21.03.2013 Views

Problem - Kevin Tafuro

Problem - Kevin Tafuro

Problem - Kevin Tafuro

SHOW MORE
SHOW LESS

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

for (b = 0; !BN_is_odd(x); b++)<br />

BN_div_word(x, 2);<br />

return b;<br />

}<br />

See Also<br />

Recipes 7.4, 11.1, 11.2<br />

7.6 Generating an RSA Key Pair<br />

<strong>Problem</strong><br />

You want to use RSA to encrypt data, and you need to generate a public key and its<br />

corresponding private key.<br />

Solution<br />

Use a cryptography library’s built-in functionality to generate an RSA key pair. Here<br />

we’ll describe the OpenSSLAPI. If you insist on implementing RSA yourself (generally<br />

a bad idea), see the following discussion.<br />

Discussion<br />

Be sure to see Recipes 7.1 and 7.2 for general-purpose guidance on<br />

using public key cryptography.<br />

The OpenSSLlibrary provides a function, RSA_generate_key( ), that generates a<br />

{public key, private key} pair, which is stored in an RSA object. The signature for this<br />

function is:<br />

RSA *RSA_generate_key(int bits, unsigned long exp, void (*cb)(int, int, void),<br />

void *cb_arg);<br />

This function has the following arguments:<br />

bits<br />

Size of the key to be generated, in bits. This must be a multiple of 16, and at a<br />

bare minimum it should be at least 1,024. 2,048 is a common value, and 4,096 is<br />

used occasionally. The more bits in the number, the more secure and the slower<br />

operations will be. We recommend 2,048 bits for general-purpose use.<br />

exp<br />

Fixed exponent to be used with the key pair. This value is typically 3, 17, or<br />

65,537, and it can vary depending on the exact context in which you’re using<br />

This is the Title of the Book, eMatter Edition<br />

Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.<br />

Generating an RSA Key Pair | 327

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!