On Wed, Apr 17, 2013, Ken Goldman wrote: > On 4/10/2013 5:14 PM, Dr. Stephen Henson wrote: > >> > >>Does openssl have any elegant way to cancel an RSA key generation > >>that's taking too long? > > > >At the EVP_PKEY level you can return 0 from the key generation callback to > >cancel the operation. See EVP_PKEY_set_cb(). > > Thanks as always. But where can I 'see' it? > > I checked the openssl docs, the http://www.openssl.org/docs/crypto/ > which often lists unlinked commands, and googled. No references. > > I did find one uncommented sample under EVP_PKEY_keygen, but it > didn't say when it's called, what the parameters are, or what to > return. >
It is mentioned in the EVP_PKEY_keygen manual page: http://www.openssl.org/docs/crypto/EVP_PKEY_keygen.html Specifically: "The function EVP_PKEY_set_cb() sets the key or parameter generation callback to cb. The function EVP_PKEY_CTX_get_cb() returns the key or parameter generation callback. The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated with the generation operation. If idx is -1 the total number of parameters available is returned. Any non negative value returns the value of that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for idx should only be called within the generation callback. If the callback returns 0 then the key genration operation is aborted and an error occurs. This might occur during a time consuming operation where a user clicks on a ``cancel'' button. The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set and retrieve an opaque pointer. This can be used to set some application defined value which can be retrieved in the callback: for example a handle which is used to update a ``progress dialog''." It unfortunately doesn't include a reference to the function parameters of the callback (i.e. the type EVP_PKEY_gen_cb) but there is an example at the bottom of the page. If you're just interested in cancelling the operation you just return 1 or 0 from the callback. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
