Regenerate the manual pages after the OpenSSL update to 0.9.7e.
[dragonfly.git] / secure / usr.bin / openssl / man / dhparam.1
CommitLineData
8b0cefbb
JR
1.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14
2.\"
3.\" Standard preamble:
4.\" ========================================================================
5.de Sh \" Subsection heading
984263bc
MD
6.br
7.if t .Sp
8.ne 5
9.PP
10\fB\\$1\fR
11.PP
12..
8b0cefbb 13.de Sp \" Vertical space (when we can't use .PP)
984263bc
MD
14.if t .sp .5v
15.if n .sp
16..
8b0cefbb 17.de Vb \" Begin verbatim text
984263bc
MD
18.ft CW
19.nf
20.ne \\$1
21..
8b0cefbb 22.de Ve \" End verbatim text
984263bc 23.ft R
984263bc
MD
24.fi
25..
8b0cefbb
JR
26.\" Set up some character translations and predefined strings. \*(-- will
27.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
28.\" double quote, and \*(R" will give a right double quote. | will give a
29.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
30.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
31.\" expand to `' in nroff, nothing in troff, for use with C<>.
984263bc 32.tr \(*W-|\(bv\*(Tr
8b0cefbb 33.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
984263bc 34.ie n \{\
8b0cefbb
JR
35. ds -- \(*W-
36. ds PI pi
37. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
38. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
39. ds L" ""
40. ds R" ""
41. ds C` ""
42. ds C' ""
984263bc
MD
43'br\}
44.el\{\
8b0cefbb
JR
45. ds -- \|\(em\|
46. ds PI \(*p
47. ds L" ``
48. ds R" ''
984263bc 49'br\}
8b0cefbb
JR
50.\"
51.\" If the F register is turned on, we'll generate index entries on stderr for
52.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
53.\" entries marked with X<> in POD. Of course, you'll have to process the
54.\" output yourself in some meaningful fashion.
55.if \nF \{\
56. de IX
57. tm Index:\\$1\t\\n%\t"\\$2"
984263bc 58..
8b0cefbb
JR
59. nr % 0
60. rr F
984263bc 61.\}
8b0cefbb
JR
62.\"
63.\" For nroff, turn off justification. Always turn off hyphenation; it makes
64.\" way too many mistakes in technical documents.
65.hy 0
984263bc 66.if n .na
8b0cefbb
JR
67.\"
68.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
69.\" Fear. Run. Save yourself. No user-serviceable parts.
70. \" fudge factors for nroff and troff
984263bc 71.if n \{\
8b0cefbb
JR
72. ds #H 0
73. ds #V .8m
74. ds #F .3m
75. ds #[ \f1
76. ds #] \fP
984263bc
MD
77.\}
78.if t \{\
8b0cefbb
JR
79. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
80. ds #V .6m
81. ds #F 0
82. ds #[ \&
83. ds #] \&
984263bc 84.\}
8b0cefbb 85. \" simple accents for nroff and troff
984263bc 86.if n \{\
8b0cefbb
JR
87. ds ' \&
88. ds ` \&
89. ds ^ \&
90. ds , \&
91. ds ~ ~
92. ds /
984263bc
MD
93.\}
94.if t \{\
8b0cefbb
JR
95. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
96. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
97. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
98. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
99. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
100. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
984263bc 101.\}
8b0cefbb 102. \" troff and (daisy-wheel) nroff accents
984263bc
MD
103.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
104.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
105.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
106.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
107.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
108.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
109.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
110.ds ae a\h'-(\w'a'u*4/10)'e
111.ds Ae A\h'-(\w'A'u*4/10)'E
8b0cefbb 112. \" corrections for vroff
984263bc
MD
113.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
114.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
8b0cefbb 115. \" for low resolution devices (crt and lpr)
984263bc
MD
116.if \n(.H>23 .if \n(.V>19 \
117\{\
8b0cefbb
JR
118. ds : e
119. ds 8 ss
120. ds o a
121. ds d- d\h'-1'\(ga
122. ds D- D\h'-1'\(hy
123. ds th \o'bp'
124. ds Th \o'LP'
125. ds ae ae
126. ds Ae AE
984263bc
MD
127.\}
128.rm #[ #] #H #V #F C
8b0cefbb
JR
129.\" ========================================================================
130.\"
131.IX Title "DHPARAM 1"
132.TH DHPARAM 1 "2004-12-18" "0.9.7e" "OpenSSL"
984263bc 133.SH "NAME"
e3cdf75b 134dhparam \- DH parameter manipulation and generation
984263bc 135.SH "SYNOPSIS"
8b0cefbb
JR
136.IX Header "SYNOPSIS"
137\&\fBopenssl dhparam\fR
984263bc
MD
138[\fB\-inform DER|PEM\fR]
139[\fB\-outform DER|PEM\fR]
140[\fB\-in\fR \fIfilename\fR]
141[\fB\-out\fR \fIfilename\fR]
142[\fB\-dsaparam\fR]
143[\fB\-noout\fR]
144[\fB\-text\fR]
145[\fB\-C\fR]
146[\fB\-2\fR]
147[\fB\-5\fR]
e3cdf75b 148[\fB\-rand\fR \fIfile(s)\fR]
984263bc
MD
149[\fB\-engine id\fR]
150[\fInumbits\fR]
151.SH "DESCRIPTION"
8b0cefbb
JR
152.IX Header "DESCRIPTION"
153This command is used to manipulate \s-1DH\s0 parameter files.
