1 files changed, 171 insertions, 0 deletions
diff --git a/src/lib/libcrypto/man/DSA_generate_parameters.3 b/src/lib/libcrypto/man/DSA_generate_parameters.3
new file mode 100644
index 0000000000..1acb85e77a
--- /dev/null
+++ b/src/lib/libcrypto/man/DSA_generate_parameters.3
@@ -0,0 +1,171 @@
+.Dd $Mdocdate: November 2 2016 $
+.Dt DSA_GENERATE_PARAMETERS 3
+.Os
+.Sh NAME
+.Nm DSA_generate_parameters_ex ,
+.Nm DSA_generate_parameters
+.Nd generate DSA parameters
+.Sh SYNOPSIS
+.In openssl/dsa.h
+.Ft int
+.Fo DSA_generate_parameters_ex
+.Fa "DSA *dsa"
+.Fa "int bits"
+.Fa "const unsigned char *seed"
+.Fa "int seed_len"
+.Fa "int *counter_ret"
+.Fa "unsigned long *h_ret"
+.Fa "BN_GENCB *cb"
+.Fc
+.Pp
+Deprecated:
+.Pp
+.Ft DSA *
+.Fo DSA_generate_parameters
+.Fa "int bits"
+.Fa "unsigned char *seed"
+.Fa "int seed_len"
+.Fa "int *counter_ret"
+.Fa "unsigned long *h_ret"
+.Fa "void (*callback)(int, int, void *)"
+.Fa "void *cb_arg"
+.Fc
+.Sh DESCRIPTION
+.Fn DSA_generate_parameters_ex
+generates primes p and q and a generator g for use in the DSA and stores
+the result in
+.Fa dsa .
+.Pp
+.Fa bits
+is the length of the prime to be generated; the DSS allows a maximum of
+1024 bits.
+.Pp
+If
+.Fa seed
+is
+.Dv NULL
+or
+.Fa seed_len
+< 20, the primes will be generated at random.
+Otherwise, the seed is used to generate them.
+If the given seed does not yield a prime q, a new random seed is chosen
+and placed at
+.Fa seed .
+.Pp
+.Fn DSA_generate_parameters_ex
+places the iteration count in
+.Pf * Fa counter_ret
+and a counter used for finding a generator in
+.Pf * Fa h_ret ,
+unless these are
+.Dv NULL .
+.Pp
+A callback function may be used to provide feedback about the progress
+of the key generation.
+If
+.Fa cb
+is not
+.Dv NULL ,
+it will be called as shown below.
+For information on the
+.Vt BN_GENCB
+structure, refer to
+.Xr BN_GENCB_call 3 .
+.Bl -bullet
+.It
+When a candidate for q is generated,
+.Fn BN_GENCB_call cb 0 m++
+is called
+.Pf ( Fa m
+is 0 for the first candidate).
+.It
+When a candidate for q has passed a test by trial division,
+.Fn BN_GENCB_call cb 1 -1
+is called.
+While a candidate for q is tested by Miller-Rabin primality tests,
+.Fn BN_GENCB_call cb 1 i
+is called in the outer loop (once for each witness that confirms that
+the candidate may be prime);
+.Fa i
+is the loop counter (starting at 0).
+.It
+When a prime q has been found,
+.Fn BN_GENCB_call cb 2 0
+and
+.Fn BN_GENCB_call cb 3 0
+are called.
+.It
+Before a candidate for p (other than the first) is generated and tested,
+.Fn BN_GENCB_call cb 0 counter
+is called.
+.It
+When a candidate for p has passed the test by trial division,
+.Fn BN_GENCB_call cb 1 -1
+is called.
+While it is tested by the Miller-Rabin primality test,
+.Fn BN_GENCB_call cb 1 i
+is called in the outer loop (once for each witness that confirms that
+the candidate may be prime).
+.Fa i
+is the loop counter (starting at 0).
+.It
+When p has been found,
+.Fn BN_GENCB_call cb 2 1
+is called.
+.It
+When the generator has been found,
+.Fn BN_GENCB_call cb 3 1
+is called.
