dsaparam - DSA parameter manipulation and generation
openssl dsaparam [-inform DER|PEM] [-outform DER|PEM] [-in filename] [-out filename] [-noout] [-text] [-C] [-rand file(s)] [-genkey] [-engine id] [numbits]
DSAPARAM(1openssl) OpenSSL DSAPARAM(1openssl)
NAME
openssl-dsaparam, dsaparam - DSA parameter manipulation and generation
SYNOPSIS
openssl dsaparam [-inform DER|PEM] [-outform DER|PEM] [-in filename]
[-out filename] [-noout] [-text] [-C] [-rand file(s)] [-genkey]
[-engine id] [numbits]
DESCRIPTION
This command is used to manipulate or generate DSA parameter files.
OPTIONS
-inform DER|PEM
This specifies the input format. The DER option uses an ASN1 DER
encoded form compatible with RFC2459 (PKIX) DSS-Parms that is a
SEQUENCE consisting of p, q and g respectively. The PEM form is the
default format: it consists of the DER format base64 encoded with
additional header and footer lines.
-outform DER|PEM
This specifies the output format, the options have the same meaning
as the -inform option.
-in filename
This specifies the input filename to read parameters from or
standard input if this option is not specified. If the numbits
parameter is included then this option will be ignored.
-out filename
This specifies the output filename parameters to. Standard output
is used if this option is not present. The output filename should
not be the same as the input filename.
-noout
this option inhibits the output of the encoded version of the
parameters.
-text
this option prints out the DSA parameters in human readable form.
-C this option converts the parameters into C code. The parameters can
then be loaded by calling the get_dsaXXX() function.
-genkey
this option will generate a DSA either using the specified or
generated parameters.
-rand file(s)
a file or files containing random data used to seed the random
number generator, or an EGD socket (see RAND_egd(3)). Multiple
files can be specified separated by a OS-dependent character. The
separator is ; for MS-Windows, , for OpenVMS, and : for all others.
numbits
this option specifies that a parameter set should be generated of
size numbits. It must be the last option. If this option is
included then the input file (if any) is ignored.
-engine id
specifying an engine (by its unique id string) will cause dsaparam
to attempt to obtain a functional reference to the specified
engine, thus initialising it if needed. The engine will then be set
as the default for all available algorithms.
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
+---------------+--------------------------+
|ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+---------------+--------------------------+
|Availability | library/security/openssl |
+---------------+--------------------------+
|Stability | Pass-through uncommitted |
+---------------+--------------------------+
NOTES
PEM format DSA parameters use the header and footer lines:
-----BEGIN DSA PARAMETERS-----
-----END DSA PARAMETERS-----
DSA parameter generation is a slow process and as a result the same set
of DSA parameters is often used to generate several distinct keys.
Source code for open source software components in Oracle Solaris can
be found at https://www.oracle.com/downloads/opensource/solaris-source-
code-downloads.html.
This software was built from source available at
https://github.com/oracle/solaris-userland. The original community
source was downloaded from
https://www.openssl.org/source/openssl-1.0.2ze.tar.gz.
Further information about this software can be found on the open source
community website at https://www.openssl.org/.
SEE ALSO
gendsa(1), dsa(1), genrsa(1), rsa(1)
1.0.2ze 2022-05-03 DSAPARAM(1openssl)