| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 1 | =pod | 
|  | 2 |  | 
|  | 3 | =head1 NAME | 
|  | 4 |  | 
|  | 5 | openssl-dsaparam, | 
|  | 6 | dsaparam - DSA parameter manipulation and generation | 
|  | 7 |  | 
|  | 8 | =head1 SYNOPSIS | 
|  | 9 |  | 
|  | 10 | B<openssl dsaparam> | 
|  | 11 | [B<-help>] | 
|  | 12 | [B<-inform DER|PEM>] | 
|  | 13 | [B<-outform DER|PEM>] | 
|  | 14 | [B<-in filename>] | 
|  | 15 | [B<-out filename>] | 
|  | 16 | [B<-noout>] | 
|  | 17 | [B<-text>] | 
|  | 18 | [B<-C>] | 
|  | 19 | [B<-rand file...>] | 
|  | 20 | [B<-writerand file>] | 
|  | 21 | [B<-genkey>] | 
|  | 22 | [B<-engine id>] | 
|  | 23 | [B<numbits>] | 
|  | 24 |  | 
|  | 25 | =head1 DESCRIPTION | 
|  | 26 |  | 
|  | 27 | This command is used to manipulate or generate DSA parameter files. | 
|  | 28 |  | 
|  | 29 | =head1 OPTIONS | 
|  | 30 |  | 
|  | 31 | =over 4 | 
|  | 32 |  | 
|  | 33 | =item B<-help> | 
|  | 34 |  | 
|  | 35 | Print out a usage message. | 
|  | 36 |  | 
|  | 37 | =item B<-inform DER|PEM> | 
|  | 38 |  | 
|  | 39 | This specifies the input format. The B<DER> option uses an ASN1 DER encoded | 
|  | 40 | form compatible with RFC2459 (PKIX) DSS-Parms that is a SEQUENCE consisting | 
|  | 41 | of p, q and g respectively. The PEM form is the default format: it consists | 
|  | 42 | of the B<DER> format base64 encoded with additional header and footer lines. | 
|  | 43 |  | 
|  | 44 | =item B<-outform DER|PEM> | 
|  | 45 |  | 
|  | 46 | This specifies the output format, the options have the same meaning and default | 
|  | 47 | as the B<-inform> option. | 
|  | 48 |  | 
|  | 49 | =item B<-in filename> | 
|  | 50 |  | 
|  | 51 | This specifies the input filename to read parameters from or standard input if | 
|  | 52 | this option is not specified. If the B<numbits> parameter is included then | 
|  | 53 | this option will be ignored. | 
|  | 54 |  | 
|  | 55 | =item B<-out filename> | 
|  | 56 |  | 
|  | 57 | This specifies the output filename parameters to. Standard output is used | 
|  | 58 | if this option is not present. The output filename should B<not> be the same | 
|  | 59 | as the input filename. | 
|  | 60 |  | 
|  | 61 | =item B<-noout> | 
|  | 62 |  | 
|  | 63 | This option inhibits the output of the encoded version of the parameters. | 
|  | 64 |  | 
|  | 65 | =item B<-text> | 
|  | 66 |  | 
|  | 67 | This option prints out the DSA parameters in human readable form. | 
|  | 68 |  | 
|  | 69 | =item B<-C> | 
|  | 70 |  | 
|  | 71 | This option converts the parameters into C code. The parameters can then | 
|  | 72 | be loaded by calling the get_dsaXXX() function. | 
|  | 73 |  | 
|  | 74 | =item B<-genkey> | 
|  | 75 |  | 
|  | 76 | This option will generate a DSA either using the specified or generated | 
|  | 77 | parameters. | 
|  | 78 |  | 
|  | 79 | =item B<-rand file...> | 
|  | 80 |  | 
|  | 81 | A file or files containing random data used to seed the random number | 
|  | 82 | generator. | 
|  | 83 | Multiple files can be specified separated by an OS-dependent character. | 
|  | 84 | The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for | 
|  | 85 | all others. | 
|  | 86 |  | 
|  | 87 | =item [B<-writerand file>] | 
|  | 88 |  | 
|  | 89 | Writes random data to the specified I<file> upon exit. | 
|  | 90 | This can be used with a subsequent B<-rand> flag. | 
|  | 91 |  | 
|  | 92 | =item B<numbits> | 
|  | 93 |  | 
|  | 94 | This option specifies that a parameter set should be generated of size | 
|  | 95 | B<numbits>. It must be the last option. If this option is included then | 
|  | 96 | the input file (if any) is ignored. | 
|  | 97 |  | 
|  | 98 | =item B<-engine id> | 
|  | 99 |  | 
|  | 100 | Specifying an engine (by its unique B<id> string) will cause B<dsaparam> | 
|  | 101 | to attempt to obtain a functional reference to the specified engine, | 
|  | 102 | thus initialising it if needed. The engine will then be set as the default | 
|  | 103 | for all available algorithms. | 
|  | 104 |  | 
|  | 105 | =back | 
|  | 106 |  | 
|  | 107 | =head1 NOTES | 
|  | 108 |  | 
|  | 109 | PEM format DSA parameters use the header and footer lines: | 
|  | 110 |  | 
|  | 111 | -----BEGIN DSA PARAMETERS----- | 
|  | 112 | -----END DSA PARAMETERS----- | 
|  | 113 |  | 
|  | 114 | DSA parameter generation is a slow process and as a result the same set of | 
|  | 115 | DSA parameters is often used to generate several distinct keys. | 
|  | 116 |  | 
|  | 117 | =head1 SEE ALSO | 
|  | 118 |  | 
|  | 119 | L<gendsa(1)>, L<dsa(1)>, L<genrsa(1)>, | 
|  | 120 | L<rsa(1)> | 
|  | 121 |  | 
|  | 122 | =head1 COPYRIGHT | 
|  | 123 |  | 
|  | 124 | Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. | 
|  | 125 |  | 
|  | 126 | Licensed under the OpenSSL license (the "License").  You may not use | 
|  | 127 | this file except in compliance with the License.  You can obtain a copy | 
|  | 128 | in the file LICENSE in the source distribution or at | 
|  | 129 | L<https://www.openssl.org/source/license.html>. | 
|  | 130 |  | 
|  | 131 | =cut |