aboutsummaryrefslogtreecommitdiffstats
path: root/docs/hazmat/primitives/rsa.rst
diff options
context:
space:
mode:
Diffstat (limited to 'docs/hazmat/primitives/rsa.rst')
-rw-r--r--docs/hazmat/primitives/rsa.rst26
1 files changed, 23 insertions, 3 deletions
diff --git a/docs/hazmat/primitives/rsa.rst b/docs/hazmat/primitives/rsa.rst
index 7c6356c1..a19ada33 100644
--- a/docs/hazmat/primitives/rsa.rst
+++ b/docs/hazmat/primitives/rsa.rst
@@ -13,9 +13,10 @@ RSA
An RSA private key is required for decryption and signing of messages.
- Normally you do not need to directly construct private keys because you'll
- be loading them from a file or generating them automatically.
-
+ You should use
+ :meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey.generate`
+ to generate new keys.
+
.. warning::
This method only checks a limited set of properties of its arguments.
Using an RSA that you do not trust or with incorrect parameters may
@@ -23,6 +24,7 @@ RSA
recommend that you only ever load private keys that were generated with
software you trust.
+
This class conforms to the
:class:`~cryptography.hazmat.primitives.interfaces.RSAPrivateKey`
interface.
@@ -33,6 +35,22 @@ RSA
`private_exponent`, `public_exponent` or `modulus` do
not match the bounds specified in `RFC 3447`_.
+ .. classmethod:: generate(public_exponent, key_size, backend)
+
+ Generate a new ``RSAPrivateKey`` instance using ``backend``.
+
+ :param int public_exponent: The public exponent of the new key.
+ Usually one of the small Fermat primes 3, 5, 17, 257, 65537. If in
+ doubt you should `use 65537`_.
+ :param int key_size: The length of the modulus in bits. For keys
+ generated in 2014 this should be `at least 2048`_. (See page 41.)
+ Must be at least 512. Some backends may have additional
+ limitations.
+ :param backend: A
+ :class:`~cryptography.hazmat.backends.interfaces.RSABackend`
+ provider.
+ :return: A new instance of ``RSAPrivateKey``.
+
.. class:: RSAPublicKey(public_exponent, modulus)
.. versionadded:: 0.2
@@ -56,3 +74,5 @@ RSA
.. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
.. _`public-key`: https://en.wikipedia.org/wiki/Public-key_cryptography
.. _`RFC 3447`: https://tools.ietf.org/html/rfc3447
+.. _`use 65537`: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html
+.. _`at least 2048`: http://www.ecrypt.eu.org/documents/D.SPA.20.pdf
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-04 08:04:38 +0000