1e1051a39Sopenharmony_ci=pod
2e1051a39Sopenharmony_ci
3e1051a39Sopenharmony_ci=head1 NAME
4e1051a39Sopenharmony_ci
5e1051a39Sopenharmony_ciDSA_generate_parameters_ex, DSA_generate_parameters - generate DSA parameters
6e1051a39Sopenharmony_ci
7e1051a39Sopenharmony_ci=head1 SYNOPSIS
8e1051a39Sopenharmony_ci
9e1051a39Sopenharmony_ci #include <openssl/dsa.h>
10e1051a39Sopenharmony_ci
11e1051a39Sopenharmony_ciThe following functions have been deprecated since OpenSSL 3.0, and can be
12e1051a39Sopenharmony_cihidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
13e1051a39Sopenharmony_cisee L<openssl_user_macros(7)>:
14e1051a39Sopenharmony_ci
15e1051a39Sopenharmony_ci int DSA_generate_parameters_ex(DSA *dsa, int bits,
16e1051a39Sopenharmony_ci                                const unsigned char *seed, int seed_len,
17e1051a39Sopenharmony_ci                                int *counter_ret, unsigned long *h_ret,
18e1051a39Sopenharmony_ci                                BN_GENCB *cb);
19e1051a39Sopenharmony_ci
20e1051a39Sopenharmony_ciThe following functions have been deprecated since OpenSSL 0.9.8, and can be
21e1051a39Sopenharmony_cihidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
22e1051a39Sopenharmony_cisee L<openssl_user_macros(7)>:
23e1051a39Sopenharmony_ci
24e1051a39Sopenharmony_ci DSA *DSA_generate_parameters(int bits, unsigned char *seed, int seed_len,
25e1051a39Sopenharmony_ci                              int *counter_ret, unsigned long *h_ret,
26e1051a39Sopenharmony_ci                              void (*callback)(int, int, void *), void *cb_arg);
27e1051a39Sopenharmony_ci
28e1051a39Sopenharmony_ci=head1 DESCRIPTION
29e1051a39Sopenharmony_ci
30e1051a39Sopenharmony_ciAll of the functions described on this page are deprecated.
31e1051a39Sopenharmony_ciApplications should instead use L<EVP_PKEY_paramgen_init(3)> and
32e1051a39Sopenharmony_ciL<EVP_PKEY_keygen(3)> as described in L<EVP_PKEY-DSA(7)>.
33e1051a39Sopenharmony_ci
34e1051a39Sopenharmony_ciDSA_generate_parameters_ex() generates primes p and q and a generator g
35e1051a39Sopenharmony_cifor use in the DSA and stores the result in B<dsa>.
36e1051a39Sopenharmony_ci
37e1051a39Sopenharmony_ciB<bits> is the length of the prime p to be generated.
38e1051a39Sopenharmony_ciFor lengths under 2048 bits, the length of q is 160 bits; for lengths
39e1051a39Sopenharmony_cigreater than or equal to 2048 bits, the length of q is set to 256 bits.
40e1051a39Sopenharmony_ci
41e1051a39Sopenharmony_ciIf B<seed> is NULL, the primes will be generated at random.
42e1051a39Sopenharmony_ciIf B<seed_len> is less than the length of q, an error is returned.
43e1051a39Sopenharmony_ci
44e1051a39Sopenharmony_ciDSA_generate_parameters_ex() places the iteration count in
45e1051a39Sopenharmony_ci*B<counter_ret> and a counter used for finding a generator in
46e1051a39Sopenharmony_ci*B<h_ret>, unless these are B<NULL>.
47e1051a39Sopenharmony_ci
48e1051a39Sopenharmony_ciA callback function may be used to provide feedback about the progress
49e1051a39Sopenharmony_ciof the key generation. If B<cb> is not B<NULL>, it will be
50e1051a39Sopenharmony_cicalled as shown below. For information on the BN_GENCB structure and the
51e1051a39Sopenharmony_ciBN_GENCB_call function discussed below, refer to
52e1051a39Sopenharmony_ciL<BN_generate_prime(3)>.
53e1051a39Sopenharmony_ci
54e1051a39Sopenharmony_ciDSA_generate_prime() is similar to DSA_generate_prime_ex() but
55e1051a39Sopenharmony_ciexpects an old-style callback function; see
56e1051a39Sopenharmony_ciL<BN_generate_prime(3)> for information on the old-style callback.
57e1051a39Sopenharmony_ci
58e1051a39Sopenharmony_ci=over 2
59e1051a39Sopenharmony_ci
60e1051a39Sopenharmony_ci=item *
61e1051a39Sopenharmony_ci
62e1051a39Sopenharmony_ciWhen a candidate for q is generated, B<BN_GENCB_call(cb, 0, m++)> is called
63e1051a39Sopenharmony_ci(m is 0 for the first candidate).
64e1051a39Sopenharmony_ci
65e1051a39Sopenharmony_ci=item *
66e1051a39Sopenharmony_ci
67e1051a39Sopenharmony_ciWhen a candidate for q has passed a test by trial division,
68e1051a39Sopenharmony_ciB<BN_GENCB_call(cb, 1, -1)> is called.
