|
|
This manual page is for Mac OS X version 10.6.3If you are running a different version of Mac OS X, view the documentation locally:
Reading manual pagesManual pages are intended as a quick reference for people who already understand a technology.
|
DSAPARAM(1) OpenSSL DSAPARAM(1)
NAME
dsaparam - DSA parameter manipulation and generation
SYNOPSIS
openssl dsaparam [-inform DER|PEM] [-outform DER|PEM] [-in filename] [-out filename] [-noout] [-text]
[-C] [-rand file(s)] [-genkey] [-engine id] [numbits]
DESCRIPTION
This command is used to manipulate or generate DSA parameter files.
OPTIONS
-inform DER|PEM
This specifies the input format. The DER option uses an ASN1 DER encoded form compatible with
RFC2459 (PKIX) DSS-Parms that is a SEQUENCE consisting of p, q and g respectively. The PEM form
is the default format: it consists of the DER format base64 encoded with additional header and
footer lines.
-outform DER|PEM
This specifies the output format, the options have the same meaning as the -inform option.
-in filename
This specifies the input filename to read parameters from or standard input if this option is not
specified. If the numbits parameter is included then this option will be ignored.
-out filename
This specifies the output filename parameters to. Standard output is used if this option is not
present. The output filename should not be the same as the input filename.
-noout
this option inhibits the output of the encoded version of the parameters.
-text
this option prints out the DSA parameters in human readable form.
-C this option converts the parameters into C code. The parameters can then be loaded by calling the
get_dsaXXX() function.
-genkey
this option will generate a DSA either using the specified or generated parameters.
-rand file(s)
a file or files containing random data used to seed the random number generator, or an EGD socket
(see RAND_egd(3)). Multiple files can be specified separated by a OS-dependent character. The
separator is ; for MS-Windows, , for OpenVMS, and : for all others.
numbits
this option specifies that a parameter set should be generated of size numbits. It must be the
last option. If this option is included then the input file (if any) is ignored.
-engine id
specifying an engine (by it's unique id string) will cause req to attempt to obtain a functional
reference to the specified engine, thus initialising it if needed. The engine will then be set as
the default for all available algorithms.
NOTES
PEM format DSA parameters use the header and footer lines:
-----BEGIN DSA PARAMETERS----------END PARAMETERS---------END
-----END DSA PARAMETERS-----DSA PARAMETERS----DSA
DSA parameter generation is a slow process and as a result the same set of DSA parameters is often
used to generate several distinct keys.
SEE ALSO
gendsa(1), dsa(1), genrsa(1), rsa(1)
0.9.8 2003-01-30 DSAPARAM(1)
|
The way to report a problem with this manual page depends on the type of problem: