1 | <DRAFT!>
2 | HOWTO keys
3 |
4 | 1. Introduction
5 |
6 | Keys are the basis of public key algorithms and PKI. Keys usually
7 | come in pairs, with one half being the public key and the other half
8 | being the private key. With OpenSSL, the private key contains the
9 | public key information as well, so a public key doesn't need to be
10 | generated separately.
11 |
12 | Public keys come in several flavors, using different cryptographic
13 | algorithms. The most popular ones associated with certificates are
14 | RSA and DSA, and this HOWTO will show how to generate each of them.
15 |
16 |
17 | 2. To generate an RSA key
18 |
19 | An RSA key can be used both for encryption and for signing.
20 |
21 | Generating a key for the RSA algorithm is quite easy, all you have to
22 | do is the following:
23 |
24 | openssl genrsa -des3 -out privkey.pem 2048
25 |
26 | With this variant, you will be prompted for a protecting password. If
27 | you don't want your key to be protected by a password, remove the flag
28 | '-des3' from the command line above.
29 |
30 | The number 2048 is the size of the key, in bits. Today, 2048 or
31 | higher is recommended for RSA keys, as fewer amount of bits is
32 | consider insecure or to be insecure pretty soon.
33 |
34 |
35 | 3. To generate a DSA key
36 |
37 | A DSA key can be used for signing only. It is important to
38 | know what a certificate request with a DSA key can really be used for.
39 |
40 | Generating a key for the DSA algorithm is a two-step process. First,
41 | you have to generate parameters from which to generate the key:
42 |
43 | openssl dsaparam -out dsaparam.pem 2048
44 |
45 | The number 2048 is the size of the key, in bits. Today, 2048 or
46 | higher is recommended for DSA keys, as fewer amount of bits is
47 | consider insecure or to be insecure pretty soon.
48 |
49 | When that is done, you can generate a key using the parameters in
50 | question (actually, several keys can be generated from the same
51 | parameters):
52 |
53 | openssl gendsa -des3 -out privkey.pem dsaparam.pem
54 |
55 | With this variant, you will be prompted for a protecting password. If
56 | you don't want your key to be protected by a password, remove the flag
57 | '-des3' from the command line above.
58 |
59 |
60 | 4. To generate an EC key
61 |
62 | An EC key can be used both for key agreement (ECDH) and signing (ECDSA).
63 |
64 | Generating a key for ECC is similar to generating a DSA key. These are
65 | two-step processes. First, you have to get the EC parameters from which
66 | the key will be generated:
67 |
68 | openssl ecparam -name prime256v1 -out prime256v1.pem
69 |
70 | The prime256v1, or NIST P-256, which stands for 'X9.62/SECG curve over
71 | a 256-bit prime field', is the name of an elliptic curve which generates the
72 | parameters. You can use the following command to list all supported curves:
73 |
74 | openssl ecparam -list_curves
75 |
76 | When that is done, you can generate a key using the created parameters (several
77 | keys can be produced from the same parameters):
78 |
79 | openssl genpkey -des3 -paramfile prime256v1.pem -out private.key
80 |
81 | With this variant, you will be prompted for a password to protect your key.
82 | If you don't want your key to be protected by a password, remove the flag
83 | '-des3' from the command line above.
84 |
85 | You can also directly generate the key in one step:
86 |
87 | openssl ecparam -genkey -name prime256v1 -out private.key
88 |
89 | or
90 |
91 | openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256
92 |
93 |
94 | 5. NOTE
95 |
96 | If you intend to use the key together with a server certificate,
97 | it may be reasonable to avoid protecting it with a password, since
98 | otherwise someone would have to type in the password every time the
99 | server needs to access the key.
100 |
101 | For X25519 and X448, it's treated as a distinct algorithm but not as one of
102 | the curves listed with 'ecparam -list_curves' option. You can use
103 | the following command to generate an X25519 key:
104 |
105 | openssl genpkey -algorithm X25519 -out xkey.pem