+.El
+.Pp
+.Fn DSA_generate_parameters
+(deprecated) works in much the same way as for
+.Fn DSA_generate_parameters_ex ,
+except that no
+.Fa dsa
+parameter is passed and instead a newly allocated
+.Vt DSA
+structure is returned.
+Additionally "old style" callbacks are used instead of the newer
+.Vt BN_GENCB
+based approach.
+Refer to
+.Xr BN_generate_prime 3
+for further information.
+.Sh RETURN VALUE
+.Fn DSA_generate_parameters_ex
+returns a 1 on success, or 0 otherwise.
+.Pp
+.Fn DSA_generate_parameters
+returns a pointer to the
+.Vt DSA
+structure, or
+.Dv NULL
+if the parameter generation fails.
+.Pp
+The error codes can be obtained by
+.Xr ERR_get_error 3 .
+.Sh SEE ALSO
+.Xr BN_generate_prime 3 ,
+.Xr dsa 3 ,
+.Xr DSA_free 3 ,
+.Xr ERR_get_error 3 ,
+.Xr rand 3
+.Sh HISTORY
+.Fn DSA_generate_parameters
+appeared in SSLeay 0.8.
+The
+.Fa cb_arg
+argument was added in SSLeay 0.9.0.
+In versions up to OpenSSL 0.9.4,
+.Fn callback 1 ...\&
+was called in the inner loop of the Miller-Rabin test whenever it
+reached the squaring step (the parameters to
+.Fn callback
+did not reveal how many witnesses had been tested); since OpenSSL 0.9.5,
+.Fn callback 1 ...\&
+is called as in
+.Xr BN_is_prime 3 ,
+i.e. once for each witness.
+.Sh BUGS
+Seed lengths > 20 are not supported.

diff --git a/src/lib/libcrypto/man/DSA_generate_parameters.3 b/src/lib/libcrypto/man/DSA_generate_parameters.3 new file mode 100644 index 0000000000..1acb85e77a --- /dev/null +++ b/src/lib/libcrypto/man/DSA_generate_parameters.3
@@ -0,0 +1,171 @@
	1	.Dd $Mdocdate: November 2 2016 $
	2	.Dt DSA_GENERATE_PARAMETERS 3
	3	.Os
	4	.Sh NAME
	5	.Nm DSA_generate_parameters_ex ,
	6	.Nm DSA_generate_parameters
	7	.Nd generate DSA parameters
	8	.Sh SYNOPSIS
	9	.In openssl/dsa.h
	10	.Ft int
	11	.Fo DSA_generate_parameters_ex
	12	.Fa "DSA *dsa"
	13	.Fa "int bits"
	14	.Fa "const unsigned char *seed"
	15	.Fa "int seed_len"
	16	.Fa "int *counter_ret"
	17	.Fa "unsigned long *h_ret"
	18	.Fa "BN_GENCB *cb"
	19	.Fc
	20	.Pp
	21	Deprecated:
	22	.Pp
	23	.Ft DSA *
	24	.Fo DSA_generate_parameters
	25	.Fa "int bits"
	26	.Fa "unsigned char *seed"
	27	.Fa "int seed_len"
	28	.Fa "int *counter_ret"
	29	.Fa "unsigned long *h_ret"
	30	.Fa "void (callback)(int, int, void )"
	31	.Fa "void *cb_arg"
	32	.Fc
	33	.Sh DESCRIPTION
	34	.Fn DSA_generate_parameters_ex
	35	generates primes p and q and a generator g for use in the DSA and stores
	36	the result in
	37	.Fa dsa .
	38	.Pp
	39	.Fa bits
	40	is the length of the prime to be generated; the DSS allows a maximum of
	41	1024 bits.
	42	.Pp
	43	If
	44	.Fa seed
	45	is
	46	.Dv NULL
	47	or
	48	.Fa seed_len
	49	< 20, the primes will be generated at random.
	50	Otherwise, the seed is used to generate them.
	51	If the given seed does not yield a prime q, a new random seed is chosen
	52	and placed at
	53	.Fa seed .
	54	.Pp
	55	.Fn DSA_generate_parameters_ex
	56	places the iteration count in
	57	.Pf * Fa counter_ret
	58	and a counter used for finding a generator in
	59	.Pf * Fa h_ret ,
	60	unless these are
	61	.Dv NULL .
