[thirdparty/openssl.git] / doc / man3 / RSA_generate_key.pod

=pod

=head1 NAME

RSA_generate_key_ex, RSA_generate_key,
RSA_generate_multi_prime_key - generate RSA key pair

=head1 SYNOPSIS

 #include <openssl/rsa.h>

 int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
 int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb);

Deprecated since OpenSSL 0.9.8, can be hidden entirely by defining
B<OPENSSL_API_COMPAT> with a suitable version value, see
L<openssl_user_macros(7)>:

 RSA *RSA_generate_key(int num, unsigned long e,
                       void (*callback)(int, int, void *), void *cb_arg);

=head1 DESCRIPTION

RSA_generate_key_ex() generates a 2-prime RSA key pair and stores it in the
B<RSA> structure provided in B<rsa>. The pseudo-random number generator must
be seeded prior to calling RSA_generate_key_ex().

RSA_generate_multi_prime_key() generates a multi-prime RSA key pair and stores
it in the B<RSA> structure provided in B<rsa>. The number of primes is given by
the B<primes> parameter. The pseudo-random number generator must be seeded prior
to calling RSA_generate_multi_prime_key().

The modulus size will be of length B<bits>, the number of primes to form the
modulus will be B<primes>, and the public exponent will be B<e>. Key sizes
with B<num> E<lt> 1024 should be considered insecure. The exponent is an odd
number, typically 3, 17 or 65537.

In order to maintain adequate security level, the maximum number of permitted
B<primes> depends on modulus bit length:

   <1024 | >=1024 | >=4096 | >=8192
   ------+--------+--------+-------
     2   |   3    |   4    |   5

A callback function may be used to provide feedback about the
progress of the key generation. If B<cb> is not B<NULL>, it
will be called as follows using the BN_GENCB_call() function
described on the L<BN_generate_prime(3)> page.

RSA_generate_prime() is similar to RSA_generate_prime_ex() but
expects an old-style callback function; see
L<BN_generate_prime(3)> for information on the old-style callback.

=over 2

=item *

While a random prime number is generated, it is called as
described in L<BN_generate_prime(3)>.

=item *

When the n-th randomly generated prime is rejected as not
suitable for the key, B<BN_GENCB_call(cb, 2, n)> is called.

=item *

When a random p has been found with p-1 relatively prime to B<e>,
it is called as B<BN_GENCB_call(cb, 3, 0)>.

=back

The process is then repeated for prime q and other primes (if any)
with B<BN_GENCB_call(cb, 3, i)> where B<i> indicates the i-th prime.

=head1 RETURN VALUES

RSA_generate_multi_prime_key() returns 1 on success or 0 on error.
RSA_generate_key_ex() returns 1 on success or 0 on error.
The error codes can be obtained by L<ERR_get_error(3)>.

RSA_generate_key() returns a pointer to the RSA structure or
B<NULL> if the key generation fails.

=head1 BUGS

B<BN_GENCB_call(cb, 2, x)> is used with two different meanings.

=head1 SEE ALSO

L<ERR_get_error(3)>, L<RAND_bytes(3)>, L<BN_generate_prime(3)>

=head1 HISTORY

RSA_generate_key() was deprecated in OpenSSL 0.9.8; use
RSA_generate_key_ex() instead.

