Developer's Daily | Unix by Example |
main | java | perl | unix | dev directory | web log |
dsaparam ? DSA parameter manipulation and generation |
openssl dsaparam [?inform DER│PEM] [?outform DER│PEM] [?in filename] [?out filename] [?noout] [?text] [?C] [?rand file(s)] [?genkey] [numbits] |
This command is used to manipulate or generate DSA parameter files. |
?inform DER │ PEM |
This specifies the input format. The DER option uses an ASN1 DER encoded form compatible with RFC2459 ( PKIX ) DSS ?Parms that is a SEQUENCE consisting of p, q and g respectively. The PEM form is the default format: it consists of the DER format base64 encoded with additional header and footer lines. |
?outform DER │ PEM |
This specifies the output format, the options have the same meaning as the ?inform option. |
?in filename |
This specifies the input filename to read parameters from or standard input if this option is not specified. If the numbits parameter is included then this option will be ignored. |
?out filename |
This specifies the output filename parameters to. Standard output is used if this option is not present. The output filename should not be the same as the input filename. |
?noout |
this option inhibits the output of the encoded version of the parameters. |
?text |
this option prints out the DSA parameters in human readable form. |
?C |
this option converts the parameters into C code. The parameters can then be loaded by calling the get_dsaXXX() function. |
?genkey |
this option will generate a DSA either using the specified or generated parameters. |
?rand file(s) |
a file or files containing random data used to seed the random number generator, or an EGD socket (see RAND_egd(3)). Multiple files can be specified separated by a OS ?dependent character. The separator is ; for MS ?Windows, , for OpenVSM, and : for all others. |
numbits |
this option specifies that a parameter set should be generated of size numbits. It must be the last option. If this option is included then the input file (if any) is ignored. |
PEM format DSA parameters use the header and footer lines: -----BEGIN DSA PARAMETERS----- -----END DSA PARAMETERS----- DSA parameter generation is a slow process and as a result the same set of DSA parameters is often used to generate several distinct keys. |
gendsa(1), dsa(1), genrsa(1), rsa(1) |