lib/libcrypto/man/DH_generate_parameters.3


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127

.\"	$OpenBSD: DH_generate_parameters.3,v 1.2 2016/11/06 15:52:50 jmc Exp $
.\"
.Dd $Mdocdate: November 6 2016 $
.Dt DH_GENERATE_PARAMETERS 3
.Os
.Sh NAME
.Nm DH_generate_parameters_ex ,
.Nm DH_generate_parameters ,
.Nm DH_check
.Nd generate and check Diffie-Hellman parameters
.Sh SYNOPSIS
.In openssl/dh.h
.Ft int
.Fo DH_generate_parameters_ex
.Fa "DH *dh"
.Fa "int prime_len"
.Fa "int generator"
.Fa "BN_GENCB *cb"
.Fc
.Ft int
.Fo DH_check
.Fa "DH *dh"
.Fa "int *codes"
.Fc
.Pp
Deprecated:
.Pp
.Ft DH *
.Fo DH_generate_parameters
.Fa "int prime_len"
.Fa "int generator"
.Fa "void (*callback)(int"
.Fa int
.Fa "void *)"
.Fa "void *cb_arg"
.Fc
.Sh DESCRIPTION
.Fn DH_generate_parameters_ex
generates Diffie-Hellman parameters that can be shared among a group of
users, and stores them in the provided
.Vt DH
structure.
.Pp
.Fa prime_len
is the length in bits of the safe prime to be generated.
.Fa generator
is a small number > 1, typically 2 or 5.
.Pp
A callback function may be used to provide feedback about the progress
of the key generation.
If
.Fa cb
is not
.Dv NULL ,
it will be called as described in
.Xr BN_generate_prime 3
while a random prime number is generated, and when a prime has been
found,
.Fn BN_GENCB_call cb 3 0
is called; see
.Xr BN_GENCB_call 3 .
.Pp
.Fn DH_check
validates Diffie-Hellman parameters.
It checks that
.Fa dh->p
is a safe prime, and that
.Fa dh->g
is a suitable generator.
In the case of an error, the bit flags
.Dv DH_CHECK_P_NOT_SAFE_PRIME
or
.Dv DH_NOT_SUITABLE_GENERATOR
are set in
.Pf * Fa codes .
.Dv DH_UNABLE_TO_CHECK_GENERATOR
is set if the generator cannot be checked, i.e. if it does not equal 2 or 5.
.Sh RETURN VALUES
.Fn DH_generate_parameters_ex
and
.Fn DH_check
return 1 if the check could be performed, 0 otherwise.
.Pp
.Fn DH_generate_parameters
(deprecated) returns a pointer to the
.Vt DH
structure, or
.Dv NULL
if the parameter generation fails.
.Pp
The error codes can be obtained by
.Xr ERR_get_error 3 .
.Sh SEE ALSO
.Xr dh 3 ,
.Xr DH_free 3 ,
.Xr ERR_get_error 3 ,
.Xr rand 3
.Sh HISTORY
.Fn DH_check
is available in all versions of SSLeay and OpenSSL.
The
.Fa cb_arg
argument to
.Fn DH_generate_parameters
was added in SSLeay 0.9.0.
.Pp
In versions before OpenSSL 0.9.5,
.Dv DH_CHECK_P_NOT_STRONG_PRIME
is used instead of
.Dv DH_CHECK_P_NOT_SAFE_PRIME .
.Sh CAVEATS
.Fn DH_generate_parameters_ex
and
.Fn DH_generate_parameters
may run for several hours before finding a suitable prime.
.Pp
The parameters generated by
.Fn DH_generate_parameters_ex
and
.Fn DH_generate_parameters
are not to be used in signature schemes.
.Sh BUGS
If
.Fa generator
is not 2 or 5,
.Fa dh->g Ns = Ns Fa generator
is not a usable generator.