Google Git
Sign in
flutter / third_party / openssl / a925e7dbf4c3bb01365c961df86da3ebfa1a6c27 / . / doc / man3 / DH_generate_parameters.pod
blob: 3c847104327a0e4fc0d445e974b74fa9db4f7302 [file] [log] [blame]
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]1=pod
2
3=head1 NAME
4
Matt Caswellaafbe1c2013-06-12 23:42:08 +0100[diff] [blame]5DH_generate_parameters_ex, DH_generate_parameters,
Paul Yangb0004702017-11-01 00:45:24 +0800[diff] [blame]6DH_check, DH_check_params,
7DH_check_ex, DH_check_params_ex, DH_check_pub_key_ex
8- generate and check Diffie-Hellman
Richard Levitte6f8950a2017-01-15 18:20:49 +0100[diff] [blame]9parameters
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]10
11=head1 SYNOPSIS
12
13 #include <openssl/dh.h>
14
Rich Salzaebb9aa2016-07-19 09:27:53 -0400[diff] [blame]15 int DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb);
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]16
17 int DH_check(DH *dh, int *codes);
Richard Levitte6f8950a2017-01-15 18:20:49 +0100[diff] [blame]18 int DH_check_params(DH *dh, int *codes);
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]19
Paul Yangb0004702017-11-01 00:45:24 +0800[diff] [blame]20 int DH_check_ex(const DH *dh);
21 int DH_check_params_ex(const DH *dh);
22 int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key);
23
Matt Caswellaafbe1c2013-06-12 23:42:08 +0100[diff] [blame]24Deprecated:
25
Viktor Dukhovni98186eb2016-01-04 23:00:33 -0500[diff] [blame]26 #if OPENSSL_API_COMPAT < 0x00908000L
Matt Caswellaafbe1c2013-06-12 23:42:08 +0100[diff] [blame]27 DH *DH_generate_parameters(int prime_len, int generator,
Beat Bollie9b77242017-01-20 19:58:49 +0100[diff] [blame]28 void (*callback)(int, int, void *), void *cb_arg);
Viktor Dukhovni98186eb2016-01-04 23:00:33 -0500[diff] [blame]29 #endif
Matt Caswellaafbe1c2013-06-12 23:42:08 +0100[diff] [blame]30
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]31=head1 DESCRIPTION
32
Matt Caswellaafbe1c2013-06-12 23:42:08 +0100[diff] [blame]33DH_generate_parameters_ex() generates Diffie-Hellman parameters that can
34be shared among a group of users, and stores them in the provided B<DH>
35structure. The pseudo-random number generator must be
Rich Salzb3696a52017-09-02 09:35:50 -0400[diff] [blame]36seeded before calling it.
37The parameters generated by DH_generate_parameters_ex() should not be used in
38signature schemes.
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]39
40B<prime_len> is the length in bits of the safe prime to be generated.
Rich Salz1bc74512016-05-20 08:11:46 -0400[diff] [blame]41B<generator> is a small number E<gt> 1, typically 2 or 5.
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]42
43A callback function may be used to provide feedback about the progress
Matt Caswellaafbe1c2013-06-12 23:42:08 +0100[diff] [blame]44of the key generation. If B<cb> is not B<NULL>, it will be
Rich Salz9b869742015-08-17 15:21:33 -0400[diff] [blame]45called as described in L<BN_generate_prime(3)> while a random prime
Matt Caswellaafbe1c2013-06-12 23:42:08 +0100[diff] [blame]46number is generated, and when a prime has been found, B<BN_GENCB_call(cb, 3, 0)>
Rich Salzb3696a52017-09-02 09:35:50 -0400[diff] [blame]47is called. See L<BN_generate_prime_ex(3)> for information on
Matt Caswellaafbe1c2013-06-12 23:42:08 +0100[diff] [blame]48the BN_GENCB_call() function.
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]49
Rich Salzb3696a52017-09-02 09:35:50 -0400[diff] [blame]50DH_generate_parameters() is similar to DH_generate_prime_ex() but
51expects an old-style callback function; see
52L<BN_generate_prime(3)> for information on the old-style callback.
53
Richard Levitte6f8950a2017-01-15 18:20:49 +0100[diff] [blame]54DH_check_params() confirms that the B<p> and B<g> are likely enough to
55be valid.
