On Mon, Feb 20, 2012, anthony berglas wrote: > Exactly. So you need about 112 bits of "entropy" / Pass Phrase to generate > a good 2048 bit key. Remember that the vast majority of 2048 bit numbers > are not valid key pairs. > > My question is, has this been done, or would it be easy to do given the > existing structure. >
It hasn't been done AFAIK. Doing it is not trivial as OpenSSL includes additional entropy at various points (low level stuff like the current time) in addition to the initial seed. You could write a new default PRNG method and use that or your own key generation method. Is there a reason why you can't use a derive symmetric key instead? There are several ways to do that. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
