diff options
| author | Alex Stapleton <alexs@prol.etari.at> | 2014-02-08 14:18:59 +0000 |
|---|---|---|
| committer | Alex Stapleton <alexs@prol.etari.at> | 2014-02-12 09:06:54 +0000 |
| commit | b232d7427650d4f217e3b28d51151c4cb625a764 (patch) | |
| tree | 9a9da1d58715c0b0bacfb88259dc9ee21941a46e /docs | |
| parent | b96d7968be429a2e4d13b9141ee6ad333ef1cf42 (diff) | |
| download | cryptography-b232d7427650d4f217e3b28d51151c4cb625a764.tar.gz cryptography-b232d7427650d4f217e3b28d51151c4cb625a764.tar.bz2 cryptography-b232d7427650d4f217e3b28d51151c4cb625a764.zip | |
Add RSAPrivateKey.generate
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/hazmat/primitives/rsa.rst | 26 |
1 files changed, 23 insertions, 3 deletions
diff --git a/docs/hazmat/primitives/rsa.rst b/docs/hazmat/primitives/rsa.rst index 7c6356c1..a19ada33 100644 --- a/docs/hazmat/primitives/rsa.rst +++ b/docs/hazmat/primitives/rsa.rst @@ -13,9 +13,10 @@ RSA An RSA private key is required for decryption and signing of messages. - Normally you do not need to directly construct private keys because you'll - be loading them from a file or generating them automatically. - + You should use + :meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey.generate` + to generate new keys. + .. warning:: This method only checks a limited set of properties of its arguments. Using an RSA that you do not trust or with incorrect parameters may @@ -23,6 +24,7 @@ RSA recommend that you only ever load private keys that were generated with software you trust. + This class conforms to the :class:`~cryptography.hazmat.primitives.interfaces.RSAPrivateKey` interface. @@ -33,6 +35,22 @@ RSA `private_exponent`, `public_exponent` or `modulus` do not match the bounds specified in `RFC 3447`_. + .. classmethod:: generate(public_exponent, key_size, backend) + + Generate a new ``RSAPrivateKey`` instance using ``backend``. + + :param int public_exponent: The public exponent of the new key. + Usually one of the small Fermat primes 3, 5, 17, 257, 65537. If in + doubt you should `use 65537`_. + :param int key_size: The length of the modulus in bits. For keys + generated in 2014 this should be `at least 2048`_. (See page 41.) + Must be at least 512. Some backends may have additional + limitations. + :param backend: A + :class:`~cryptography.hazmat.backends.interfaces.RSABackend` + provider. + :return: A new instance of ``RSAPrivateKey``. + .. class:: RSAPublicKey(public_exponent, modulus) .. versionadded:: 0.2 @@ -56,3 +74,5 @@ RSA .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem) .. _`public-key`: https://en.wikipedia.org/wiki/Public-key_cryptography .. _`RFC 3447`: https://tools.ietf.org/html/rfc3447 +.. _`use 65537`: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html +.. _`at least 2048`: http://www.ecrypt.eu.org/documents/D.SPA.20.pdf |