diff options
author | Andy Polyakov <appro@openssl.org> | 2017-11-24 22:45:45 +0100 |
---|---|---|
committer | Andy Polyakov <appro@openssl.org> | 2017-11-28 20:05:48 +0100 |
commit | 3bded9cd35077363d1e70ac5fa8ad827b5dcc0b8 (patch) | |
tree | d1eaef575db625565cac1be48d4126b4b70c8bfb /doc/man3 | |
parent | 0122add6549c7d5671f77a81c5a32571a5d46f3f (diff) | |
download | openssl-3bded9cd35077363d1e70ac5fa8ad827b5dcc0b8.zip openssl-3bded9cd35077363d1e70ac5fa8ad827b5dcc0b8.tar.gz openssl-3bded9cd35077363d1e70ac5fa8ad827b5dcc0b8.tar.bz2 |
rsa/rsa_gen.c: harmonize keygen's ability with RSA_security_bits.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4791)
Diffstat (limited to 'doc/man3')
-rw-r--r-- | doc/man3/RSA_generate_key.pod | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/doc/man3/RSA_generate_key.pod b/doc/man3/RSA_generate_key.pod index 6e8e50c..ba07e6f 100644 --- a/doc/man3/RSA_generate_key.pod +++ b/doc/man3/RSA_generate_key.pod @@ -35,6 +35,13 @@ modulus will be B<primes>, and the public exponent will be B<e>. Key sizes with B<num> E<lt> 1024 should be considered insecure. The exponent is an odd number, typically 3, 17 or 65537. +In order to maintain adequate security level, the maximum number of permitted +B<primes> depends on modulus bit length: + + <1024 | >=1024 | >=4096 | >=8192 + ------+--------+--------+------- + 2 | 3 | 4 | 5 + A callback function may be used to provide feedback about the progress of the key generation. If B<cb> is not B<NULL>, it will be called as follows using the BN_GENCB_call() function @@ -81,8 +88,7 @@ B<BN_GENCB_call(cb, 2, x)> is used with two different meanings. =head1 SEE ALSO -L<ERR_get_error(3)>, L<RAND_bytes(3)>, -L<RSA_generate_key_ex(3)>, L<BN_generate_prime(3)> +L<ERR_get_error(3)>, L<RAND_bytes(3)>, L<BN_generate_prime(3)> =head1 HISTORY |