DSA_generate_parameters 3 2003-07-24 0.9.9-dev OpenSSL
NAME
DSA_generate_parameters - generate DSA parameters
LIBRARY
libcrypto, -lcrypto
SYNOPSIS
#include
DSA *DSA_generate_parameters(int bits, unsigned char *seed,
int seed_len, int *counter_ret, unsigned long *h_ret,
void (*callback)(int, int, void *), void *cb_arg);
DESCRIPTION
_D_S_A___g_e_n_e_r_a_t_e___p_a_r_a_m_e_t_e_r_s_(_) generates primes p and q and a generator g
for use in the DSA.
bbiittss is the length of the prime to be generated; the DSS allows a
maximum of 1024 bits.
If sseeeedd is NNUULLLL or sseeeedd__lleenn < 20, the primes will be
generated at random. Otherwise, the seed is used to generate
them. If the given seed does not yield a prime q, a new random
seed is chosen and placed at sseeeedd.
_D_S_A___g_e_n_e_r_a_t_e___p_a_r_a_m_e_t_e_r_s_(_) places the iteration count in
*ccoouunntteerr__rreett and a counter used for finding a generator in
*hh__rreett, unless these are NNUULLLL.
A callback function may be used to provide feedback about the progress
of the key generation. If ccaallllbbaacckk is not NNUULLLL, it will be
called as follows:
-
·
When a candidate for q is generated, ccaallllbbaacckk((00,, mm++++,, ccbb__aarrgg)) is called
-
(m is 0 for the first candidate).
-
·
When a candidate for q has passed a test by trial division,
-
ccaallllbbaacckk((11,, --11,, ccbb__aarrgg)) is called.
While a candidate for q is tested by Miller-Rabin primality tests,
ccaallllbbaacckk((11,, ii,, ccbb__aarrgg)) is called in the outer loop
(once for each witness that confirms that the candidate may be prime);
i is the loop counter (starting at 0).
-
·
When a prime q has been found, ccaallllbbaacckk((22,, 00,, ccbb__aarrgg)) and
-
ccaallllbbaacckk((33,, 00,, ccbb__aarrgg)) are called.
-
·
Before a candidate for p (other than the first) is generated and tested,
-
ccaallllbbaacckk((00,, ccoouunntteerr,, ccbb__aarrgg)) is called.
-
·
When a candidate for p has passed the test by trial division,
-
ccaallllbbaacckk((11,, --11,, ccbb__aarrgg)) is called.
While it is tested by the Miller-Rabin primality test,
ccaallllbbaacckk((11,, ii,, ccbb__aarrgg)) is called in the outer loop
(once for each witness that confirms that the candidate may be prime).
i is the loop counter (starting at 0).
-
·
When p has been found, ccaallllbbaacckk((22,, 11,, ccbb__aarrgg)) is called.
-
-
·
When the generator has been found, ccaallllbbaacckk((33,, 11,, ccbb__aarrgg)) is called.
-
RETURN VALUE
_D_S_A___g_e_n_e_r_a_t_e___p_a_r_a_m_e_t_e_r_s_(_) returns a pointer to the DSA structure, or
NNUULLLL if the parameter generation fails. The error codes can be
obtained by _E_R_R___g_e_t___e_r_r_o_r(3).
BUGS
Seed lengths > 20 are not supported.
SEE ALSO
_o_p_e_n_s_s_l___d_s_a(3), _E_R_R___g_e_t___e_r_r_o_r(3), _o_p_e_n_s_s_l___r_a_n_d(3),
_D_S_A___f_r_e_e(3)
HISTORY
_D_S_A___g_e_n_e_r_a_t_e___p_a_r_a_m_e_t_e_r_s_(_) appeared in SSLeay 0.8. The ccbb__aarrgg
argument was added in SSLeay 0.9.0.
In versions up to OpenSSL 0.9.4, ccaallllbbaacckk((11,, ......)) was called
in the inner loop of the Miller-Rabin test whenever it reached the
squaring step (the parameters to ccaallllbbaacckk did not reveal how many
witnesses had been tested); since OpenSSL 0.9.5, ccaallllbbaacckk((11,, ......))
is called as in _B_N___i_s___p_r_i_m_e(3), i.e. once for each witness.
=cut