aboutsummaryrefslogtreecommitdiff
path: root/secure/lib/libcrypto/man/man3/RSA_generate_key.3
diff options
context:
space:
mode:
Diffstat (limited to 'secure/lib/libcrypto/man/man3/RSA_generate_key.3')
-rw-r--r--secure/lib/libcrypto/man/man3/RSA_generate_key.380
1 files changed, 48 insertions, 32 deletions
diff --git a/secure/lib/libcrypto/man/man3/RSA_generate_key.3 b/secure/lib/libcrypto/man/man3/RSA_generate_key.3
index 45a0fa02ced7..cddd181e04de 100644
--- a/secure/lib/libcrypto/man/man3/RSA_generate_key.3
+++ b/secure/lib/libcrypto/man/man3/RSA_generate_key.3
@@ -1,4 +1,4 @@
-.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.43)
+.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -68,8 +68,6 @@
. \}
.\}
.rr rF
-.\"
-.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff
.if n \{\
@@ -132,51 +130,65 @@
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
-.IX Title "RSA_GENERATE_KEY 3"
-.TH RSA_GENERATE_KEY 3 "2022-05-03" "1.1.1o" "OpenSSL"
+.IX Title "RSA_GENERATE_KEY 3ossl"
+.TH RSA_GENERATE_KEY 3ossl "2023-09-19" "3.0.11" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-RSA_generate_key_ex, RSA_generate_key, RSA_generate_multi_prime_key \- generate RSA key pair
+EVP_RSA_gen,
+RSA_generate_key_ex, RSA_generate_key,
+RSA_generate_multi_prime_key \- generate RSA key pair
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/rsa.h>
\&
+\& EVP_PKEY *EVP_RSA_gen(unsigned int bits);
+.Ve
+.PP
+The following functions have been deprecated since OpenSSL 3.0, and can be
+hidden entirely by defining \fB\s-1OPENSSL_API_COMPAT\s0\fR with a suitable version value,
+see \fBopenssl_user_macros\fR\|(7):
+.PP
+.Vb 2
\& int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
\& int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb);
.Ve
.PP
-Deprecated:
+The following function has been deprecated since OpenSSL 0.9.8, and can be
+hidden entirely by defining \fB\s-1OPENSSL_API_COMPAT\s0\fR with a suitable version value,
+see \fBopenssl_user_macros\fR\|(7):
.PP
-.Vb 4
-\& #if OPENSSL_API_COMPAT < 0x00908000L
+.Vb 2
\& RSA *RSA_generate_key(int bits, unsigned long e,
\& void (*callback)(int, int, void *), void *cb_arg);
-\& #endif
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
+\&\fBEVP_RSA_gen()\fR generates a new \s-1RSA\s0 key pair with modulus size \fIbits\fR.
+.PP
+All of the functions described below are deprecated.
+Applications should instead use \fBEVP_RSA_gen()\fR, \fBEVP_PKEY_Q_keygen\fR\|(3), or
+\&\fBEVP_PKEY_keygen_init\fR\|(3) and \fBEVP_PKEY_keygen\fR\|(3).
+.PP
\&\fBRSA_generate_key_ex()\fR generates a 2\-prime \s-1RSA\s0 key pair and stores it in the
-\&\fB\s-1RSA\s0\fR structure provided in \fBrsa\fR. The pseudo-random number generator must
-be seeded prior to calling \fBRSA_generate_key_ex()\fR.
+\&\fB\s-1RSA\s0\fR structure provided in \fIrsa\fR.
.PP
\&\fBRSA_generate_multi_prime_key()\fR generates a multi-prime \s-1RSA\s0 key pair and stores
-it in the \fB\s-1RSA\s0\fR structure provided in \fBrsa\fR. The number of primes is given by
-the \fBprimes\fR parameter. The random number generator must be seeded when
-calling \fBRSA_generate_multi_prime_key()\fR.
+it in the \fB\s-1RSA\s0\fR structure provided in \fIrsa\fR. The number of primes is given by
+the \fIprimes\fR parameter.
If the automatic seeding or reseeding of the OpenSSL \s-1CSPRNG\s0 fails due to
external circumstances (see \s-1\fBRAND\s0\fR\|(7)), the operation will fail.
