1*ebfedea0SLionel Sambuc=pod 2*ebfedea0SLionel Sambuc 3*ebfedea0SLionel Sambuc=head1 NAME 4*ebfedea0SLionel Sambuc 5*ebfedea0SLionel Sambucdsaparam - DSA parameter manipulation and generation 6*ebfedea0SLionel Sambuc 7*ebfedea0SLionel Sambuc=head1 SYNOPSIS 8*ebfedea0SLionel Sambuc 9*ebfedea0SLionel SambucB<openssl dsaparam> 10*ebfedea0SLionel Sambuc[B<-inform DER|PEM>] 11*ebfedea0SLionel Sambuc[B<-outform DER|PEM>] 12*ebfedea0SLionel Sambuc[B<-in filename>] 13*ebfedea0SLionel Sambuc[B<-out filename>] 14*ebfedea0SLionel Sambuc[B<-noout>] 15*ebfedea0SLionel Sambuc[B<-text>] 16*ebfedea0SLionel Sambuc[B<-C>] 17*ebfedea0SLionel Sambuc[B<-rand file(s)>] 18*ebfedea0SLionel Sambuc[B<-genkey>] 19*ebfedea0SLionel Sambuc[B<-engine id>] 20*ebfedea0SLionel Sambuc[B<numbits>] 21*ebfedea0SLionel Sambuc 22*ebfedea0SLionel Sambuc=head1 DESCRIPTION 23*ebfedea0SLionel Sambuc 24*ebfedea0SLionel SambucThis command is used to manipulate or generate DSA parameter files. 25*ebfedea0SLionel Sambuc 26*ebfedea0SLionel Sambuc=head1 OPTIONS 27*ebfedea0SLionel Sambuc 28*ebfedea0SLionel Sambuc=over 4 29*ebfedea0SLionel Sambuc 30*ebfedea0SLionel Sambuc=item B<-inform DER|PEM> 31*ebfedea0SLionel Sambuc 32*ebfedea0SLionel SambucThis specifies the input format. The B<DER> option uses an ASN1 DER encoded 33*ebfedea0SLionel Sambucform compatible with RFC2459 (PKIX) DSS-Parms that is a SEQUENCE consisting 34*ebfedea0SLionel Sambucof p, q and g respectively. The PEM form is the default format: it consists 35*ebfedea0SLionel Sambucof the B<DER> format base64 encoded with additional header and footer lines. 36*ebfedea0SLionel Sambuc 37*ebfedea0SLionel Sambuc=item B<-outform DER|PEM> 38*ebfedea0SLionel Sambuc 39*ebfedea0SLionel SambucThis specifies the output format, the options have the same meaning as the 40*ebfedea0SLionel SambucB<-inform> option. 41*ebfedea0SLionel Sambuc 42*ebfedea0SLionel Sambuc=item B<-in filename> 43*ebfedea0SLionel Sambuc 44*ebfedea0SLionel SambucThis specifies the input filename to read parameters from or standard input if 45*ebfedea0SLionel Sambucthis option is not specified. If the B<numbits> parameter is included then 46*ebfedea0SLionel Sambucthis option will be ignored. 47*ebfedea0SLionel Sambuc 48*ebfedea0SLionel Sambuc=item B<-out filename> 49*ebfedea0SLionel Sambuc 50*ebfedea0SLionel SambucThis specifies the output filename parameters to. Standard output is used 51*ebfedea0SLionel Sambucif this option is not present. The output filename should B<not> be the same 52*ebfedea0SLionel Sambucas the input filename. 53*ebfedea0SLionel Sambuc 54*ebfedea0SLionel Sambuc=item B<-noout> 55*ebfedea0SLionel Sambuc 56*ebfedea0SLionel Sambucthis option inhibits the output of the encoded version of the parameters. 57*ebfedea0SLionel Sambuc 58*ebfedea0SLionel Sambuc=item B<-text> 59*ebfedea0SLionel Sambuc 60*ebfedea0SLionel Sambucthis option prints out the DSA parameters in human readable form. 61*ebfedea0SLionel Sambuc 62*ebfedea0SLionel Sambuc=item B<-C> 63*ebfedea0SLionel Sambuc 64*ebfedea0SLionel Sambucthis option converts the parameters into C code. The parameters can then 65*ebfedea0SLionel Sambucbe loaded by calling the B<get_dsaXXX()> function. 66*ebfedea0SLionel Sambuc 67*ebfedea0SLionel Sambuc=item B<-genkey> 68*ebfedea0SLionel Sambuc 69*ebfedea0SLionel Sambucthis option will generate a DSA either using the specified or generated 70*ebfedea0SLionel Sambucparameters. 71*ebfedea0SLionel Sambuc 72*ebfedea0SLionel Sambuc=item B<-rand file(s)> 73*ebfedea0SLionel Sambuc 74*ebfedea0SLionel Sambuca file or files containing random data used to seed the random number 75*ebfedea0SLionel Sambucgenerator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>). 76*ebfedea0SLionel SambucMultiple files can be specified separated by a OS-dependent character. 77*ebfedea0SLionel SambucThe separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for 78*ebfedea0SLionel Sambucall others. 79*ebfedea0SLionel Sambuc 80*ebfedea0SLionel Sambuc=item B<numbits> 81*ebfedea0SLionel Sambuc 82*ebfedea0SLionel Sambucthis option specifies that a parameter set should be generated of size 83*ebfedea0SLionel SambucB<numbits>. It must be the last option. If this option is included then 84*ebfedea0SLionel Sambucthe input file (if any) is ignored. 85*ebfedea0SLionel Sambuc 86*ebfedea0SLionel Sambuc=item B<-engine id> 87*ebfedea0SLionel Sambuc 88*ebfedea0SLionel Sambucspecifying an engine (by its unique B<id> string) will cause B<dsaparam> 89*ebfedea0SLionel Sambucto attempt to obtain a functional reference to the specified engine, 90*ebfedea0SLionel Sambucthus initialising it if needed. The engine will then be set as the default 91*ebfedea0SLionel Sambucfor all available algorithms. 92*ebfedea0SLionel Sambuc 93*ebfedea0SLionel Sambuc=back 94*ebfedea0SLionel Sambuc 95*ebfedea0SLionel Sambuc=head1 NOTES 96*ebfedea0SLionel Sambuc 97*ebfedea0SLionel SambucPEM format DSA parameters use the header and footer lines: 98*ebfedea0SLionel Sambuc 99*ebfedea0SLionel Sambuc -----BEGIN DSA PARAMETERS----- 100*ebfedea0SLionel Sambuc -----END DSA PARAMETERS----- 101*ebfedea0SLionel Sambuc 102*ebfedea0SLionel SambucDSA parameter generation is a slow process and as a result the same set of 103*ebfedea0SLionel SambucDSA parameters is often used to generate several distinct keys. 104*ebfedea0SLionel Sambuc 105*ebfedea0SLionel Sambuc=head1 SEE ALSO 106*ebfedea0SLionel Sambuc 107*ebfedea0SLionel SambucL<gendsa(1)|gendsa(1)>, L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>, 108*ebfedea0SLionel SambucL<rsa(1)|rsa(1)> 109*ebfedea0SLionel Sambuc 110*ebfedea0SLionel Sambuc=cut 111