984263bc 154.SH "OPTIONS"
8b0cefbb
JR
155.IX Header "OPTIONS"
156.IP "\fB\-inform DER|PEM\fR" 4
157.IX Item "-inform DER|PEM"
984263bc 158This specifies the input format. The \fB\s-1DER\s0\fR option uses an \s-1ASN1\s0 \s-1DER\s0 encoded
8b0cefbb 159form compatible with the PKCS#3 DHparameter structure. The \s-1PEM\s0 form is the
984263bc
MD
160default format: it consists of the \fB\s-1DER\s0\fR format base64 encoded with
161additional header and footer lines.
8b0cefbb
JR
162.IP "\fB\-outform DER|PEM\fR" 4
163.IX Item "-outform DER|PEM"
984263bc 164This specifies the output format, the options have the same meaning as the
8b0cefbb
JR
165\&\fB\-inform\fR option.
166.IP "\fB\-in\fR \fIfilename\fR" 4
167.IX Item "-in filename"
984263bc
MD
168This specifies the input filename to read parameters from or standard input if
169this option is not specified.
8b0cefbb
JR
170.IP "\fB\-out\fR \fIfilename\fR" 4
171.IX Item "-out filename"
984263bc
MD
172This specifies the output filename parameters to. Standard output is used
173if this option is not present. The output filename should \fBnot\fR be the same
174as the input filename.
8b0cefbb
JR
175.IP "\fB\-dsaparam\fR" 4
176.IX Item "-dsaparam"
984263bc
MD
177If this option is used, \s-1DSA\s0 rather than \s-1DH\s0 parameters are read or created;
178they are converted to \s-1DH\s0 format. Otherwise, \*(L"strong\*(R" primes (such
8b0cefbb 179that (p\-1)/2 is also prime) will be used for \s-1DH\s0 parameter generation.
984263bc 180.Sp
8b0cefbb 181\&\s-1DH\s0 parameter generation with the \fB\-dsaparam\fR option is much faster,
984263bc 182and the recommended exponent length is shorter, which makes \s-1DH\s0 key
8b0cefbb 183exchange more efficient. Beware that with such DSA-style \s-1DH\s0
984263bc
MD
184parameters, a fresh \s-1DH\s0 key should be created for each use to
185avoid small-subgroup attacks that may be possible otherwise.
8b0cefbb
JR
186.IP "\fB\-2\fR, \fB\-5\fR" 4
187.IX Item "-2, -5"
984263bc
MD
188The generator to use, either 2 or 5. 2 is the default. If present then the
189input file is ignored and parameters are generated instead.
8b0cefbb
JR
190.IP "\fB\-rand\fR \fIfile(s)\fR" 4
191.IX Item "-rand file(s)"
984263bc 192a file or files containing random data used to seed the random number
8b0cefbb
JR
193generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
194Multiple files can be specified separated by a OS-dependent character.
195The separator is \fB;\fR for MS\-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
984263bc 196all others.
8b0cefbb
JR
197.IP "\fInumbits\fR" 4
198.IX Item "numbits"
984263bc 199this option specifies that a parameter set should be generated of size
8b0cefbb 200\&\fInumbits\fR. It must be the last option. If not present then a value of 512
984263bc
MD
201is used. If this option is present then the input file is ignored and
202parameters are generated instead.
8b0cefbb
JR
203.IP "\fB\-noout\fR" 4
204.IX Item "-noout"
984263bc 205this option inhibits the output of the encoded version of the parameters.
8b0cefbb
JR
206.IP "\fB\-text\fR" 4
207.IX Item "-text"
984263bc 208this option prints out the \s-1DH\s0 parameters in human readable form.
8b0cefbb
JR
209.IP "\fB\-C\fR" 4
210.IX Item "-C"
984263bc
MD
211this option converts the parameters into C code. The parameters can then
212be loaded by calling the \fBget_dh\fR\fInumbits\fR\fB()\fR function.
8b0cefbb
JR
213.IP "\fB\-engine id\fR" 4
214.IX Item "-engine id"
984263bc
MD
215specifying an engine (by it's unique \fBid\fR string) will cause \fBreq\fR
216to attempt to obtain a functional reference to the specified engine,
217thus initialising it if needed. The engine will then be set as the default
218for all available algorithms.
219.SH "WARNINGS"
8b0cefbb 220.IX Header "WARNINGS"
984263bc 221The program \fBdhparam\fR combines the functionality of the programs \fBdh\fR and
8b0cefbb 222\&\fBgendh\fR in previous versions of OpenSSL and SSLeay. The \fBdh\fR and \fBgendh\fR
984263bc
MD
223programs are retained for now but may have different purposes in future
224versions of OpenSSL.
225.SH "NOTES"
8b0cefbb
JR
226.IX Header "NOTES"
227\&\s-1PEM\s0 format \s-1DH\s0 parameters use the header and footer lines:
984263bc
MD
228.PP
229.Vb 2
230\& -----BEGIN DH PARAMETERS-----
231\& -----END DH PARAMETERS-----
232.Ve
984263bc 233.PP
8b0cefbb
JR
234OpenSSL currently only supports the older PKCS#3 \s-1DH\s0, not the newer X9.42
235\&\s-1DH\s0.
236.PP
237This program manipulates \s-1DH\s0 parameters not keys.
984263bc 238.SH "BUGS"
8b0cefbb
JR
239.IX Header "BUGS"
240There should be a way to generate and manipulate \s-1DH\s0 keys.
984263bc 241.SH "SEE ALSO"
8b0cefbb
JR
242.IX Header "SEE ALSO"
243\&\fIdsaparam\fR\|(1)
984263bc 244.SH "HISTORY"
8b0cefbb 245.IX Header "HISTORY"
984263bc
MD
246The \fBdhparam\fR command was added in OpenSSL 0.9.5.
247The \fB\-dsaparam\fR option was added in OpenSSL 0.9.6.