mirror of
https://github.com/openssl/openssl.git
synced 2024-12-03 05:41:46 +08:00
6859cf7459
manual when the specific function is refered to in the current manual text. This correction was originally introduced in OpenBSD's tracking of OpenSSL.
106 lines
3.0 KiB
Plaintext
106 lines
3.0 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
DSA_generate_parameters - generate DSA parameters
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
#include <openssl/dsa.h>
|
|
|
|
DSA *DSA_generate_parameters(int bits, unsigned char *seed,
|
|
int seed_len, int *counter_ret, unsigned long *h_ret,
|
|
void (*callback)(int, int, void *), void *cb_arg);
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
DSA_generate_parameters() generates primes p and q and a generator g
|
|
for use in the DSA.
|
|
|
|
B<bits> is the length of the prime to be generated; the DSS allows a
|
|
maximum of 1024 bits.
|
|
|
|
If B<seed> is B<NULL> or B<seed_len> E<lt> 20, the primes will be
|
|
generated at random. Otherwise, the seed is used to generate
|
|
them. If the given seed does not yield a prime q, a new random
|
|
seed is chosen and placed at B<seed>.
|
|
|
|
DSA_generate_parameters() places the iteration count in
|
|
*B<counter_ret> and a counter used for finding a generator in
|
|
*B<h_ret>, unless these are B<NULL>.
|
|
|
|
A callback function may be used to provide feedback about the progress
|
|
of the key generation. If B<callback> is not B<NULL>, it will be
|
|
called as follows:
|
|
|
|
=over 4
|
|
|
|
=item *
|
|
|
|
When a candidate for q is generated, B<callback(0, m++, cb_arg)> is called
|
|
(m is 0 for the first candidate).
|
|
|
|
=item *
|
|
|
|
When a candidate for q has passed a test by trial division,
|
|
B<callback(1, -1, cb_arg)> is called.
|
|
While a candidate for q is tested by Miller-Rabin primality tests,
|
|
B<callback(1, i, cb_arg)> is called in the outer loop
|
|
(once for each witness that confirms that the candidate may be prime);
|
|
i is the loop counter (starting at 0).
|
|
|
|
=item *
|
|
|
|
When a prime q has been found, B<callback(2, 0, cb_arg)> and
|
|
B<callback(3, 0, cb_arg)> are called.
|
|
|
|
=item *
|
|
|
|
Before a candidate for p (other than the first) is generated and tested,
|
|
B<callback(0, counter, cb_arg)> is called.
|
|
|
|
=item *
|
|
|
|
When a candidate for p has passed the test by trial division,
|
|
B<callback(1, -1, cb_arg)> is called.
|
|
While it is tested by the Miller-Rabin primality test,
|
|
B<callback(1, i, cb_arg)> is called in the outer loop
|
|
(once for each witness that confirms that the candidate may be prime).
|
|
i is the loop counter (starting at 0).
|
|
|
|
=item *
|
|
|
|
When p has been found, B<callback(2, 1, cb_arg)> is called.
|
|
|
|
=item *
|
|
|
|
When the generator has been found, B<callback(3, 1, cb_arg)> is called.
|
|
|
|
=back
|
|
|
|
=head1 RETURN VALUE
|
|
|
|
DSA_generate_parameters() returns a pointer to the DSA structure, or
|
|
B<NULL> if the parameter generation fails. The error codes can be
|
|
obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
|
|
|
|
=head1 BUGS
|
|
|
|
Seed lengths E<gt> 20 are not supported.
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
|
|
L<DSA_free(3)|DSA_free(3)>
|
|
|
|
=head1 HISTORY
|
|
|
|
DSA_generate_parameters() appeared in SSLeay 0.8. The B<cb_arg>
|
|
argument was added in SSLeay 0.9.0.
|
|
In versions up to OpenSSL 0.9.4, B<callback(1, ...)> was called
|
|
in the inner loop of the Miller-Rabin test whenever it reached the
|
|
squaring step (the parameters to B<callback> did not reveal how many
|
|
witnesses had been tested); since OpenSSL 0.9.5, B<callback(1, ...)>
|
|
is called as in BN_is_prime(3), i.e. once for each witness.
|
|
=cut
|