=pod =head1 NAME DSA_generate_parameters - Generate DSA parameters =head1 SYNOPSIS #include DSA * DSA_generate_parameters(int bits, unsigned char *seed, int seed_len, int *counter_ret, unsigned long *h_ret, void (*callback)(), void *cb_arg); =head1 DESCRIPTION DSA_generate_parameters() generates primes p and q and a generator g for use in the DSA. B is the length of the prime to be generated; the DSS allows a maximum of 1024 bits. If B is NULL or B E 20, the primes will be generated at random. Otherwise, the seed is used to generate them. If the given seed does not yield a prime q, a new random seed is chosen and placed at B. DSA_generate_parameters() places the iteration count in *B and a counter used for finding a generator in *B, unless these are NULL. A callback function may be used to provide feedback about the progress of the key generation. If B is not B, it will be called as follows: =over 4 =item * When the the m-th candidate for q is generated, B is called. =item * B is called in the inner loop of the Miller-Rabin primality test. =item * When a prime q has been found, B and B are called. =item * While candidates for p are being tested, B is called in the inner loop of the Miller-Rabin primality test, then B is called when the next candidate is chosen. =item * When p has been found, B is called. =item * When the generator has been found, B is called. =back =head1 RETURN VALUE DSA_generate_parameters() returns a pointer to the DSA structure, or NULL if the parameter generation fails. The error codes can be obtained by L. =head1 BUGS The deterministic generation of p does not follow the NIST algorithm: r0 is SHA1(s+k+1), but should be SHA1(s+j+k) with j_0=2, j_counter=j_counter-1 + n + 1. Seed lengths E 20 are not supported. =head1 SEE ALSO L, L, L, L =head1 HISTORY DSA_generate_parameters() appeared in SSLeay 0.8. The B argument was added in SSLeay 0.9.0. =cut