>
169394d4	10	[B<-help>]
e8769719 RS	11	[B<-inform> B<DER>\|B<PEM>]
	12	[B<-outform> B<DER>\|B<PEM>]
	13	[B<-in> I<filename>]
	14	[B<-out> I<filename>]
aba3e65f DSH	15	[B<-noout>]
	16	[B<-text>]
	17	[B<-C>]
fed8bd90	18	[B<-rand> I<files>]
e8769719	19	[B<-writerand> I<file>]
aba3e65f	20	[B<-genkey>]
e8769719	21	[B<-engine> I<id>]
b6a07f67	22	[B<-verbose>]
e8769719	23	[I<numbits>]
aba3e65f DSH	24
	25	=head1 DESCRIPTION
	26
	27	This command is used to manipulate or generate DSA parameter files.
	28
	29	=head1 OPTIONS
	30
	31	=over 4
	32
169394d4 MR	33	=item B<-help>
	34
	35	Print out a usage message.
	36
e8769719	37	=item B<-inform> B<DER>\|B<PEM>
aba3e65f DSH	38
	39	This specifies the input format. The B<DER> option uses an ASN1 DER encoded
	40	form compatible with RFC2459 (PKIX) DSS-Parms that is a SEQUENCE consisting
	41	of p, q and g respectively. The PEM form is the default format: it consists
	42	of the B<DER> format base64 encoded with additional header and footer lines.
	43
e8769719	44	=item B<-outform> B<DER>\|B<PEM>
aba3e65f	45
7477c83e TM	46	This specifies the output format, the options have the same meaning and default
7477c83e TM	47	as the B<-inform> option.
aba3e65f	48
e8769719	49	=item B<-in> I<filename>
aba3e65f DSH	50
aba3e65f DSH	51	This specifies the input filename to read parameters from or standard input if
2f0ea936	52	this option is not specified. If the I<numbits> parameter is included then
aba3e65f DSH	53	this option will be ignored.
aba3e65f DSH	54
e8769719	55	=item B<-out> I<filename>
aba3e65f DSH	56
	57	This specifies the output filename parameters to. Standard output is used
	58	if this option is not present. The output filename should B<not> be the same
	59	as the input filename.
	60
	61	=item B<-noout>
	62
c4de074e	63	This option inhibits the output of the encoded version of the parameters.
aba3e65f DSH	64
	65	=item B<-text>
	66
c4de074e	67	This option prints out the DSA parameters in human readable form.
aba3e65f DSH	68
	69	=item B<-C>
	70
c4de074e	71	This option converts the parameters into C code. The parameters can then
35cb565a	72	be loaded by calling the get_dsaXXX() function.
aba3e65f DSH	73
	74	=item B<-genkey>
	75
c4de074e	76	This option will generate a DSA either using the specified or generated
aba3e65f DSH	77	parameters.
aba3e65f DSH	78
a397aca4	79	=item B<-rand> I<files>, B<-writerand> I<file>
aba3e65f	80
a397aca4	81	See L<openssl(1)/Random State Options> for more information.
3ee1eac2	82
e8769719	83	=item B<-engine> I<id>
bfa35550	84
35a810bb	85	Specifying an engine (by its unique I<id> string) will cause this command
bfa35550 RL	86	to attempt to obtain a functional reference to the specified engine,
	87	thus initialising it if needed. The engine will then be set as the default
	88	for all available algorithms.
	89
b6a07f67 PP	90	=item B<-verbose>
	91
	92	Print extra details about the operations being performed.
	93
2f0ea936	94	=item I<numbits>
b6a07f67 PP	95
b6a07f67 PP	96	This option specifies that a parameter set should be generated of size
2f0ea936	97	I<numbits>. It must be the last option. If this option is included then
b6a07f67 PP	98	the input file (if any) is ignored.
b6a07f67 PP	99
aba3e65f DSH	100	=back
	101
	102	=head1 NOTES
	103
0286d944 DSH	104	PEM format DSA parameters use the header and footer lines:
	105
	106	-----BEGIN DSA PARAMETERS-----
	107	-----END DSA PARAMETERS-----
	108
aba3e65f DSH	109	DSA parameter generation is a slow process and as a result the same set of
	110	DSA parameters is often used to generate several distinct keys.
	111
	112	=head1 SEE ALSO
	113
b6b66573 DMSP	114	L<openssl(1)>,
	115	L<openssl-gendsa(1)>,
	116	L<openssl-dsa(1)>,
	117	L<openssl-genrsa(1)>,
	118	L<openssl-rsa(1)>
aba3e65f	119
e2f92610 RS	120	=head1 COPYRIGHT
e2f92610 RS	121
b6b66573	122	Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	123
449040b4	124	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	125	this file except in compliance with the License. You can obtain a copy
	126	in the file LICENSE in the source distribution or at
	127	L<https://www.openssl.org/source/license.html>.
	128
	129	=cut