Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

crypt::dsa::keychain(3pm) [debian man page]

Crypt::DSA::KeyChain(3pm)				User Contributed Perl Documentation				 Crypt::DSA::KeyChain(3pm)

NAME

       Crypt::DSA::KeyChain - DSA key generation system

SYNOPSIS

	   use Crypt::DSA::KeyChain;
	   my $keychain = Crypt::DSA::KeyChain->new;

	   my $key = $keychain->generate_params(
			   Size      => 512,
			   Seed      => $seed,
			   Verbosity => 1,
		     );

	   $keychain->generate_keys($key);

DESCRIPTION

       Crypt::DSA::KeyChain is a lower-level interface to key generation than the interface in Crypt::DSA (the keygen method). It allows you to
       separately generate the p, q, and g key parameters, given an optional starting seed, and a mandatory bit size for p (q and g are 160 bits
       each).

       You can then call generate_keys to generate the public and private portions of the key.

USAGE

   $keychain = Crypt::DSA::KeyChain->new
       Constructs a new Crypt::DSA::KeyChain object. At the moment this isn't particularly useful in itself, other than being the object you need
       in order to call the other methods.

       Returns the new object.

   $key = $keychain->generate_params(%arg)
       Generates a set of DSA parameters: the p, q, and g values of the key. This involves finding primes, and as such it can be a relatively long
       process.

       When invoked in scalar context, returns a new Crypt::DSA::Key object.

       In list context, returns the new Crypt::DSA::Key object, along with: the value of the internal counter when a suitable prime p was found;
       the value of h when g was derived; and the value of the seed (a 20-byte string) when q was found. These values aren't particularly useful
       in normal circumstances, but they could be useful.

       %arg can contain:

       o   Size

	   The size in bits of the p value to generate. The q and g values are always 160 bits each.

	   This argument is mandatory.

       o   Seed

	   A seed with which q generation will begin. If this seed does not lead to a suitable prime, it will be discarded, and a new random seed
	   chosen in its place, until a suitable prime can be found.

	   This is entirely optional, and if not provided a random seed will be generated automatically.

       o   Verbosity

	   Should be either 0 or 1. A value of 1 will give you a progress meter during p and q generation--this can be useful, since the process
	   can be relatively long.

	   The default is 0.

   $keychain->generate_keys($key)
       Generates the public and private portions of the key $key, a Crypt::DSA::Key object.

AUTHOR &; COPYRIGHT
       Please see the Crypt::DSA manpage for author, copyright, and license information.

perl v5.12.4							    2011-10-05						 Crypt::DSA::KeyChain(3pm)

Check Out this Related Man Page

DSA_generate_parameters(3)					      OpenSSL						DSA_generate_parameters(3)

NAME

       DSA_generate_parameters - generate DSA parameters

SYNOPSIS

	#include <openssl/dsa.h>

	DSA *DSA_generate_parameters(int bits, unsigned char *seed,
		       int seed_len, int *counter_ret, unsigned long *h_ret,
		       void (*callback)(int, int, void *), void *cb_arg);

DESCRIPTION

       DSA_generate_parameters() generates primes p and q and a generator g for use in the DSA.

       bits is the length of the prime to be generated; the DSS allows a maximum of 1024 bits.

       If seed is NULL or seed_len < 20, the primes will be generated at random. Otherwise, the seed is used to generate them. If the given seed
       does not yield a prime q, a new random seed is chosen and placed at seed.

       DSA_generate_parameters() places the iteration count in *counter_ret and a counter used for finding a generator in *h_ret, unless these are
       NULL.

       A callback function may be used to provide feedback about the progress of the key generation. If callback is not NULL, it will be called as
       follows:

       o   When a candidate for q is generated, callback(0, m++, cb_arg) is called (m is 0 for the first candidate).

       o   When a candidate for q has passed a test by trial division, callback(1, -1, cb_arg) is called.  While a candidate for q is tested by
	   Miller-Rabin primality tests, callback(1, i, cb_arg) is called in the outer loop (once for each witness that confirms that the candi-
	   date may be prime); i is the loop counter (starting at 0).

       o   When a prime q has been found, callback(2, 0, cb_arg) and callback(3, 0, cb_arg) are called.

       o   Before a candidate for p (other than the first) is generated and tested, callback(0, counter, cb_arg) is called.

       o   When a candidate for p has passed the test by trial division, callback(1, -1, cb_arg) is called.  While it is tested by the Miller-
	   Rabin primality test, callback(1, i, cb_arg) is called in the outer loop (once for each witness that confirms that the candidate may be
	   prime).  i is the loop counter (starting at 0).

       o   When p has been found, callback(2, 1, cb_arg) is called.

       o   When the generator has been found, callback(3, 1, cb_arg) is called.

RETURN VALUE

       DSA_generate_parameters() returns a pointer to the DSA structure, or NULL if the parameter generation fails. The error codes can be
       obtained by ERR_get_error(3).

BUGS

       Seed lengths > 20 are not supported.

SEE ALSO

       dsa(3), ERR_get_error(3), rand(3), DSA_free(3)

HISTORY

       DSA_generate_parameters() appeared in SSLeay 0.8. The cb_arg argument was added in SSLeay 0.9.0.  In versions up to OpenSSL 0.9.4, call-
       back(1, ...) was called in the inner loop of the Miller-Rabin test whenever it reached the squaring step (the parameters to callback did
       not reveal how many witnesses had been tested); since OpenSSL 0.9.5, callback(1, ...)  is called as in BN_is_prime(3), i.e. once for each
       witness.  =cut

0.9.7a								    2002-09-25						DSA_generate_parameters(3)
Man Page