MirBSD manpage: DSA_generate_parameters(3)



     DSA_generate_parameters - generate DSA parameters


      #include <openssl/dsa.h>

      DSA *DSA_generate_parameters(int bits, unsigned char *seed,
                     int seed_len, int *counter_ret, unsigned long *h_ret,
                     void (*callback)(int, int, void *), void *cb_arg);


     DSA_generate_parameters() generates primes p and q and a
     generator g for use in the DSA.

     bits is the length of the prime to be generated; the DSS
     allows a maximum of 1024 bits.

     If seed is NULL or seed_len < 20, the primes will be gen-
     erated at random. Otherwise, the seed is used to generate
     them. If the given seed does not yield a prime q, a new ran-
     dom seed is chosen and placed at seed.

     DSA_generate_parameters() places the iteration count in
     *counter_ret and a counter used for finding a generator in
     *h_ret, unless these are NULL.

     A callback function may be used to provide feedback about
     the progress of the key generation. If callback is not NULL,
     it will be called as follows:

     +   When a candidate for q is generated, callback(0, m++,
         cb_arg) is called (m is 0 for the first candidate).

     +   When a candidate for q has passed a test by trial divi-
         sion, callback(1, -1, cb_arg) is called. While a candi-
         date for q is tested by Miller-Rabin primality tests,
         callback(1, i, cb_arg) is called in the outer loop (once
         for each witness that confirms that the candidate may be
         prime); i is the loop counter (starting at 0).

     +   When a prime q has been found, callback(2, 0, cb_arg)
         and callback(3, 0, cb_arg) are called.

     +   Before a candidate for p (other than the first) is gen-
         erated and tested, callback(0, counter, cb_arg) is

     +   When a candidate for p has passed the test by trial
         division, callback(1, -1, cb_arg) is called. While it is
         tested by the Miller-Rabin primality test, callback(1,
         i, cb_arg) is called in the outer loop (once for each
         witness that confirms that the candidate may be prime).

MirBSD #10-current         2005-02-05                           1


         i is the loop counter (starting at 0).

     +   When p has been found, callback(2, 1, cb_arg) is called.

     +   When the generator has been found, callback(3, 1,
         cb_arg) is called.


     DSA_generate_parameters() returns a pointer to the DSA
     structure, or NULL if the parameter generation fails. The
     error codes can be obtained by ERR_get_error(3).


     Seed lengths > 20 are not supported.


     dsa(3), ERR_get_error(3), rand(3), DSA_free(3)


     DSA_generate_parameters() appeared in SSLeay 0.8. The cb_arg
     argument was added in SSLeay 0.9.0. In versions up to
     OpenSSL 0.9.4, callback(1, ...) was called in the inner loop
     of the Miller-Rabin test whenever it reached the squaring
     step (the parameters to callback did not reveal how many
     witnesses had been tested); since OpenSSL 0.9.5, callback(1,
     ...) is called as in BN_is_prime(3), i.e. once for each wit-
     ness. =cut

MirBSD #10-current         2005-02-05                           2

Generated on 2022-12-24 01:00:14 by $MirOS: src/scripts/roff2htm,v 1.113 2022/12/21 23:14:31 tg Exp $ — This product includes material provided by mirabilos.

These manual pages and other documentation are copyrighted by their respective writers; their sources are available at the project’s CVSweb, AnonCVS and other mirrors. The rest is Copyright © 2002–2022 MirBSD.

This manual page’s HTML representation is supposed to be valid XHTML/1.1; if not, please send a bug report — diffs preferred.

Kontakt / Impressum & Datenschutzerklärung