69e1051a39Sopenharmony_ciWhile a candidate for q is tested by Miller-Rabin primality tests,
70e1051a39Sopenharmony_ciB<BN_GENCB_call(cb, 1, i)> is called in the outer loop
71e1051a39Sopenharmony_ci(once for each witness that confirms that the candidate may be prime);
72e1051a39Sopenharmony_cii is the loop counter (starting at 0).
73e1051a39Sopenharmony_ci
74e1051a39Sopenharmony_ci=item *
75e1051a39Sopenharmony_ci
76e1051a39Sopenharmony_ciWhen a prime q has been found, B<BN_GENCB_call(cb, 2, 0)> and
77e1051a39Sopenharmony_ciB<BN_GENCB_call(cb, 3, 0)> are called.
78e1051a39Sopenharmony_ci
79e1051a39Sopenharmony_ci=item *
80e1051a39Sopenharmony_ci
81e1051a39Sopenharmony_ciBefore a candidate for p (other than the first) is generated and tested,
82e1051a39Sopenharmony_ciB<BN_GENCB_call(cb, 0, counter)> is called.
83e1051a39Sopenharmony_ci
84e1051a39Sopenharmony_ci=item *
85e1051a39Sopenharmony_ci
86e1051a39Sopenharmony_ciWhen a candidate for p has passed the test by trial division,
87e1051a39Sopenharmony_ciB<BN_GENCB_call(cb, 1, -1)> is called.
88e1051a39Sopenharmony_ciWhile it is tested by the Miller-Rabin primality test,
89e1051a39Sopenharmony_ciB<BN_GENCB_call(cb, 1, i)> is called in the outer loop
90e1051a39Sopenharmony_ci(once for each witness that confirms that the candidate may be prime).
91e1051a39Sopenharmony_cii is the loop counter (starting at 0).
92e1051a39Sopenharmony_ci
93e1051a39Sopenharmony_ci=item *
94e1051a39Sopenharmony_ci
95e1051a39Sopenharmony_ciWhen p has been found, B<BN_GENCB_call(cb, 2, 1)> is called.
96e1051a39Sopenharmony_ci
97e1051a39Sopenharmony_ci=item *
98e1051a39Sopenharmony_ci
99e1051a39Sopenharmony_ciWhen the generator has been found, B<BN_GENCB_call(cb, 3, 1)> is called.
100e1051a39Sopenharmony_ci
101e1051a39Sopenharmony_ci=back
102e1051a39Sopenharmony_ci
103e1051a39Sopenharmony_ci=head1 RETURN VALUES
104e1051a39Sopenharmony_ci
105e1051a39Sopenharmony_ciDSA_generate_parameters_ex() returns a 1 on success, or 0 otherwise.
106e1051a39Sopenharmony_ciThe error codes can be obtained by L<ERR_get_error(3)>.
107e1051a39Sopenharmony_ci
108e1051a39Sopenharmony_ciDSA_generate_parameters() returns a pointer to the DSA structure or
109e1051a39Sopenharmony_ciB<NULL> if the parameter generation fails.
110e1051a39Sopenharmony_ci
111e1051a39Sopenharmony_ci=head1 BUGS
112e1051a39Sopenharmony_ci
113e1051a39Sopenharmony_ciSeed lengths greater than 20 are not supported.
114e1051a39Sopenharmony_ci
115e1051a39Sopenharmony_ci=head1 SEE ALSO
116e1051a39Sopenharmony_ci
117e1051a39Sopenharmony_ciL<DSA_new(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>,
118e1051a39Sopenharmony_ciL<DSA_free(3)>, L<BN_generate_prime(3)>
119e1051a39Sopenharmony_ci
120e1051a39Sopenharmony_ci=head1 HISTORY
121e1051a39Sopenharmony_ci
122e1051a39Sopenharmony_ciDSA_generate_parameters_ex() was deprecated in OpenSSL 3.0.
123e1051a39Sopenharmony_ci
124e1051a39Sopenharmony_ciDSA_generate_parameters() was deprecated in OpenSSL 0.9.8; use
125e1051a39Sopenharmony_ciDSA_generate_parameters_ex() instead.
126e1051a39Sopenharmony_ci
127e1051a39Sopenharmony_ci=head1 COPYRIGHT
128e1051a39Sopenharmony_ci
129e1051a39Sopenharmony_ciCopyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
130e1051a39Sopenharmony_ci
131e1051a39Sopenharmony_ciLicensed under the Apache License 2.0 (the "License").  You may not use
132e1051a39Sopenharmony_cithis file except in compliance with the License.  You can obtain a copy
133e1051a39Sopenharmony_ciin the file LICENSE in the source distribution or at
134e1051a39Sopenharmony_ciL<https://www.openssl.org/source/license.html>.
135e1051a39Sopenharmony_ci
136e1051a39Sopenharmony_ci=cut
137