Rsa_generate_key_ex Site Www.openssl.org

admin 11.12.2020

Rsa_generate_key_ex Site Www.openssl.org Average ratng: 5,0/5 4843 reviews

Openssl Public Key

Jan 12, 2013 On Mon, Jan 14, 2013, Dave Thompson wrote: OpenSSL non-engine will not.use. Rsa public private key generator. a key 16384 for RSA public operations (encrypt, verify) at all, and will not use one 3072 with a 'large' public exponent e (64 bits). OpenSSL can't generate with e usually 32 bits, but this could be an issue for interoperation - or DoS attack. Minor point, the older RSAgeneratekey function uses.

* Licensed under the OpenSSL license (the 'License'). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
*/
/*
* NB: these functions have been 'upgraded', the deprecated versions (which
* are compatibility wrappers using these functions) are in rsa_depr.c. -
*/
#include <stdio.h>
#include 'internal/cryptlib.h'
#include 'rsa_locl.h'
static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
* NB: this wrapper would normally be placed in rsa_lib.c and the static
* implementation would probably be in rsa_eay.c. Nonetheless, is kept here
* so that we don't introduce a new linker dependency. Eg. any application
* that wasn't previously linking object code related to key-generation won't
* have to now just because key-generation is part of RSA_METHOD.
int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
if (rsa->meth->rsa_keygen)
return rsa->meth->rsa_keygen(rsa, bits, e_value, cb);
return rsa_builtin_keygen(rsa, bits, e_value, cb);
static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
{
BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp;
BN_CTX *ctx = NULL;
/*
* When generating ridiculously small keys, we can get stuck
* continually regenerating the same prime values.
if (bits < 16) {
RSAerr(RSA_F_RSA_BUILTIN_KEYGEN, RSA_R_KEY_SIZE_TOO_SMALL);
}
ctx = BN_CTX_new();
goto err;
r0 = BN_CTX_get(ctx);
r2 = BN_CTX_get(ctx);
if (r3 NULL)
bitsq = bits - bitsp;
/* We need the RSA components non-NULL */
goto err;
if (!rsa->d && ((rsa->d = BN_secure_new()) NULL))
if (!rsa->e && ((rsa->e = BN_new()) NULL))
if (!rsa->p && ((rsa->p = BN_secure_new()) NULL))
if (!rsa->q && ((rsa->q = BN_secure_new()) NULL))
if (!rsa->dmp1 && ((rsa->dmp1 = BN_secure_new()) NULL))
if (!rsa->dmq1 && ((rsa->dmq1 = BN_secure_new()) NULL))
if (!rsa->iqmp && ((rsa->iqmp = BN_secure_new()) NULL))
goto err;
/* generate p and q */
if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb))
if (!BN_sub(r2, rsa->p, BN_value_one()))
if (!BN_gcd(r1, r2, rsa->e, ctx))
if (BN_is_one(r1))
if (!BN_GENCB_call(cb, 2, n++))
}
goto err;
do {
if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb))
} while (BN_cmp(rsa->p, rsa->q) 0);
goto err;
goto err;
break;
goto err;
if (!BN_GENCB_call(cb, 3, 1))
if (BN_cmp(rsa->p, rsa->q) < 0) {
rsa->p = rsa->q;
}
/* calculate n */
goto err;
/* calculate d */
goto err; /* p-1 */
goto err; /* q-1 */
goto err; /* (p-1)(q-1) */
BIGNUM *pr0 = BN_new();
if (pr0 NULL)
BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
BN_free(pr0);
}
/* We MUST free pr0 before any further use of r0 */
}
{
goto err;
!BN_mod(rsa->dmp1, d, r1, ctx)
!BN_mod(rsa->dmq1, d, r2, ctx)) {
goto err;
/* We MUST free d before any further use of rsa->d */
}
{
goto err;
if (!BN_mod_inverse(rsa->iqmp, rsa->q, p, ctx)) {
goto err;
/* We MUST free p before any further use of rsa->p */
}
ok = 1;
if (ok -1) {
ok = 0;
if (ctx != NULL)
BN_CTX_free(ctx);
return ok;

Openssl Public Key

On the OpenSSL Wiki page called EVP Key and Parameter Generation it states the following: Since these functions use random numbers you should ensure that the random number generator is appropria.
Openssl rsa.h 提供了密码学中公钥加密体系的一些接口，本文主要讨论利用rsa.h接口开发以下功能.