| Current Path : /usr/opt/openssl11/share/doc/openssl/html/man3/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
| Current File : //usr/opt/openssl11/share/doc/openssl/html/man3/RSA_generate_multi_prime_key.html |
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>RSA_generate_key</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@hsxx.drive.ne.jp" />
</head>
<body style="background-color: white">
<!-- INDEX BEGIN -->
<div name="index">
<p><a name="__index__"></a></p>
<ul>
<li><a href="#name">NAME</a></li>
<li><a href="#synopsis">SYNOPSIS</a></li>
<li><a href="#description">DESCRIPTION</a></li>
<li><a href="#return_values">RETURN VALUES</a></li>
<li><a href="#bugs">BUGS</a></li>
<li><a href="#see_also">SEE ALSO</a></li>
<li><a href="#history">HISTORY</a></li>
<li><a href="#copyright">COPYRIGHT</a></li>
</ul>
<hr name="index" />
</div>
<!-- INDEX END -->
<p>
</p>
<hr />
<h1><a name="name">NAME</a></h1>
<p>RSA_generate_key_ex, RSA_generate_key,
RSA_generate_multi_prime_key - generate RSA key pair</p>
<p>
</p>
<hr />
<h1><a name="synopsis">SYNOPSIS</a></h1>
<pre>
#include <openssl/rsa.h></pre>
<pre>
int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb);</pre>
<p>Deprecated:</p>
<pre>
#if OPENSSL_API_COMPAT < 0x00908000L
RSA *RSA_generate_key(int bits, unsigned long e,
void (*callback)(int, int, void *), void *cb_arg);
#endif</pre>
<p>
</p>
<hr />
<h1><a name="description">DESCRIPTION</a></h1>
<p><code>RSA_generate_key_ex()</code> generates a 2-prime RSA key pair and stores it in the
<strong>RSA</strong> structure provided in <strong>rsa</strong>. The pseudo-random number generator must
be seeded prior to calling <code>RSA_generate_key_ex()</code>.</p>
<p><code>RSA_generate_multi_prime_key()</code> generates a multi-prime RSA key pair and stores
it in the <strong>RSA</strong> structure provided in <strong>rsa</strong>. The number of primes is given by
the <strong>primes</strong> parameter. The random number generator must be seeded when
calling <code>RSA_generate_multi_prime_key()</code>.
If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
external circumstances (see <em>RAND(7)</em>), the operation will fail.</p>
<p>The modulus size will be of length <strong>bits</strong>, the number of primes to form the
modulus will be <strong>primes</strong>, and the public exponent will be <strong>e</strong>. Key sizes
with <strong>num</strong> < 1024 should be considered insecure. The exponent is an odd
number, typically 3, 17 or 65537.</p>
<p>In order to maintain adequate security level, the maximum number of permitted
<strong>primes</strong> depends on modulus bit length:</p>
<pre>
<1024 | >=1024 | >=4096 | >=8192
------+--------+--------+-------
2 | 3 | 4 | 5</pre>
<p>A callback function may be used to provide feedback about the
progress of the key generation. If <strong>cb</strong> is not <strong>NULL</strong>, it
will be called as follows using the <code>BN_GENCB_call()</code> function
described on the <em>BN_generate_prime(3)</em> page.</p>
<p><code>RSA_generate_key()</code> is similar to <code>RSA_generate_key_ex()</code> but
expects an old-style callback function; see
<em>BN_generate_prime(3)</em> for information on the old-style callback.</p>
<ul>
<li>
<p>While a random prime number is generated, it is called as
described in <em>BN_generate_prime(3)</em>.</p>
</li>
<li>
<p>When the n-th randomly generated prime is rejected as not
suitable for the key, <strong>BN_GENCB_call(cb, 2, n)</strong> is called.</p>
</li>
<li>
<p>When a random p has been found with p-1 relatively prime to <strong>e</strong>,
it is called as <strong>BN_GENCB_call(cb, 3, 0)</strong>.</p>
</li>
</ul>
<p>The process is then repeated for prime q and other primes (if any)
with <strong>BN_GENCB_call(cb, 3, i)</strong> where <strong>i</strong> indicates the i-th prime.</p>
<p>
</p>
<hr />
<h1><a name="return_values">RETURN VALUES</a></h1>
<p><code>RSA_generate_multi_prime_key()</code> returns 1 on success or 0 on error.
<code>RSA_generate_key_ex()</code> returns 1 on success or 0 on error.
The error codes can be obtained by <em>ERR_get_error(3)</em>.</p>
<p><code>RSA_generate_key()</code> returns a pointer to the RSA structure or
<strong>NULL</strong> if the key generation fails.</p>
<p>
</p>
<hr />
<h1><a name="bugs">BUGS</a></h1>
<p><strong>BN_GENCB_call(cb, 2, x)</strong> is used with two different meanings.</p>
<p>
</p>
<hr />
<h1><a name="see_also">SEE ALSO</a></h1>
<p><em>ERR_get_error(3)</em>, <em>RAND_bytes(3)</em>, <em>BN_generate_prime(3)</em>,
<em>RAND(7)</em></p>
<p>
</p>
<hr />
<h1><a name="history">HISTORY</a></h1>
<p><code>RSA_generate_key()</code> was deprecated in OpenSSL 0.9.8; use
<code>RSA_generate_key_ex()</code> instead.</p>
<p>
</p>
<hr />
<h1><a name="copyright">COPYRIGHT</a></h1>
<p>Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
<a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>