*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Tru64 Unix man pages -> DH_generate_parameters (3)              
Title
Content
Arch
Section
 

DH_generate_parameters(3)

Contents

NAME    [Toc]    [Back]

       DH_generate_parameters,  DH_check  -  Generate  and  check
       Diffie-Hellman parameters

SYNOPSIS    [Toc]    [Back]

       #include <openssl/dh.h>

       DH *DH_generate_parameters(
               int  prime_len,  int   generator,   void   (*callback)(int,
 int, void *), void *cb_arg ); int DH_check(
               DH *dh, int *codes );

DESCRIPTION    [Toc]    [Back]

       The  DH_generate_parameters()  function  generates DiffieHellman
 parameters that can be shared  among  a  group  of
       users, and returns them in a newly allocated DH structure.
       The pseudo-random number generator must be seeded prior to
       calling DH_generate_parameters().

       The  prime_len  is the length in bits of the safe prime to
       be generated. The generator is a small number >  1,  typically
 2 or 5.

       A  callback function may be used to provide feedback about
       the progress of the key generation.  If  callback  is  not
       NULL,   it  will  be  called  as  described  in  BN_generate_prime()
 while a random prime number is generated,  and
       when  a  prime  has  been found, callback(3, 0, cb_arg) is
       called.

       DH_check() validates Diffie-Hellman parameters. It  checks
       that  p  is a safe prime, and that g is a suitable generator.
  In  the  case   of   an   error,   the   bit   flags
       DH_CHECK_P_NOT_SAFE_PRIME or DH_NOT_SUITABLE_GENERATOR are
       set in *codes.  DH_UNABLE_TO_CHECK_GENERATOR is set if the
       generator  cannot  be checked, meaning it does not equal 2
       or 5.

NOTES    [Toc]    [Back]

       The DH_generate_parameters() function may run for  several
       hours before finding a suitable prime.

       The  parameters  generated by DH_generate_parameters() are
       not to be used in signature schemes.

RESTRICTIONS    [Toc]    [Back]

       If generator is not 2  or  5,  dh->g=generator  is  not  a
       usable generator.

RETURN VALUES    [Toc]    [Back]

       The DH_generate_parameters() function returns a pointer to
       the DH structure, or  NULL  if  the  parameter  generation
       fails.    The   error   codes   can   be   obtained   from
       ERR_get_error().

       The DH_check() function returns 1 if the  check  could  be
       performed, 0 otherwise.

HISTORY    [Toc]    [Back]

       The  DH_check()  function  is available in all versions of
       SSLeay and  OpenSSL.  The  cb_arg  argument  to  DH_generate_parameters()
 was added in SSLeay 0.9.0.

       In        versions       before       OpenSSL       0.9.5,
       DH_CHECK_P_NOT_STRONG_PRIME    is    used    instead    of
       DH_CHECK_P_NOT_SAFE_PRIME.

SEE ALSO    [Toc]    [Back]

      
       
       Functions: dh(3), err(3), rand(3), DH_free(3)



                                        DH_generate_parameters(3)
[ Back ]
 Similar pages
Name OS Title
gss_test_oid_set_member HP-UX check an OID set for a specified OID
co IRIX check out RCS revisions
pathchk IRIX check pathnames
co FreeBSD check out RCS revisions
co Tru64 check out RCS revisions
ci HP-UX check in RCS revisions
co HP-UX check out RCS revisions
ci FreeBSD check in RCS revisions
ci IRIX check in RCS revisions
tt_is_err HP-UX check status value
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service