159191Skris=pod 259191Skris 359191Skris=head1 NAME 459191Skris 559191Skrisdhparam - DH parameter manipulation and generation 659191Skris 759191Skris=head1 SYNOPSIS 859191Skris 959191SkrisB<openssl dhparam> 1059191Skris[B<-inform DER|PEM>] 1159191Skris[B<-outform DER|PEM>] 1259191Skris[B<-in> I<filename>] 1359191Skris[B<-out> I<filename>] 1459191Skris[B<-dsaparam>] 15269682Sjkim[B<-check>] 1659191Skris[B<-noout>] 1759191Skris[B<-text>] 1859191Skris[B<-C>] 1959191Skris[B<-2>] 2059191Skris[B<-5>] 2159191Skris[B<-rand> I<file(s)>] 22111147Snectar[B<-engine id>] 2359191Skris[I<numbits>] 2459191Skris 2559191Skris=head1 DESCRIPTION 2659191Skris 2759191SkrisThis command is used to manipulate DH parameter files. 2859191Skris 2959191Skris=head1 OPTIONS 3059191Skris 3159191Skris=over 4 3259191Skris 3359191Skris=item B<-inform DER|PEM> 3459191Skris 3559191SkrisThis specifies the input format. The B<DER> option uses an ASN1 DER encoded 3659191Skrisform compatible with the PKCS#3 DHparameter structure. The PEM form is the 3759191Skrisdefault format: it consists of the B<DER> format base64 encoded with 3859191Skrisadditional header and footer lines. 3959191Skris 4059191Skris=item B<-outform DER|PEM> 4159191Skris 4259191SkrisThis specifies the output format, the options have the same meaning as the 4359191SkrisB<-inform> option. 4459191Skris 4559191Skris=item B<-in> I<filename> 4659191Skris 4759191SkrisThis specifies the input filename to read parameters from or standard input if 4859191Skristhis option is not specified. 4959191Skris 5059191Skris=item B<-out> I<filename> 5159191Skris 5259191SkrisThis specifies the output filename parameters to. Standard output is used 5359191Skrisif this option is not present. The output filename should B<not> be the same 5459191Skrisas the input filename. 5559191Skris 5659191Skris=item B<-dsaparam> 5759191Skris 5859191SkrisIf this option is used, DSA rather than DH parameters are read or created; 5959191Skristhey are converted to DH format. Otherwise, "strong" primes (such 6059191Skristhat (p-1)/2 is also prime) will be used for DH parameter generation. 6159191Skris 6259191SkrisDH parameter generation with the B<-dsaparam> option is much faster, 6359191Skrisand the recommended exponent length is shorter, which makes DH key 6459191Skrisexchange more efficient. Beware that with such DSA-style DH 6559191Skrisparameters, a fresh DH key should be created for each use to 6659191Skrisavoid small-subgroup attacks that may be possible otherwise. 6759191Skris 68269682Sjkim=item B<-check> 69269682Sjkim 70269682Sjkimcheck if the parameters are valid primes and generator. 71269682Sjkim 7259191Skris=item B<-2>, B<-5> 7359191Skris 74284283SjkimThe generator to use, either 2 or 5. If present then the 75284283Sjkiminput file is ignored and parameters are generated instead. If not 76284283Sjkimpresent but B<numbits> is present, parameters are generated with the 77284283Sjkimdefault generator 2. 7859191Skris 7959191Skris=item B<-rand> I<file(s)> 8059191Skris 8159191Skrisa file or files containing random data used to seed the random number 8259191Skrisgenerator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>). 8359191SkrisMultiple files can be specified separated by a OS-dependent character. 8468651SkrisThe separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for 8559191Skrisall others. 8659191Skris 8759191Skris=item I<numbits> 8859191Skris 8959191Skristhis option specifies that a parameter set should be generated of size 90284283SjkimI<numbits>. It must be the last option. If this option is present then 91284283Sjkimthe input file is ignored and parameters are generated instead. If 92284283Sjkimthis option is not present but a generator (B<-2> or B<-5>) is 93284283Sjkimpresent, parameters are generated with a default length of 2048 bits. 9459191Skris 9559191Skris=item B<-noout> 9659191Skris 9759191Skristhis option inhibits the output of the encoded version of the parameters. 9859191Skris 9959191Skris=item B<-text> 10059191Skris 10159191Skristhis option prints out the DH parameters in human readable form. 10259191Skris 10359191Skris=item B<-C> 10459191Skris 10559191Skristhis option converts the parameters into C code. The parameters can then 10659191Skrisbe loaded by calling the B<get_dh>I<numbits>B<()> function. 10759191Skris 108111147Snectar=item B<-engine id> 109111147Snectar 110238405Sjkimspecifying an engine (by its unique B<id> string) will cause B<dhparam> 111111147Snectarto attempt to obtain a functional reference to the specified engine, 112111147Snectarthus initialising it if needed. The engine will then be set as the default 113111147Snectarfor all available algorithms. 114111147Snectar 11559191Skris=back 11659191Skris 11759191Skris=head1 WARNINGS 11859191Skris 11959191SkrisThe program B<dhparam> combines the functionality of the programs B<dh> and 12059191SkrisB<gendh> in previous versions of OpenSSL and SSLeay. The B<dh> and B<gendh> 12159191Skrisprograms are retained for now but may have different purposes in future 12259191Skrisversions of OpenSSL. 12359191Skris 12459191Skris=head1 NOTES 12559191Skris 12659191SkrisPEM format DH parameters use the header and footer lines: 12759191Skris 12859191Skris -----BEGIN DH PARAMETERS----- 12959191Skris -----END DH PARAMETERS----- 13059191Skris 13159191SkrisOpenSSL currently only supports the older PKCS#3 DH, not the newer X9.42 13259191SkrisDH. 13359191Skris 13459191SkrisThis program manipulates DH parameters not keys. 13559191Skris 13659191Skris=head1 BUGS 13759191Skris 13859191SkrisThere should be a way to generate and manipulate DH keys. 13959191Skris 14059191Skris=head1 SEE ALSO 14159191Skris 14259191SkrisL<dsaparam(1)|dsaparam(1)> 14359191Skris 14459191Skris=head1 HISTORY 14559191Skris 14659191SkrisThe B<dhparam> command was added in OpenSSL 0.9.5. 14759191SkrisThe B<-dsaparam> option was added in OpenSSL 0.9.6. 14859191Skris 14959191Skris=cut 150