56This is a lightweight check, if a more thorough check is needed, use
57DH_check().
58The value of B<*codes> is updated with any problems found.
59If B<*codes> is zero then no problems were found, otherwise the
60following bits may be set:
61
62=over 4
63
64=item DH_CHECK_P_NOT_PRIME
65
66The parameter B<p> has been determined to not being an odd prime.
67Note that the lack of this bit doesn't guarantee that B<p> is a
68prime.
69
70=item DH_NOT_SUITABLE_GENERATOR
71
72The generator B<g> is not suitable.
73Note that the lack of this bit doesn't guarantee that B<g> is
74suitable, unless B<p> is known to be a strong prime.
75
76=back
77
Matt Caswelleeb21772016-05-27 13:26:03 +0100[diff] [blame]78DH_check() confirms that the Diffie-Hellman parameters B<dh> are valid. The
79value of B<*codes> is updated with any problems found. If B<*codes> is zero then
80no problems were found, otherwise the following bits may be set:
81
82=over 4
83
84=item DH_CHECK_P_NOT_PRIME
85
86The parameter B<p> is not prime.
87
88=item DH_CHECK_P_NOT_SAFE_PRIME
89
90The parameter B<p> is not a safe prime and no B<q> value is present.
91
92=item DH_UNABLE_TO_CHECK_GENERATOR
93
94The generator B<g> cannot be checked for suitability.
95
96=item DH_NOT_SUITABLE_GENERATOR
97
98The generator B<g> is not suitable.
99
100=item DH_CHECK_Q_NOT_PRIME
101
102The parameter B<q> is not prime.
103
104=item DH_CHECK_INVALID_Q_VALUE
105
106The parameter B<q> is invalid.
107
108=item DH_CHECK_INVALID_J_VALUE
109
110The parameter B<j> is invalid.
111
112=back
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]113
Alex Gaynor83918ad2018-03-08 07:59:50 -0500[diff] [blame]114DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() are similar to
115DH_check() and DH_check_params() respectively, but the error reasons are added
116to the thread's error queue instead of provided as return values from the
117function.
Paul Yangb0004702017-11-01 00:45:24 +0800[diff] [blame]118
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]119=head1 RETURN VALUES
120
Richard Levitte6f8950a2017-01-15 18:20:49 +0100[diff] [blame]121DH_generate_parameters_ex(), DH_check() and DH_check_params() return 1
122if the check could be performed, 0 otherwise.
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]123
Rich Salzb3696a52017-09-02 09:35:50 -0400[diff] [blame]124DH_generate_parameters() returns a pointer to the DH structure or NULL if
125the parameter generation fails.
Matt Caswellaafbe1c2013-06-12 23:42:08 +0100[diff] [blame]126
Paul Yangb0004702017-11-01 00:45:24 +0800[diff] [blame]127DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() return 1 if the
128check is successful, 0 for failed.
129
Rich Salz9b869742015-08-17 15:21:33 -0400[diff] [blame]130The error codes can be obtained by L<ERR_get_error(3)>.
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]131
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]132=head1 SEE ALSO
133
Richard Levitteb97fdb52016-11-11 09:33:09 +0100[diff] [blame]134L<DH_new(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>,
Rich Salz9b869742015-08-17 15:21:33 -0400[diff] [blame]135L<DH_free(3)>
Ulf Möller4486d0c2000-01-22 20:05:23 +0000[diff] [blame]136
Rich Salzb3696a52017-09-02 09:35:50 -0400[diff] [blame]137=head1 HISTORY
138
Rich Salz02eca5c2017-09-02 16:12:12 -0400[diff] [blame]139DH_generate_parameters() was deprecated in OpenSSL 0.9.8; use
Rich Salzb3696a52017-09-02 09:35:50 -0400[diff] [blame]140DH_generate_parameters_ex() instead.
141
Rich Salze2f92612016-05-18 11:44:05 -0400[diff] [blame]142=head1 COPYRIGHT
143
Matt Caswellb0edda12018-03-20 13:00:17 +0000[diff] [blame]144Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
Rich Salze2f92612016-05-18 11:44:05 -0400[diff] [blame]145
146Licensed under the OpenSSL license (the "License"). You may not use
147this file except in compliance with the License. You can obtain a copy
148in the file LICENSE in the source distribution or at
149L<https://www.openssl.org/source/license.html>.
150
151=cut