diff options
Diffstat (limited to 'openssl/doc/crypto/DSA_generate_parameters.pod')
| -rw-r--r-- | openssl/doc/crypto/DSA_generate_parameters.pod | 105 |
1 files changed, 105 insertions, 0 deletions
diff --git a/openssl/doc/crypto/DSA_generate_parameters.pod b/openssl/doc/crypto/DSA_generate_parameters.pod new file mode 100644 index 000000000..be7c924ff --- /dev/null +++ b/openssl/doc/crypto/DSA_generate_parameters.pod @@ -0,0 +1,105 @@ +=pod + +=head1 NAME + +DSA_generate_parameters - generate DSA parameters + +=head1 SYNOPSIS + + #include <openssl/dsa.h> + + DSA *DSA_generate_parameters(int bits, unsigned char *seed, + int seed_len, int *counter_ret, unsigned long *h_ret, + void (*callback)(int, int, void *), void *cb_arg); + +=head1 DESCRIPTION + +DSA_generate_parameters() generates primes p and q and a generator g +for use in the DSA. + +B<bits> is the length of the prime to be generated; the DSS allows a +maximum of 1024 bits. + +If B<seed> is B<NULL> or B<seed_len> E<lt> 20, the primes will be +generated at random. Otherwise, the seed is used to generate +them. If the given seed does not yield a prime q, a new random +seed is chosen and placed at B<seed>. + +DSA_generate_parameters() places the iteration count in +*B<counter_ret> and a counter used for finding a generator in +*B<h_ret>, unless these are B<NULL>. + +A callback function may be used to provide feedback about the progress +of the key generation. If B<callback> is not B<NULL>, it will be +called as follows: + +=over 4 + +=item * + +When a candidate for q is generated, B<callback(0, m++, cb_arg)> is called +(m is 0 for the first candidate). + +=item * + +When a candidate for q has passed a test by trial division, +B<callback(1, -1, cb_arg)> is called. +While a candidate for q is tested by Miller-Rabin primality tests, +B<callback(1, i, cb_arg)> is called in the outer loop +(once for each witness that confirms that the candidate may be prime); +i is the loop counter (starting at 0). + +=item * + +When a prime q has been found, B<callback(2, 0, cb_arg)> and +B<callback(3, 0, cb_arg)> are called. + +=item * + +Before a candidate for p (other than the first) is generated and tested, +B<callback(0, counter, cb_arg)> is called. + +=item * + +When a candidate for p has passed the test by trial division, +B<callback(1, -1, cb_arg)> is called. +While it is tested by the Miller-Rabin primality test, +B<callback(1, i, cb_arg)> is called in the outer loop +(once for each witness that confirms that the candidate may be prime). +i is the loop counter (starting at 0). + +=item * + +When p has been found, B<callback(2, 1, cb_arg)> is called. + +=item * + +When the generator has been found, B<callback(3, 1, cb_arg)> is called. + +=back + +=head1 RETURN VALUE + +DSA_generate_parameters() returns a pointer to the DSA structure, or +B<NULL> if the parameter generation fails. The error codes can be +obtained by L<ERR_get_error(3)|ERR_get_error(3)>. + +=head1 BUGS + +Seed lengths E<gt> 20 are not supported. + +=head1 SEE ALSO + +L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, +L<DSA_free(3)|DSA_free(3)> + +=head1 HISTORY + +DSA_generate_parameters() appeared in SSLeay 0.8. The B<cb_arg> +argument was added in SSLeay 0.9.0. +In versions up to OpenSSL 0.9.4, B<callback(1, ...)> was called +in the inner loop of the Miller-Rabin test whenever it reached the +squaring step (the parameters to B<callback> did not reveal how many +witnesses had been tested); since OpenSSL 0.9.5, B<callback(1, ...)> +is called as in BN_is_prime(3), i.e. once for each witness. +=cut |