3 files changed, 40 insertions, 10 deletions

diff --git a/cryptography/hazmat/primitives/asymmetric/rsa.py b/cryptography/hazmat/primitives/asymmetric/rsa.py
index 1b33eaab..60c5c807 100644
--- a/cryptography/hazmat/primitives/asymmetric/rsa.py
+++ b/cryptography/hazmat/primitives/asymmetric/rsa.py
@@ -109,6 +109,10 @@ class RSAPrivateKey(object):
         self._public_exponent = public_exponent
         self._modulus = modulus
 
+    @classmethod
+    def generate(self, public_exponent, key_size, backend):
+        return backend.generate_rsa_private_key(public_exponent, key_size)
+
     @property
     def key_size(self):
         return _bit_length(self.modulus)
diff --git a/docs/hazmat/primitives/rsa.rst b/docs/hazmat/primitives/rsa.rst
index 7c6356c1..a19ada33 100644
--- a/docs/hazmat/primitives/rsa.rst
+++ b/docs/hazmat/primitives/rsa.rst
@@ -13,9 +13,10 @@ RSA
 
     An RSA private key is required for decryption and signing of messages.
 
-    Normally you do not need to directly construct private keys because you'll
-    be loading them from a file or generating them automatically.
-
+    You should use
+    :meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey.generate`
+    to generate new keys.
+    
     .. warning::
         This method only checks a limited set of properties of its arguments.
         Using an RSA that you do not trust or with incorrect parameters may
@@ -23,6 +24,7 @@ RSA
         recommend that you only ever load private keys that were generated with
         software you trust.
 
+
     This class conforms to the
     :class:`~cryptography.hazmat.primitives.interfaces.RSAPrivateKey`
     interface.
@@ -33,6 +35,22 @@ RSA
                         `private_exponent`, `public_exponent` or `modulus` do 
                         not match the bounds specified in `RFC 3447`_.
 
+    .. classmethod:: generate(public_exponent, key_size, backend)
+
+        Generate a new ``RSAPrivateKey`` instance using ``backend``.
+
+        :param int public_exponent: The public exponent of the new key.
+            Usually one of the small Fermat primes 3, 5, 17, 257, 65537. If in
+            doubt you should `use 65537`_.
+        :param int key_size: The length of the modulus in bits. For keys
+            generated in 2014 this should be `at least 2048`_. (See page 41.)
+            Must be at least 512. Some backends may have additional
+            limitations.
+        :param backend: A
+            :class:`~cryptography.hazmat.backends.interfaces.RSABackend`
+            provider.
+        :return: A new instance of ``RSAPrivateKey``.
+
 .. class:: RSAPublicKey(public_exponent, modulus)
     
     .. versionadded:: 0.2
@@ -56,3 +74,5 @@ RSA
 .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
 .. _`public-key`: https://en.wikipedia.org/wiki/Public-key_cryptography
 .. _`RFC 3447`: https://tools.ietf.org/html/rfc3447
+.. _`use 65537`: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html
+.. _`at least 2048`: http://www.ecrypt.eu.org/documents/D.SPA.20.pdf
diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index fdd55e73..0e930e44 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -49,26 +49,32 @@ class TestRSA(object):
         )
     )
     def test_generate_rsa_keys(self, backend, public_exponent, key_size):
-        skey = backend.generate_rsa_private_key(public_exponent, key_size)
+        skey = rsa.RSAPrivateKey.generate(public_exponent, key_size, backend)
         _check_rsa_private_key(skey)
         assert skey.key_size == key_size
         assert skey.public_exponent == public_exponent
 
     def test_generate_bad_rsa_key(self, backend):
         with pytest.raises(ValueError):
-            backend.generate_rsa_private_key(public_exponent=1, key_size=2048)
+            rsa.RSAPrivateKey.generate(public_exponent=1,
+                                       key_size=2048,
+                                       backend=backend)
 
         with pytest.raises(ValueError):
-            backend.generate_rsa_private_key(public_exponent=4, key_size=2048)
+            rsa.RSAPrivateKey.generate(public_exponent=4,
+                                       key_size=2048,
+                                       backend=backend)
 
     def test_cant_generate_insecure_tiny_key(self, backend):
         with pytest.raises(ValueError):
-            backend.generate_rsa_private_key(public_exponent=65537,
-                                             key_size=511)
+            rsa.RSAPrivateKey.generate(public_exponent=65537,
+                                       key_size=511,
+                                       backend=backend)
 
         with pytest.raises(ValueError):
-            backend.generate_rsa_private_key(public_exponent=65537,
-                                             key_size=256)
+            rsa.RSAPrivateKey.generate(public_exponent=65537,
+                                       key_size=256,
+                                       backend=backend)
 
     @pytest.mark.parametrize(
         "pkcs1_example",