.PP
-The modulus size will be of length \fBbits\fR, the number of primes to form the
-modulus will be \fBprimes\fR, and the public exponent will be \fBe\fR. Key sizes
-with \fBnum\fR < 1024 should be considered insecure. The exponent is an odd
+The modulus size will be of length \fIbits\fR, the number of primes to form the
+modulus will be \fIprimes\fR, and the public exponent will be \fIe\fR. Key sizes
+with \fInum\fR < 1024 should be considered insecure. The exponent is an odd
number, typically 3, 17 or 65537.
.PP
In order to maintain adequate security level, the maximum number of permitted
-\&\fBprimes\fR depends on modulus bit length:
+\&\fIprimes\fR depends on modulus bit length:
.PP
.Vb 3
\& <1024 | >=1024 | >=4096 | >=8192
@@ -185,7 +197,7 @@ In order to maintain adequate security level, the maximum number of permitted
.Ve
.PP
A callback function may be used to provide feedback about the
-progress of the key generation. If \fBcb\fR is not \fB\s-1NULL\s0\fR, it
+progress of the key generation. If \fIcb\fR is not \s-1NULL,\s0 it
will be called as follows using the \fBBN_GENCB_call()\fR function
described on the \fBBN_generate_prime\fR\|(3) page.
.PP
@@ -197,37 +209,41 @@ While a random prime number is generated, it is called as
described in \fBBN_generate_prime\fR\|(3).
.IP "\(bu" 2
When the n\-th randomly generated prime is rejected as not
-suitable for the key, \fBBN_GENCB_call(cb, 2, n)\fR is called.
+suitable for the key, \fIBN_GENCB_call(cb, 2, n)\fR is called.
.IP "\(bu" 2
-When a random p has been found with p\-1 relatively prime to \fBe\fR,
-it is called as \fBBN_GENCB_call(cb, 3, 0)\fR.
+When a random p has been found with p\-1 relatively prime to \fIe\fR,
+it is called as \fIBN_GENCB_call(cb, 3, 0)\fR.
.PP
The process is then repeated for prime q and other primes (if any)
-with \fBBN_GENCB_call(cb, 3, i)\fR where \fBi\fR indicates the i\-th prime.
+with \fIBN_GENCB_call(cb, 3, i)\fR where \fIi\fR indicates the i\-th prime.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
+\&\fBEVP_RSA_gen()\fR returns an \fI\s-1EVP_PKEY\s0\fR or \s-1NULL\s0 on failure.
+.PP
\&\fBRSA_generate_multi_prime_key()\fR returns 1 on success or 0 on error.
\&\fBRSA_generate_key_ex()\fR returns 1 on success or 0 on error.
The error codes can be obtained by \fBERR_get_error\fR\|(3).
.PP
\&\fBRSA_generate_key()\fR returns a pointer to the \s-1RSA\s0 structure or
-\&\fB\s-1NULL\s0\fR if the key generation fails.
+\&\s-1NULL\s0 if the key generation fails.
.SH "BUGS"
.IX Header "BUGS"
-\&\fBBN_GENCB_call(cb, 2, x)\fR is used with two different meanings.
+\&\fIBN_GENCB_call(cb, 2, x)\fR is used with two different meanings.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
-\&\fBERR_get_error\fR\|(3), \fBRAND_bytes\fR\|(3), \fBBN_generate_prime\fR\|(3),
-\&\s-1\fBRAND\s0\fR\|(7)
+\&\fBEVP_PKEY_Q_keygen\fR\|(3)
+\&\fBBN_generate_prime\fR\|(3), \fBERR_get_error\fR\|(3),
+\&\fBRAND_bytes\fR\|(3), \s-1\fBRAND\s0\fR\|(7)
.SH "HISTORY"
.IX Header "HISTORY"
-\&\fBRSA_generate_key()\fR was deprecated in OpenSSL 0.9.8; use
-\&\fBRSA_generate_key_ex()\fR instead.
+\&\fBEVP_RSA_gen()\fR was added in OpenSSL 3.0.
+All other functions described here were deprecated in OpenSSL 3.0.
+For replacement see \s-1\fBEVP_PKEY\-RSA\s0\fR\|(7).
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
-Copyright 2000\-2019 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000\-2021 The OpenSSL Project Authors. All Rights Reserved.
.PP
-Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use
+Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-12 03:38:24 +0000