]>
Commit | Line | Data |
---|---|---|
aba3e65f | 1 | =pod |
69396b41 | 2 | |
aba3e65f DSH |
3 | =head1 NAME |
4 | ||
b6b66573 | 5 | openssl-dsaparam - DSA parameter manipulation and generation |
aba3e65f DSH |
6 | |
7 | =head1 SYNOPSIS | |
8 | ||
9 | B<openssl dsaparam> | |
169394d4 | 10 | [B<-help>] |
e8769719 RS |
11 | [B<-inform> B<DER>|B<PEM>] |
12 | [B<-outform> B<DER>|B<PEM>] | |
13 | [B<-in> I<filename>] | |
14 | [B<-out> I<filename>] | |
aba3e65f DSH |
15 | [B<-noout>] |
16 | [B<-text>] | |
17 | [B<-C>] | |
fed8bd90 | 18 | [B<-rand> I<files>] |
e8769719 | 19 | [B<-writerand> I<file>] |
aba3e65f | 20 | [B<-genkey>] |
e8769719 | 21 | [B<-engine> I<id>] |
b6a07f67 | 22 | [B<-verbose>] |
e8769719 | 23 | [I<numbits>] |
aba3e65f DSH |
24 | |
25 | =head1 DESCRIPTION | |
26 | ||
27 | This command is used to manipulate or generate DSA parameter files. | |
28 | ||
29 | =head1 OPTIONS | |
30 | ||
31 | =over 4 | |
32 | ||
169394d4 MR |
33 | =item B<-help> |
34 | ||
35 | Print out a usage message. | |
36 | ||
e8769719 | 37 | =item B<-inform> B<DER>|B<PEM> |
aba3e65f DSH |
38 | |
39 | This specifies the input format. The B<DER> option uses an ASN1 DER encoded | |
40 | form compatible with RFC2459 (PKIX) DSS-Parms that is a SEQUENCE consisting | |
41 | of p, q and g respectively. The PEM form is the default format: it consists | |
42 | of the B<DER> format base64 encoded with additional header and footer lines. | |
43 | ||
e8769719 | 44 | =item B<-outform> B<DER>|B<PEM> |
aba3e65f | 45 | |
7477c83e TM |
46 | This specifies the output format, the options have the same meaning and default |
47 | as the B<-inform> option. | |
aba3e65f | 48 | |
e8769719 | 49 | =item B<-in> I<filename> |
aba3e65f DSH |
50 | |
51 | This specifies the input filename to read parameters from or standard input if | |
2f0ea936 | 52 | this option is not specified. If the I<numbits> parameter is included then |
aba3e65f DSH |
53 | this option will be ignored. |
54 | ||
e8769719 | 55 | =item B<-out> I<filename> |
aba3e65f DSH |
56 | |
57 | This specifies the output filename parameters to. Standard output is used | |
58 | if this option is not present. The output filename should B<not> be the same | |
59 | as the input filename. | |
60 | ||
61 | =item B<-noout> | |
62 | ||
c4de074e | 63 | This option inhibits the output of the encoded version of the parameters. |
aba3e65f DSH |
64 | |
65 | =item B<-text> | |
66 | ||
c4de074e | 67 | This option prints out the DSA parameters in human readable form. |
aba3e65f DSH |
68 | |
69 | =item B<-C> | |
70 | ||
c4de074e | 71 | This option converts the parameters into C code. The parameters can then |
35cb565a | 72 | be loaded by calling the get_dsaXXX() function. |
aba3e65f DSH |
73 | |
74 | =item B<-genkey> | |
75 | ||
c4de074e | 76 | This option will generate a DSA either using the specified or generated |
aba3e65f DSH |
77 | parameters. |
78 | ||
a397aca4 | 79 | =item B<-rand> I<files>, B<-writerand> I<file> |
aba3e65f | 80 | |
a397aca4 | 81 | See L<openssl(1)/Random State Options> for more information. |
3ee1eac2 | 82 | |
e8769719 | 83 | =item B<-engine> I<id> |
bfa35550 | 84 | |
35a810bb | 85 | Specifying an engine (by its unique I<id> string) will cause this command |
bfa35550 RL |
86 | to attempt to obtain a functional reference to the specified engine, |
87 | thus initialising it if needed. The engine will then be set as the default | |
88 | for all available algorithms. | |
89 | ||
b6a07f67 PP |
90 | =item B<-verbose> |
91 | ||
92 | Print extra details about the operations being performed. | |
93 | ||
2f0ea936 | 94 | =item I<numbits> |
b6a07f67 PP |
95 | |
96 | This option specifies that a parameter set should be generated of size | |
2f0ea936 | 97 | I<numbits>. It must be the last option. If this option is included then |
b6a07f67 PP |
98 | the input file (if any) is ignored. |
99 | ||
aba3e65f DSH |
100 | =back |
101 | ||
102 | =head1 NOTES | |
103 | ||
0286d944 DSH |
104 | PEM format DSA parameters use the header and footer lines: |
105 | ||
106 | -----BEGIN DSA PARAMETERS----- | |
107 | -----END DSA PARAMETERS----- | |
108 | ||
aba3e65f DSH |
109 | DSA parameter generation is a slow process and as a result the same set of |
110 | DSA parameters is often used to generate several distinct keys. | |
111 | ||
112 | =head1 SEE ALSO | |
113 | ||
b6b66573 DMSP |
114 | L<openssl(1)>, |
115 | L<openssl-gendsa(1)>, | |
116 | L<openssl-dsa(1)>, | |
117 | L<openssl-genrsa(1)>, | |
118 | L<openssl-rsa(1)> | |
aba3e65f | 119 | |
e2f92610 RS |
120 | =head1 COPYRIGHT |
121 | ||
b6b66573 | 122 | Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 123 | |
449040b4 | 124 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
125 | this file except in compliance with the License. You can obtain a copy |
126 | in the file LICENSE in the source distribution or at | |
127 | L<https://www.openssl.org/source/license.html>. | |
128 | ||
129 | =cut |