Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/openssl/doc/HOWTO/keys.txt
104991 views
1
<DRAFT!>

2
			HOWTO keys

3


4
1. Introduction

5


6
Keys are the basis of public key algorithms and PKI.  Keys usually

7
come in pairs, with one half being the public key and the other half

8
being the private key.  With OpenSSL, the private key contains the

9
public key information as well, so a public key doesn't need to be

10
generated separately.

11


12
Public keys come in several flavors, using different cryptographic

13
algorithms.  The most popular ones associated with certificates are

14
RSA and DSA, and this HOWTO will show how to generate each of them.

15


16


17
2. To generate an RSA key

18


19
An RSA key can be used both for encryption and for signing.

20


21
Generating a key for the RSA algorithm is quite easy, all you have to

22
do is the following:

23


24
  openssl genrsa -des3 -out privkey.pem 2048

25


26
With this variant, you will be prompted for a protecting password.  If

27
you don't want your key to be protected by a password, remove the flag

28
'-des3' from the command line above.

29


30
The number 2048 is the size of the key, in bits.  Today, 2048 or

31
higher is recommended for RSA keys, as fewer amount of bits is

32
consider insecure or to be insecure pretty soon.

33


34


35
3. To generate a DSA key

36


37
A DSA key can be used for signing only.  It is important to

38
know what a certificate request with a DSA key can really be used for.

39


40
Generating a key for the DSA algorithm is a two-step process.  First,

41
you have to generate parameters from which to generate the key:

42


43
  openssl dsaparam -out dsaparam.pem 2048

44


45
The number 2048 is the size of the key, in bits.  Today, 2048 or

46
higher is recommended for DSA keys, as fewer amount of bits is

47
consider insecure or to be insecure pretty soon.

48


49
When that is done, you can generate a key using the parameters in

50
question (actually, several keys can be generated from the same

51
parameters):

52


53
  openssl gendsa -des3 -out privkey.pem dsaparam.pem

54


55
With this variant, you will be prompted for a protecting password.  If

56
you don't want your key to be protected by a password, remove the flag

57
'-des3' from the command line above.

58


59


60
4. To generate an EC key

61


62
An EC key can be used both for key agreement (ECDH) and signing (ECDSA).

63


64
Generating a key for ECC is similar to generating a DSA key. These are

65
two-step processes. First, you have to get the EC parameters from which

66
the key will be generated:

67


68
  openssl ecparam -name prime256v1 -out prime256v1.pem

69


70
The prime256v1, or NIST P-256, which stands for 'X9.62/SECG curve over

71
a 256-bit prime field', is the name of an elliptic curve which generates the

72
parameters. You can use the following command to list all supported curves:

73


74
  openssl ecparam -list_curves

75


76
When that is done, you can generate a key using the created parameters (several

77
keys can be produced from the same parameters):

78


79
  openssl genpkey -des3 -paramfile prime256v1.pem -out private.key

80


81
With this variant, you will be prompted for a password to protect your key.

82
If you don't want your key to be protected by a password, remove the flag

83
'-des3' from the command line above.

84


85
You can also directly generate the key in one step:

86


87
  openssl ecparam -genkey -name prime256v1 -out private.key

88


89
or

90


91
  openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256

92


93
5. To generate an ML-DSA key

94


95
An ML-DSA key can be used for signing (and verification via the public key)

96
only.

97


98
Generating a key for the ML-DSA algorithm is a one-step process.

99


100
  openssl genpkey -algorithm ML-DSA-44 -out key.pem

101
  openssl genpkey -algorithm ML-DSA-65 -out key.pem

102
  openssl genpkey -algorithm ML-DSA-87 -out key.pem

103


104
See L<EVP_PKEY-ML-DSA(7)> for more detail.

105


106
6. To generate an ML-KEM key

107


108
An ML-KEM key can be used for decapsulation (and encapsulation via the public

109
key) only.

110


111
Generating a key for the ML-KEM algorithm is a one-step process.

112


113
  openssl genpkey -algorithm ML-KEM-512 -out key.pem

114
  openssl genpkey -algorithm ML-KEM-768 -out key.pem

115
  openssl genpkey -algorithm ML-KEM-1024 -out key.pem

116


117
See L<EVP_PKEY-ML-KEM(7)> for more detail.

118


119
7. NOTE

120


121
If you intend to use the key together with a server certificate,

122
it may be reasonable to avoid protecting it with a password, since

123
otherwise someone would have to type in the password every time the

124
server needs to access the key.

125


126
X25519, X448, Ed25519 and Ed448 are treated as distinct algorithms and not as

127
one of the EC curves listed with 'ecparam -list_curves' option. You can use the

128
following command to generate an X25519 key:

129


130
  openssl genpkey -algorithm X25519 -out xkey.pem

131


132