openssl dsaparam DSA parameter manipulation and generation	openssl command
	SYNOPSIS DESCRIPTION Options NOTES COPYRIGHT AVAILABILITY SEE ALSO

---

SYNOPSIS

openssl dsaparam [-help] [-inform DER|PEM] [-outform DER|PEM] [-in filename] [-out filename] [-noout] [-text] [-C] [-rand file...] [-writerand file] [-genkey] [-engine id] [numbits]

---

DESCRIPTION

This command is used to manipulate or generate DSA parameter files.

Options

-help 

Print out a usage message.

-inform DER|PEM 

specifies the input format. The DER option uses an ASN1 DER encoded form compatible with RFC2459 (PKIX) DSS-Parms that is a SEQUENCE consisting of p, q and g respectively. The PEM form is the default format: it consists of the DER format base64 encoded with additional header and footer lines.

-outform DER|PEM 

specifies the output format, the options have the same meaning and default as the -inform option.

-in filename 

specifies the input file name to read parameters from or standard input if this option is not specified. If the numbits parameter is included then this option will be ignored.

-out filename 

specifies the output file name parameters to. Standard output is used if this option is not present. The output file name should not be the same as the input file name.

-noout 

inhibits the output of the encoded version of the parameters.

-text 

prints out the DSA parameters in human readable form.

-C 

converts the parameters into C code. The parameters can then be loaded by calling the get_dsaXXX() function.

-genkey 

generates a DSA either using the specified or generated parameters.

-rand file... 

a file or files containing random data used to seed the random number generator. Multiple files can be specified separated by a OS-dependent character. The separator is ; for MS-Windows, , for OpenVMS, and : for all others.

-writerand file 

Writes random data to the specified file upon exit. This can be used with a subsequent -rand flag.

numbits 

this option specifies that a parameter set should be generated of size numbits. It must be the last option. If this option is included then the input file (if any) is ignored.

-engine id 

specifying an engine (by its unique id string) will cause dsaparam to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms.

---

NOTES

PEM format DSA parameters use the header and footer lines:

 -----BEGIN DSA PARAMETERS-----
 -----END DSA PARAMETERS-----

DSA parameter generation is a slow process and as a result the same set of DSA parameters is often used to generate several distinct keys.

---

COPYRIGHT

Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.

op

Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or here: OpenSSL.

---

AVAILABILITY

PTC MKS Toolkit for System Administrators
PTC MKS Toolkit for Developers
PTC MKS Toolkit for Interoperability
PTC MKS Toolkit for Professional Developers
PTC MKS Toolkit for Professional Developers 64-Bit Edition
PTC MKS Toolkit for Enterprise Developers
PTC MKS Toolkit for Enterprise Developers 64-Bit Edition

---

SEE ALSO

Commands:

openssl dsa, openssl gendsa, openssl genrsa, openssl rsa

---

PTC MKS Toolkit 10.4 Documentation Build 39.