152 lines
5.7 KiB
HTML
Executable File
152 lines
5.7 KiB
HTML
Executable File
<?xml version="1.0" ?>
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
|
<head>
|
|
<title>DSA_generate_parameters</title>
|
|
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
|
|
<link rev="made" href="mailto:root@localhost" />
|
|
</head>
|
|
|
|
<body style="background-color: white">
|
|
|
|
|
|
<!-- INDEX BEGIN -->
|
|
<div name="index">
|
|
<p><a name="__index__"></a></p>
|
|
|
|
<ul>
|
|
|
|
<li><a href="#name">NAME</a></li>
|
|
<li><a href="#synopsis">SYNOPSIS</a></li>
|
|
<li><a href="#description">DESCRIPTION</a></li>
|
|
<li><a href="#return_values">RETURN VALUES</a></li>
|
|
<li><a href="#bugs">BUGS</a></li>
|
|
<li><a href="#see_also">SEE ALSO</a></li>
|
|
<li><a href="#history">HISTORY</a></li>
|
|
<li><a href="#copyright">COPYRIGHT</a></li>
|
|
</ul>
|
|
|
|
<hr name="index" />
|
|
</div>
|
|
<!-- INDEX END -->
|
|
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="name">NAME</a></h1>
|
|
<p>DSA_generate_parameters_ex, DSA_generate_parameters - generate DSA parameters</p>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="synopsis">SYNOPSIS</a></h1>
|
|
<pre>
|
|
#include <openssl/dsa.h></pre>
|
|
<pre>
|
|
int DSA_generate_parameters_ex(DSA *dsa, int bits,
|
|
const unsigned char *seed, int seed_len,
|
|
int *counter_ret, unsigned long *h_ret,
|
|
BN_GENCB *cb);</pre>
|
|
<p>Deprecated since OpenSSL 0.9.8, can be hidden entirely by defining
|
|
<strong>OPENSSL_API_COMPAT</strong> with a suitable version value, see
|
|
<em>openssl_user_macros(7)</em>:</p>
|
|
<pre>
|
|
DSA *DSA_generate_parameters(int bits, unsigned char *seed, int seed_len,
|
|
int *counter_ret, unsigned long *h_ret,
|
|
void (*callback)(int, int, void *), void *cb_arg);</pre>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="description">DESCRIPTION</a></h1>
|
|
<p><code>DSA_generate_parameters_ex()</code> generates primes p and q and a generator g
|
|
for use in the DSA and stores the result in <strong>dsa</strong>.</p>
|
|
<p><strong>bits</strong> is the length of the prime p to be generated.
|
|
For lengths under 2048 bits, the length of q is 160 bits; for lengths
|
|
greater than or equal to 2048 bits, the length of q is set to 256 bits.</p>
|
|
<p>If <strong>seed</strong> is NULL, the primes will be generated at random.
|
|
If <strong>seed_len</strong> is less than the length of q, an error is returned.</p>
|
|
<p><code>DSA_generate_parameters_ex()</code> places the iteration count in
|
|
*<strong>counter_ret</strong> and a counter used for finding a generator in
|
|
*<strong>h_ret</strong>, unless these are <strong>NULL</strong>.</p>
|
|
<p>A callback function may be used to provide feedback about the progress
|
|
of the key generation. If <strong>cb</strong> is not <strong>NULL</strong>, it will be
|
|
called as shown below. For information on the BN_GENCB structure and the
|
|
BN_GENCB_call function discussed below, refer to
|
|
<em>BN_generate_prime(3)</em>.</p>
|
|
<p><code>DSA_generate_prime()</code> is similar to <code>DSA_generate_prime_ex()</code> but
|
|
expects an old-style callback function; see
|
|
<em>BN_generate_prime(3)</em> for information on the old-style callback.</p>
|
|
<ul>
|
|
<li>
|
|
<p>When a candidate for q is generated, <strong>BN_GENCB_call(cb, 0, m++)</strong> is called
|
|
(m is 0 for the first candidate).</p>
|
|
</li>
|
|
<li>
|
|
<p>When a candidate for q has passed a test by trial division,
|
|
<strong>BN_GENCB_call(cb, 1, -1)</strong> is called.
|
|
While a candidate for q is tested by Miller-Rabin primality tests,
|
|
<strong>BN_GENCB_call(cb, 1, i)</strong> is called in the outer loop
|
|
(once for each witness that confirms that the candidate may be prime);
|
|
i is the loop counter (starting at 0).</p>
|
|
</li>
|
|
<li>
|
|
<p>When a prime q has been found, <strong>BN_GENCB_call(cb, 2, 0)</strong> and
|
|
<strong>BN_GENCB_call(cb, 3, 0)</strong> are called.</p>
|
|
</li>
|
|
<li>
|
|
<p>Before a candidate for p (other than the first) is generated and tested,
|
|
<strong>BN_GENCB_call(cb, 0, counter)</strong> is called.</p>
|
|
</li>
|
|
<li>
|
|
<p>When a candidate for p has passed the test by trial division,
|
|
<strong>BN_GENCB_call(cb, 1, -1)</strong> is called.
|
|
While it is tested by the Miller-Rabin primality test,
|
|
<strong>BN_GENCB_call(cb, 1, i)</strong> is called in the outer loop
|
|
(once for each witness that confirms that the candidate may be prime).
|
|
i is the loop counter (starting at 0).</p>
|
|
</li>
|
|
<li>
|
|
<p>When p has been found, <strong>BN_GENCB_call(cb, 2, 1)</strong> is called.</p>
|
|
</li>
|
|
<li>
|
|
<p>When the generator has been found, <strong>BN_GENCB_call(cb, 3, 1)</strong> is called.</p>
|
|
</li>
|
|
</ul>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="return_values">RETURN VALUES</a></h1>
|
|
<p><code>DSA_generate_parameters_ex()</code> returns a 1 on success, or 0 otherwise.
|
|
The error codes can be obtained by <em>ERR_get_error(3)</em>.</p>
|
|
<p><code>DSA_generate_parameters()</code> returns a pointer to the DSA structure or
|
|
<strong>NULL</strong> if the parameter generation fails.</p>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="bugs">BUGS</a></h1>
|
|
<p>Seed lengths greater than 20 are not supported.</p>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="see_also">SEE ALSO</a></h1>
|
|
<p><em>DSA_new(3)</em>, <em>ERR_get_error(3)</em>, <em>RAND_bytes(3)</em>,
|
|
<em>DSA_free(3)</em>, <em>BN_generate_prime(3)</em></p>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="history">HISTORY</a></h1>
|
|
<p><code>DSA_generate_parameters()</code> was deprecated in OpenSSL 0.9.8; use
|
|
<code>DSA_generate_parameters_ex()</code> instead.</p>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="copyright">COPYRIGHT</a></h1>
|
|
<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
|
|
<p>Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
<a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
|
|
|
|
</body>
|
|
|
|
</html>
|