=head1 SYNOPSIS
B<openssl dhparam>
+[B<-help>]
[B<-inform DER|PEM>]
[B<-outform DER|PEM>]
[B<-in> I<filename>]
=over 4
+=item B<-help>
+
+Print out a usage message.
+
=item B<-inform DER|PEM>
This specifies the input format. The B<DER> option uses an ASN1 DER encoded
=item B<-outform DER|PEM>
-This specifies the output format, the options have the same meaning as the
+This specifies the output format, the options have the same meaning as the
B<-inform> option.
=item B<-in> I<filename>
=item B<-check>
-check if the parameters are valid primes and generator.
+Performs numerous checks to see if the supplied parameters are valid and
+displays a warning if not.
=item B<-2>, B<-5>
-The generator to use, either 2 or 5. 2 is the default. If present then the
-input file is ignored and parameters are generated instead.
+The generator to use, either 2 or 5. If present then the
+input file is ignored and parameters are generated instead. If not
+present but B<numbits> is present, parameters are generated with the
+default generator 2.
=item B<-rand> I<file(s)>
a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
+generator, or an EGD socket (see L<RAND_egd(3)>).
+Multiple files can be specified separated by an OS-dependent character.
The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
all others.
=item I<numbits>
this option specifies that a parameter set should be generated of size
-I<numbits>. It must be the last option. If not present then a value of 512
-is used. If this option is present then the input file is ignored and
-parameters are generated instead.
+I<numbits>. It must be the last option. If this option is present then
+the input file is ignored and parameters are generated instead. If
+this option is not present but a generator (B<-2> or B<-5>) is
+present, parameters are generated with a default length of 2048 bits.
=item B<-noout>
=item B<-C>
this option converts the parameters into C code. The parameters can then
-be loaded by calling the B<get_dh>I<numbits>B<()> function.
+be loaded by calling the get_dhNNNN() function.
=item B<-engine id>
=head1 WARNINGS
The program B<dhparam> combines the functionality of the programs B<dh> and
-B<gendh> in previous versions of OpenSSL and SSLeay. The B<dh> and B<gendh>
-programs are retained for now but may have different purposes in future
+B<gendh> in previous versions of OpenSSL. The B<dh> and B<gendh>
+programs are retained for now but may have different purposes in future
versions of OpenSSL.
=head1 NOTES
=head1 SEE ALSO
-L<dsaparam(1)|dsaparam(1)>
+L<dsaparam(1)>
+
+=head1 COPYRIGHT
-=head1 HISTORY
+Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
-The B<dhparam> command was added in OpenSSL 0.9.5.
-The B<-dsaparam> option was added in OpenSSL 0.9.6.
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
=cut
projects / openssl.git / blobdiff