143.SH "NAME"
144dsaparam \- \s-1DSA\s0 parameter manipulation and generation
146.IX Header "SYNOPSIS"
147\&\fBopenssl dsaparam\fR
148[\fB\-inform DER|PEM\fR]
149[\fB\-outform DER|PEM\fR]
150[\fB\-in filename\fR]
151[\fB\-out filename\fR]
155[\fB\-rand \f(BIfile\fB\|(s)\fR]
157[\fB\-engine id\fR]
161This command is used to manipulate or generate \s-1DSA\s0 parameter files.
163.IX Header "OPTIONS"
164.Ip "\fB\-inform DER|PEM\fR" 4
165.IX Item "-inform DER|PEM"
166This specifies the input format. The \fB\s-1DER\s0\fR option uses an \s-1ASN1\s0 \s-1DER\s0 encoded
167form compatible with \s-1RFC2459\s0 (\s-1PKIX\s0) DSS-Parms that is a \s-1SEQUENCE\s0 consisting
168of p, q and g respectively. The \s-1PEM\s0 form is the default format: it consists
169of the \fB\s-1DER\s0\fR format base64 encoded with additional header and footer lines.
170.Ip "\fB\-outform DER|PEM\fR" 4
171.IX Item "-outform DER|PEM"
172This specifies the output format, the options have the same meaning as the
173\&\fB\-inform\fR option.
174.Ip "\fB\-in filename\fR" 4
175.IX Item "-in filename"
176This specifies the input filename to read parameters from or standard input if
177this option is not specified. If the \fBnumbits\fR parameter is included then
178this option will be ignored.
179.Ip "\fB\-out filename\fR" 4
180.IX Item "-out filename"
181This specifies the output filename parameters to. Standard output is used
182if this option is not present. The output filename should \fBnot\fR be the same
183as the input filename.
184.Ip "\fB\-noout\fR" 4
185.IX Item "-noout"
186this option inhibits the output of the encoded version of the parameters.
187.Ip "\fB\-text\fR" 4
188.IX Item "-text"
189this option prints out the \s-1DSA\s0 parameters in human readable form.
190.Ip "\fB\-C\fR" 4
191.IX Item "-C"
192this option converts the parameters into C code. The parameters can then
193be loaded by calling the \fB\f(BIget_dsaXXX()\fB\fR function.
194.Ip "\fB\-genkey\fR" 4
195.IX Item "-genkey"
196this option will generate a \s-1DSA\s0 either using the specified or generated
198.Ip "\fB\-rand \f(BIfile\fB\|(s)\fR" 4
199.IX Item "-rand file"
200a file or files containing random data used to seed the random number
201generator, or an \s-1EGD\s0 socket (see RAND_egd(3)).
202Multiple files can be specified separated by a OS-dependent character.
203The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
204all others.
205.Ip "\fBnumbits\fR" 4
206.IX Item "numbits"
207this option specifies that a parameter set should be generated of size
208\&\fBnumbits\fR. It must be the last option. If this option is included then
209the input file (if any) is ignored.
210.Ip "\fB\-engine id\fR" 4
211.IX Item "-engine id"
212specifying an engine (by it's unique \fBid\fR string) will cause \fBreq\fR
213to attempt to obtain a functional reference to the specified engine,
214thus initialising it if needed. The engine will then be set as the default
215for all available algorithms.
216.SH "NOTES"
217.IX Header "NOTES"
218\&\s-1PEM\s0 format \s-1DSA\s0 parameters use the header and footer lines:
220.Vb 2
221\& -----BEGIN DSA PARAMETERS-----
222\& -----END DSA PARAMETERS-----
224\&\s-1DSA\s0 parameter generation is a slow process and as a result the same set of
225\&\s-1DSA\s0 parameters is often used to generate several distinct keys.
227.IX Header "SEE ALSO"
228gendsa(1), dsa(1), genrsa(1),