DSA_generate_parameters_ex, DSA_generate_parameters − generate DSA parameters

#include
<openssl/dsa.h>

int DSA_generate_parameters_ex(DSA *dsa, int bits,

const unsigned char *seed, int seed_len,

int *counter_ret, unsigned long *h_ret,

BN_GENCB *cb);

Deprecated:

#if
OPENSSL_API_COMPAT < 0x00908000L

DSA *DSA_generate_parameters(int bits, unsigned char *seed,
int seed_len,

int *counter_ret, unsigned long *h_ret,

void (*callback)(int, int, void *), void *cb_arg);

#endif

**DSA_generate_parameters_ex()**
generates primes p and q and a generator g for use in the
DSA and stores the result in **dsa**.

**bits** is
the length of the prime p to be generated. For lengths under
2048 bits, the length of q is 160 bits; for lengths greater
than or equal to 2048 bits, the length of q is set to 256
bits.

If **seed**
is NULL, the primes will be generated at
random. If **seed_len** is less than the length of q, an
error is returned.

**DSA_generate_parameters_ex()**
places the iteration count in ***counter_ret** and a
counter used for finding a generator in ***h_ret**,
unless these are **NULL** .

A callback
function may be used to provide feedback about the progress
of the key generation. If **cb** is not
**NULL** , it will be called as shown
below. For information on the BN_GENCB
structure and the BN_GENCB_call function discussed below,
refer to **BN_generate_prime**(3).

**DSA_generate_prime()**
is similar to **DSA_generate_prime_ex()** but expects an
old-style callback function; see **BN_generate_prime**(3)
for information on the old-style callback.

• |
When a candidate for q is generated,
| ||

• |
When a candidate for q has passed a test by trial
division, | ||

• |
When a prime q has been found, | ||

• |
Before a candidate for p (other than the first) is
generated and tested, | ||

• |
When a candidate for p has passed the test by trial
division, | ||

• |
When p has been found, | ||

• |
When the generator has been found, |

**DSA_generate_parameters_ex()**
returns a 1 on success, or 0 otherwise. The error codes can
be obtained by **ERR_get_error**(3).

**DSA_generate_parameters()**
returns a pointer to the DSA structure or
**NULL** if the parameter generation
fails.

Seed lengths greater than 20 are not supported.

**DSA_new**(3),
**ERR_get_error**(3), **RAND_bytes**(3),
**DSA_free**(3), **BN_generate_prime**(3)

**DSA_generate_parameters()**
was deprecated in OpenSSL 0.9.8; use
**DSA_generate_parameters_ex()** instead.

Copyright 2000−2018 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.