=head1 COPYRIGHT

Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
2186cd8e UM	1	=pod
	2
	3	=head1 NAME
	4
665d899f PY	5	RSA_generate_key_ex, RSA_generate_key,
665d899f PY	6	RSA_generate_multi_prime_key - generate RSA key pair
2186cd8e UM	7
	8	=head1 SYNOPSIS
	9
	10	#include <openssl/rsa.h>
	11
aafbe1cc	12	int RSA_generate_key_ex(RSA rsa, int bits, BIGNUM e, BN_GENCB *cb);
665d899f	13	int RSA_generate_multi_prime_key(RSA rsa, int bits, int primes, BIGNUM e, BN_GENCB *cb);
aafbe1cc	14
be80b21d RL	15	Deprecated since OpenSSL 0.9.8, can be hidden entirely by defining
	16	B<OPENSSL_API_COMPAT> with a suitable version value, see
	17	L<openssl_user_macros(7)>:
aafbe1cc	18
2186cd8e	19	RSA *RSA_generate_key(int num, unsigned long e,
e9b77246	20	void (callback)(int, int, void ), void *cb_arg);
2186cd8e UM	21
	22	=head1 DESCRIPTION
	23
665d899f PY	24	RSA_generate_key_ex() generates a 2-prime RSA key pair and stores it in the
665d899f PY	25	B<RSA> structure provided in B<rsa>. The pseudo-random number generator must
aafbe1cc	26	be seeded prior to calling RSA_generate_key_ex().
2186cd8e	27
665d899f PY	28	RSA_generate_multi_prime_key() generates a multi-prime RSA key pair and stores
	29	it in the B<RSA> structure provided in B<rsa>. The number of primes is given by
	30	the B<primes> parameter. The pseudo-random number generator must be seeded prior
	31	to calling RSA_generate_multi_prime_key().
	32
	33	The modulus size will be of length B<bits>, the number of primes to form the
	34	modulus will be B<primes>, and the public exponent will be B<e>. Key sizes
	35	with B<num> E<lt> 1024 should be considered insecure. The exponent is an odd
	36	number, typically 3, 17 or 65537.
2186cd8e	37
3bded9cd AP	38	In order to maintain adequate security level, the maximum number of permitted
	39	B<primes> depends on modulus bit length:
	40
	41	<1024 \| >=1024 \| >=4096 \| >=8192
	42	------+--------+--------+-------
	43	2 \| 3 \| 4 \| 5
	44
2186cd8e	45	A callback function may be used to provide feedback about the
aafbe1cc MC	46	progress of the key generation. If B<cb> is not B<NULL>, it
aafbe1cc MC	47	will be called as follows using the BN_GENCB_call() function
9b86974e	48	described on the L<BN_generate_prime(3)> page.
2186cd8e	49
b3696a55 RS	50	RSA_generate_prime() is similar to RSA_generate_prime_ex() but
	51	expects an old-style callback function; see
	52	L<BN_generate_prime(3)> for information on the old-style callback.
	53
2f61bc2e	54	=over 2
2186cd8e UM	55
	56	=item *
	57
	58	While a random prime number is generated, it is called as
9b86974e	59	described in L<BN_generate_prime(3)>.
2186cd8e UM	60
	61	=item *
	62
	63	When the n-th randomly generated prime is rejected as not
aafbe1cc	64	suitable for the key, B<BN_GENCB_call(cb, 2, n)> is called.
2186cd8e UM	65
	66	=item *
	67
	68	When a random p has been found with p-1 relatively prime to B<e>,
aafbe1cc	69	it is called as B<BN_GENCB_call(cb, 3, 0)>.
2186cd8e UM	70
	71	=back
	72
665d899f PY	73	The process is then repeated for prime q and other primes (if any)
665d899f PY	74	with B<BN_GENCB_call(cb, 3, i)> where B<i> indicates the i-th prime.
aafbe1cc	75
1f13ad31	76	=head1 RETURN VALUES
2186cd8e	77
665d899f	78	RSA_generate_multi_prime_key() returns 1 on success or 0 on error.
bb6c5e7f	79	RSA_generate_key_ex() returns 1 on success or 0 on error.
9b86974e	80	The error codes can be obtained by L<ERR_get_error(3)>.
2186cd8e	81
b3696a55 RS	82	RSA_generate_key() returns a pointer to the RSA structure or
	83	B<NULL> if the key generation fails.
	84
2186cd8e UM	85	=head1 BUGS
2186cd8e UM	86
aafbe1cc	87	B<BN_GENCB_call(cb, 2, x)> is used with two different meanings.
2186cd8e	88
2186cd8e UM	89	=head1 SEE ALSO
2186cd8e UM	90
3bded9cd	91	L<ERR_get_error(3)>, L<RAND_bytes(3)>, L<BN_generate_prime(3)>
b3696a55 RS	92
	93	=head1 HISTORY
	94
	95	RSA_generate_key() was deprecated in OpenSSL 0.9.8; use
a21285b3	96	RSA_generate_key_ex() instead.
2186cd8e	97
e2f92610 RS	98	=head1 COPYRIGHT
e2f92610 RS	99
61f805c1	100	Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	101
4746f25a	102	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	103	this file except in compliance with the License. You can obtain a copy
	104	in the file LICENSE in the source distribution or at
	105	L<https://www.openssl.org/source/license.html>.
	106
	107	=cut