	62	.Pp
	63	A callback function may be used to provide feedback about the progress
	64	of the key generation.
	65	If
	66	.Fa cb
	67	is not
	68	.Dv NULL ,
	69	it will be called as shown below.
	70	For information on the
	71	.Vt BN_GENCB
	72	structure, refer to
	73	.Xr BN_GENCB_call 3 .
	74	.Bl -bullet
	75	.It
	76	When a candidate for q is generated,
	77	.Fn BN_GENCB_call cb 0 m++
	78	is called
	79	.Pf ( Fa m
	80	is 0 for the first candidate).
	81	.It
	82	When a candidate for q has passed a test by trial division,
	83	.Fn BN_GENCB_call cb 1 -1
	84	is called.
	85	While a candidate for q is tested by Miller-Rabin primality tests,
	86	.Fn BN_GENCB_call cb 1 i
	87	is called in the outer loop (once for each witness that confirms that
	88	the candidate may be prime);
	89	.Fa i
	90	is the loop counter (starting at 0).
	91	.It
	92	When a prime q has been found,
	93	.Fn BN_GENCB_call cb 2 0
	94	and
	95	.Fn BN_GENCB_call cb 3 0
	96	are called.
	97	.It
	98	Before a candidate for p (other than the first) is generated and tested,
	99	.Fn BN_GENCB_call cb 0 counter
	100	is called.
	101	.It
	102	When a candidate for p has passed the test by trial division,
	103	.Fn BN_GENCB_call cb 1 -1
	104	is called.
	105	While it is tested by the Miller-Rabin primality test,
	106	.Fn BN_GENCB_call cb 1 i
	107	is called in the outer loop (once for each witness that confirms that
	108	the candidate may be prime).
	109	.Fa i
	110	is the loop counter (starting at 0).
	111	.It
	112	When p has been found,
	113	.Fn BN_GENCB_call cb 2 1
	114	is called.
	115	.It
	116	When the generator has been found,
	117	.Fn BN_GENCB_call cb 3 1
	118	is called.
	119	.El
	120	.Pp
	121	.Fn DSA_generate_parameters
	122	(deprecated) works in much the same way as for
	123	.Fn DSA_generate_parameters_ex ,
	124	except that no
	125	.Fa dsa
	126	parameter is passed and instead a newly allocated
	127	.Vt DSA
	128	structure is returned.
	129	Additionally "old style" callbacks are used instead of the newer
	130	.Vt BN_GENCB
	131	based approach.
	132	Refer to
	133	.Xr BN_generate_prime 3
	134	for further information.
	135	.Sh RETURN VALUE
	136	.Fn DSA_generate_parameters_ex
	137	returns a 1 on success, or 0 otherwise.
	138	.Pp
	139	.Fn DSA_generate_parameters
	140	returns a pointer to the
	141	.Vt DSA
	142	structure, or
	143	.Dv NULL
	144	if the parameter generation fails.
	145	.Pp
	146	The error codes can be obtained by
	147	.Xr ERR_get_error 3 .
	148	.Sh SEE ALSO
	149	.Xr BN_generate_prime 3 ,
	150	.Xr dsa 3 ,
	151	.Xr DSA_free 3 ,
	152	.Xr ERR_get_error 3 ,
	153	.Xr rand 3
	154	.Sh HISTORY
	155	.Fn DSA_generate_parameters
	156	appeared in SSLeay 0.8.
	157	The
	158	.Fa cb_arg
	159	argument was added in SSLeay 0.9.0.
	160	In versions up to OpenSSL 0.9.4,
	161	.Fn callback 1 ...\&
	162	was called in the inner loop of the Miller-Rabin test whenever it
	163	reached the squaring step (the parameters to
	164	.Fn callback
	165	did not reveal how many witnesses had been tested); since OpenSSL 0.9.5,
	166	.Fn callback 1 ...\&
	167	is called as in
	168	.Xr BN_is_prime 3 ,
	169	i.e. once for each witness.
	170	.Sh BUGS
	171	Seed lengths > 20 are not supported.