]>
Commit | Line | Data |
---|---|---|
2186cd8e UM |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
665d899f PY |
5 | RSA_generate_key_ex, RSA_generate_key, |
6 | RSA_generate_multi_prime_key - generate RSA key pair | |
2186cd8e UM |
7 | |
8 | =head1 SYNOPSIS | |
9 | ||
10 | #include <openssl/rsa.h> | |
11 | ||
4fd8a3e1 P |
12 | Deprecated since OpenSSL 3.0, can be hidden entirely by defining |
13 | B<OPENSSL_API_COMPAT> with a suitable version value, see | |
14 | L<openssl_user_macros(7)>: | |
15 | ||
aafbe1cc | 16 | int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); |
665d899f | 17 | int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb); |
aafbe1cc | 18 | |
be80b21d RL |
19 | Deprecated since OpenSSL 0.9.8, can be hidden entirely by defining |
20 | B<OPENSSL_API_COMPAT> with a suitable version value, see | |
21 | L<openssl_user_macros(7)>: | |
aafbe1cc | 22 | |
0588be2e | 23 | RSA *RSA_generate_key(int bits, unsigned long e, |
e9b77246 | 24 | void (*callback)(int, int, void *), void *cb_arg); |
2186cd8e UM |
25 | |
26 | =head1 DESCRIPTION | |
27 | ||
4fd8a3e1 P |
28 | All of the functions described on this page are deprecated. |
29 | Applications should instead use L<EVP_PKEY_keygen_init(3)> and | |
30 | L<EVP_PKEY_keygen(3)>. | |
31 | ||
665d899f PY |
32 | RSA_generate_key_ex() generates a 2-prime RSA key pair and stores it in the |
33 | B<RSA> structure provided in B<rsa>. The pseudo-random number generator must | |
aafbe1cc | 34 | be seeded prior to calling RSA_generate_key_ex(). |
2186cd8e | 35 | |
665d899f PY |
36 | RSA_generate_multi_prime_key() generates a multi-prime RSA key pair and stores |
37 | it in the B<RSA> structure provided in B<rsa>. The number of primes is given by | |
262c0088 DMSP |
38 | the B<primes> parameter. The random number generator must be seeded when |
39 | calling RSA_generate_multi_prime_key(). | |
40 | If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to | |
41 | external circumstances (see L<RAND(7)>), the operation will fail. | |
665d899f PY |
42 | |
43 | The modulus size will be of length B<bits>, the number of primes to form the | |
44 | modulus will be B<primes>, and the public exponent will be B<e>. Key sizes | |
45 | with B<num> E<lt> 1024 should be considered insecure. The exponent is an odd | |
46 | number, typically 3, 17 or 65537. | |
2186cd8e | 47 | |
3bded9cd AP |
48 | In order to maintain adequate security level, the maximum number of permitted |
49 | B<primes> depends on modulus bit length: | |
50 | ||
51 | <1024 | >=1024 | >=4096 | >=8192 | |
52 | ------+--------+--------+------- | |
53 | 2 | 3 | 4 | 5 | |
54 | ||
2186cd8e | 55 | A callback function may be used to provide feedback about the |
aafbe1cc MC |
56 | progress of the key generation. If B<cb> is not B<NULL>, it |
57 | will be called as follows using the BN_GENCB_call() function | |
9b86974e | 58 | described on the L<BN_generate_prime(3)> page. |
2186cd8e | 59 | |
0588be2e | 60 | RSA_generate_key() is similar to RSA_generate_key_ex() but |
b3696a55 RS |
61 | expects an old-style callback function; see |
62 | L<BN_generate_prime(3)> for information on the old-style callback. | |
63 | ||
2f61bc2e | 64 | =over 2 |
2186cd8e UM |
65 | |
66 | =item * | |
67 | ||
68 | While a random prime number is generated, it is called as | |
9b86974e | 69 | described in L<BN_generate_prime(3)>. |
2186cd8e UM |
70 | |
71 | =item * | |
72 | ||
73 | When the n-th randomly generated prime is rejected as not | |
aafbe1cc | 74 | suitable for the key, B<BN_GENCB_call(cb, 2, n)> is called. |
2186cd8e UM |
75 | |
76 | =item * | |
77 | ||
78 | When a random p has been found with p-1 relatively prime to B<e>, | |
aafbe1cc | 79 | it is called as B<BN_GENCB_call(cb, 3, 0)>. |
2186cd8e UM |
80 | |
81 | =back | |
82 | ||
665d899f PY |
83 | The process is then repeated for prime q and other primes (if any) |
84 | with B<BN_GENCB_call(cb, 3, i)> where B<i> indicates the i-th prime. | |
aafbe1cc | 85 | |
1f13ad31 | 86 | =head1 RETURN VALUES |
2186cd8e | 87 | |
665d899f | 88 | RSA_generate_multi_prime_key() returns 1 on success or 0 on error. |
bb6c5e7f | 89 | RSA_generate_key_ex() returns 1 on success or 0 on error. |
9b86974e | 90 | The error codes can be obtained by L<ERR_get_error(3)>. |
2186cd8e | 91 | |
b3696a55 RS |
92 | RSA_generate_key() returns a pointer to the RSA structure or |
93 | B<NULL> if the key generation fails. | |
94 | ||
2186cd8e UM |
95 | =head1 BUGS |
96 | ||
aafbe1cc | 97 | B<BN_GENCB_call(cb, 2, x)> is used with two different meanings. |
2186cd8e | 98 | |
2186cd8e UM |
99 | =head1 SEE ALSO |
100 | ||
262c0088 DMSP |
101 | L<ERR_get_error(3)>, L<RAND_bytes(3)>, L<BN_generate_prime(3)>, |
102 | L<RAND(7)> | |
b3696a55 RS |
103 | |
104 | =head1 HISTORY | |
105 | ||
4fd8a3e1 P |
106 | All of these functions were deprecated in OpenSSL 3.0. |
107 | ||
b3696a55 | 108 | RSA_generate_key() was deprecated in OpenSSL 0.9.8; use |
a21285b3 | 109 | RSA_generate_key_ex() instead. |
2186cd8e | 110 | |
e2f92610 RS |
111 | =head1 COPYRIGHT |
112 | ||
61f805c1 | 113 | Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 114 | |
4746f25a | 115 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
116 | this file except in compliance with the License. You can obtain a copy |
117 | in the file LICENSE in the source distribution or at | |
118 | L<https://www.openssl.org/source/license.html>. | |
119 | ||
120 | =cut |