xref: /freebsd/crypto/openssl/doc/HOWTO/keys.txt (revision e8d8bef961a50d4dc22501cde4fb9fb0be1b2532)
1<DRAFT!>
2			HOWTO keys
3
41. Introduction
5
6Keys are the basis of public key algorithms and PKI.  Keys usually
7come in pairs, with one half being the public key and the other half
8being the private key.  With OpenSSL, the private key contains the
9public key information as well, so a public key doesn't need to be
10generated separately.
11
12Public keys come in several flavors, using different cryptographic
13algorithms.  The most popular ones associated with certificates are
14RSA and DSA, and this HOWTO will show how to generate each of them.
15
16
172. To generate a RSA key
18
19A RSA key can be used both for encryption and for signing.
20
21Generating a key for the RSA algorithm is quite easy, all you have to
22do is the following:
23
24  openssl genrsa -des3 -out privkey.pem 2048
25
26With this variant, you will be prompted for a protecting password.  If
27you don't want your key to be protected by a password, remove the flag
28'-des3' from the command line above.
29
30The number 2048 is the size of the key, in bits.  Today, 2048 or
31higher is recommended for RSA keys, as fewer amount of bits is
32consider insecure or to be insecure pretty soon.
33
34
353. To generate a DSA key
36
37A DSA key can be used for signing only.  It is important to
38know what a certificate request with a DSA key can really be used for.
39
40Generating a key for the DSA algorithm is a two-step process.  First,
41you have to generate parameters from which to generate the key:
42
43  openssl dsaparam -out dsaparam.pem 2048
44
45The number 2048 is the size of the key, in bits.  Today, 2048 or
46higher is recommended for DSA keys, as fewer amount of bits is
47consider insecure or to be insecure pretty soon.
48
49When that is done, you can generate a key using the parameters in
50question (actually, several keys can be generated from the same
51parameters):
52
53  openssl gendsa -des3 -out privkey.pem dsaparam.pem
54
55With this variant, you will be prompted for a protecting password.  If
56you don't want your key to be protected by a password, remove the flag
57'-des3' from the command line above.
58
59
604. To generate an EC key
61
62An EC key can be used both for key agreement (ECDH) and signing (ECDSA).
63
64Generating a key for ECC is similar to generating a DSA key. These are
65two-step processes. First, you have to get the EC parameters from which
66the key will be generated:
67
68  openssl ecparam -name prime256v1 -out prime256v1.pem
69
70The prime256v1, or NIST P-256, which stands for 'X9.62/SECG curve over
71a 256-bit prime field', is the name of an elliptic curve which generates the
72parameters. You can use the following command to list all supported curves:
73
74  openssl ecparam -list_curves
75
76When that is done, you can generate a key using the created parameters (several
77keys can be produced from the same parameters):
78
79  openssl genpkey -des3 -paramfile prime256v1.pem -out private.key
80
81With this variant, you will be prompted for a password to protect your key.
82If you don't want your key to be protected by a password, remove the flag
83'-des3' from the command line above.
84
85You can also directly generate the key in one step:
86
87  openssl ecparam -genkey -name prime256v1 -out private.key
88
89or
90
91  openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256
92
93
945. NOTE
95
96If you intend to use the key together with a server certificate,
97it may be reasonable to avoid protecting it with a password, since
98otherwise someone would have to type in the password every time the
99server needs to access the key.
100
101For X25519 and X448, it's treated as a distinct algorithm but not as one of
102the curves listed with 'ecparam -list_curves' option. You can use
103the following command to generate an X25519 key:
104
105  openssl genpkey -algorithm X25519 -out xkey.pem
106