diff options
| author | Paul Yang <yang.yang@baishancloud.com> | 2017-08-02 02:19:43 +0800 |
|---|---|---|
| committer | Paul Yang <yang.yang@baishancloud.com> | 2017-11-21 14:38:42 +0800 |
| commit | 665d899fa6d3571da016925067ebcf1789d7d19c (patch) | |
| tree | 1674f352dc0feee9e68e6221d21c5d79bd1935ab /doc/man1/genrsa.pod | |
| parent | b0004708730f300a2e5c6a11c887caab50b6c42a (diff) | |
Support multi-prime RSA (RFC 8017)
* Introduce RSA_generate_multi_prime_key to generate multi-prime
RSA private key. As well as the following functions:
RSA_get_multi_prime_extra_count
RSA_get0_multi_prime_factors
RSA_get0_multi_prime_crt_params
RSA_set0_multi_prime_params
RSA_get_version
* Support EVP operations for multi-prime RSA
* Support ASN.1 operations for multi-prime RSA
* Support multi-prime check in RSA_check_key_ex
* Support multi-prime RSA in apps/genrsa and apps/speed
* Support multi-prime RSA manipulation functions
* Test cases and documentation are added
* CHANGES is updated
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4241)
Diffstat (limited to 'doc/man1/genrsa.pod')
| -rw-r--r-- | doc/man1/genrsa.pod | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/doc/man1/genrsa.pod b/doc/man1/genrsa.pod index f6a2d8a7f3..3e42c98f5d 100644 --- a/doc/man1/genrsa.pod +++ b/doc/man1/genrsa.pod @@ -28,6 +28,7 @@ B<openssl> B<genrsa> [B<-rand file...>] [B<-writerand file>] [B<-engine id>] +[B<-primes num>] [B<numbits>] =head1 DESCRIPTION @@ -83,6 +84,13 @@ to attempt to obtain a functional reference to the specified engine, thus initialising it if needed. The engine will then be set as the default for all available algorithms. +=item B<-primes num> + +Specify the number of primes to use while generating the RSA key. The B<num> +parameter must be a positive integer that is greater than 1 and less than 16. +If B<num> is greater than 2, then the generated key is called a 'multi-prime' +RSA key, which is defined in RFC 8017. + =item B<numbits> The size of the private key to generate in bits. This must be the last option @@ -92,15 +100,17 @@ specified. The default is 2048. =head1 NOTES -RSA private key generation essentially involves the generation of two prime -numbers. When generating a private key various symbols will be output to +RSA private key generation essentially involves the generation of two or more +prime numbers. When generating a private key various symbols will be output to indicate the progress of the generation. A B<.> represents each number which has passed an initial sieve test, B<+> means a number has passed a single -round of the Miller-Rabin primality test. A newline means that the number has -passed all the prime tests (the actual number depends on the key size). +round of the Miller-Rabin primality test, B<*> means the current prime starts +a regenerating progress due to some failed tests. A newline means that the number +has passed all the prime tests (the actual number depends on the key size). Because key generation is a random process the time taken to generate a key -may vary somewhat. +may vary somewhat. But in general, more primes lead to less generation time +of a key. =head1 BUGS |