Public keys come in several flavors, using different cryptographic
algorithms. The most popular ones associated with certificates are
-RSA and DSA, and this HOWTO will show how to generate each of them.
-
+RSA and ECDSA, and this HOWTO will show how to generate each of them.
2. To generate an RSA key
Generating a key for the RSA algorithm is quite easy, all you have to
do is the following:
- openssl genrsa -des3 -out privkey.pem 2048
+ openssl genrsa -aes256 -out privkey.pem 2048
With this variant, you will be prompted for a protecting password. If
you don't want your key to be protected by a password, remove the flag
-'-des3' from the command line above.
+'-aes256' from the command line above.
The number 2048 is the size of the key, in bits. Today, 2048 or
higher is recommended for RSA keys, as fewer amount of bits is
-consider insecure or to be insecure pretty soon.
-
-
-3. To generate a DSA key
-
-A DSA key can be used for signing only. It is important to
-know what a certificate request with a DSA key can really be used for.
-
-Generating a key for the DSA algorithm is a two-step process. First,
-you have to generate parameters from which to generate the key:
-
- openssl dsaparam -out dsaparam.pem 2048
-
-The number 2048 is the size of the key, in bits. Today, 2048 or
-higher is recommended for DSA keys, as fewer amount of bits is
-consider insecure or to be insecure pretty soon.
-
-When that is done, you can generate a key using the parameters in
-question (actually, several keys can be generated from the same
-parameters):
-
- openssl gendsa -des3 -out privkey.pem dsaparam.pem
-
-With this variant, you will be prompted for a protecting password. If
-you don't want your key to be protected by a password, remove the flag
-'-des3' from the command line above.
+considered to be insecure.
+3. To generate an EC key
-4. To generate an EC key
+An EC key can be used for either key agreement (ECDH), signing (ECDSA) or
+key encapsulation (KEM) purposes.
+(A key should only be used for one of these purposes)
-An EC key can be used both for key agreement (ECDH) and signing (ECDSA).
+An EC key can be generated by specifying a curve name such as P-256 using:
-Generating a key for ECC is similar to generating a DSA key. These are
-two-step processes. First, you have to get the EC parameters from which
-the key will be generated:
+ openssl genpkey -algorithm EC -pkeyopt group:P-256 -aes256 -out private.key
- openssl ecparam -name prime256v1 -out prime256v1.pem
+With this variant, you will be prompted for a password to protect your key.
+If you don't want your key to be protected by a password, remove the flag
+'-aes256' from the command line above.
-The prime256v1, or NIST P-256, which stands for 'X9.62/SECG curve over
-a 256-bit prime field', is the name of an elliptic curve which generates the
-parameters. You can use the following command to list all supported curves:
+Each curve name is associated with a group of fixed parameters.
+Curve names containing numbers lower than 256 are no longer considered
+secure.
- openssl ecparam -list_curves
+The NIST P-256 curve name (which is an alias for prime256v1), stands for
+'X9.62/SECG curve over a 256-bit prime field'.
-When that is done, you can generate a key using the created parameters (several
-keys can be produced from the same parameters):
+4. To generate a X25519 or X448 Key for Key Agreement
- openssl genpkey -des3 -paramfile prime256v1.pem -out private.key
+X25519, X448, Ed25519 and Ed448 are treated as distinct algorithms and not as
+one of the EC curves listed with 'ecparam -list_curves' option.
+Unlike other algorithms there are separate key types for signing and
+key agreement.
-With this variant, you will be prompted for a password to protect your key.
-If you don't want your key to be protected by a password, remove the flag
-'-des3' from the command line above.
+You can use the following command to generate an X25519 key:
-You can also directly generate the key in one step:
+ openssl genpkey -algorithm X25519 -out xkey.pem
- openssl ecparam -genkey -name prime256v1 -out private.key
+5. To generate a Ed25519 or Ed448 Key
-or
+An Ed25519 or Ed448 key can be used for signing and verification purposes.
- openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256
+You can use the following command to generate an Ed25519 key:
+ openssl genpkey -algorithm Ed25519 -out xkey.pem
-5. To generate an ML-DSA key
+6. To generate an ML-DSA key
An ML-DSA key can be used for signing (and verification via the public key)
only.
See L<EVP_PKEY-ML-DSA(7)> for more detail.
-6. To generate an ML-KEM key
+7. To generate an ML-KEM key
An ML-KEM key can be used for decapsulation (and encapsulation via the public
key) only.
See L<EVP_PKEY-ML-KEM(7)> for more detail.
-7. NOTE
+8. NOTE
If you intend to use the key together with a server certificate,
it may be reasonable to avoid protecting it with a password, since
otherwise someone would have to type in the password every time the
server needs to access the key.
-X25519, X448, Ed25519 and Ed448 are treated as distinct algorithms and not as
-one of the EC curves listed with 'ecparam -list_curves' option. You can use the
-following command to generate an X25519 key:
-
- openssl genpkey -algorithm X25519 -out xkey.pem
+To generate keys using C code refer to the demos located in
+https://github.com/openssl/openssl/blob/master/demos/pkey.
projects / thirdparty / openssl.git / commitdiff
