diff options
Diffstat (limited to 'deps/openssl/openssl/doc/crypto/DSA_generate_parameters.pod')
-rw-r--r-- | deps/openssl/openssl/doc/crypto/DSA_generate_parameters.pod | 47 |
1 files changed, 24 insertions, 23 deletions
diff --git a/deps/openssl/openssl/doc/crypto/DSA_generate_parameters.pod b/deps/openssl/openssl/doc/crypto/DSA_generate_parameters.pod index b1a4d201b7..fc051495f6 100644 --- a/deps/openssl/openssl/doc/crypto/DSA_generate_parameters.pod +++ b/deps/openssl/openssl/doc/crypto/DSA_generate_parameters.pod @@ -9,27 +9,28 @@ DSA_generate_parameters_ex, DSA_generate_parameters - generate DSA parameters #include <openssl/dsa.h> int DSA_generate_parameters_ex(DSA *dsa, int bits, - const unsigned char *seed,int seed_len, - int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); + const unsigned char *seed, int seed_len, + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); Deprecated: + #if OPENSSL_API_COMPAT < 0x00908000L DSA *DSA_generate_parameters(int bits, unsigned char *seed, int seed_len, int *counter_ret, unsigned long *h_ret, - void (*callback)(int, int, void *), void *cb_arg); + void (*callback)(int, int, void *), void *cb_arg); + #endif =head1 DESCRIPTION DSA_generate_parameters_ex() generates primes p and q and a generator g for use in the DSA and stores the result in B<dsa>. -B<bits> is the length of the prime to be generated; the DSS allows a -maximum of 1024 bits. +B<bits> is the length of the prime p to be generated. +For lengths under 2048 bits, the length of q is 160 bits; for lengths +greater than or equal to 2048 bits, the length of q is set to 256 bits. -If B<seed> is B<NULL> or B<seed_len> E<lt> 20, the primes will be -generated at random. Otherwise, the seed is used to generate -them. If the given seed does not yield a prime q, a new random -seed is chosen. +If B<seed> is NULL, the primes will be generated at random. +If B<seed_len> is less than the length of q, an error is returned. DSA_generate_parameters_ex() places the iteration count in *B<counter_ret> and a counter used for finding a generator in @@ -39,9 +40,9 @@ A callback function may be used to provide feedback about the progress of the key generation. If B<cb> is not B<NULL>, it will be called as shown below. For information on the BN_GENCB structure and the BN_GENCB_call function discussed below, refer to -L<BN_generate_prime(3)|BN_generate_prime(3)>. +L<BN_generate_prime(3)>. -=over 4 +=over 2 =item * @@ -89,7 +90,7 @@ When the generator has been found, B<BN_GENCB_call(cb, 3, 1)> is called. DSA_generate_parameters() (deprecated) works in much the same way as for DSA_generate_parameters_ex, except that no B<dsa> parameter is passed and instead a newly allocated B<DSA> structure is returned. Additionally "old style" callbacks are used instead of the newer BN_GENCB based approach. -Refer to L<BN_generate_prime(3)|BN_generate_prime(3)> for further information. +Refer to L<BN_generate_prime(3)> for further information. =head1 RETURN VALUE @@ -98,7 +99,7 @@ DSA_generate_parameters_ex() returns a 1 on success, or 0 otherwise. DSA_generate_parameters() returns a pointer to the DSA structure, or B<NULL> if the parameter generation fails. -The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. +The error codes can be obtained by L<ERR_get_error(3)>. =head1 BUGS @@ -106,16 +107,16 @@ Seed lengths E<gt> 20 are not supported. =head1 SEE ALSO -L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, -L<DSA_free(3)|DSA_free(3)>, L<BN_generate_prime(3)|BN_generate_prime(3)> +L<DSA_new(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>, +L<DSA_free(3)>, L<BN_generate_prime(3)> -=head1 HISTORY +=head1 COPYRIGHT + +Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L<https://www.openssl.org/source/license.html>. -DSA_generate_parameters() appeared in SSLeay 0.8. The B<cb_arg> -argument was added in SSLeay 0.9.0. -In versions up to OpenSSL 0.9.4, B<callback(1, ...)> was called -in the inner loop of the Miller-Rabin test whenever it reached the -squaring step (the parameters to B<callback> did not reveal how many -witnesses had been tested); since OpenSSL 0.9.5, B<callback(1, ...)> -is called as in BN_is_prime(3), i.e. once for each witness. =cut |