DH_generate_parameters man page on DigitalUNIX

Man page or keyword search:  
man Server   12896 pages
apropos Keyword Search (all sections)
Output format
DigitalUNIX logo
[printable version]

DH_generate_parameters(3)			     DH_generate_parameters(3)

NAME
       DH_generate_parameters,	DH_check  -  Generate and check Diffie-Hellman
       parameters

SYNOPSIS
       #include <openssl/dh.h>

       DH *DH_generate_parameters(
	       int prime_len, int generator, void (*callback)(int,  int,  void
       *), void *cb_arg ); int DH_check(
	       DH *dh, int *codes );

DESCRIPTION
       The  DH_generate_parameters() function generates Diffie-Hellman parame‐
       ters that can be shared among a group of users, and returns them	 in  a
       newly  allocated	 DH structure. The pseudo-random number generator must
       be seeded prior to calling DH_generate_parameters().

       The prime_len is the length in bits of the safe prime to be  generated.
       The generator is a small number > 1, typically 2 or 5.

       A  callback function may be used to provide feedback about the progress
       of the key generation. If callback is not NULL, it will	be  called  as
       described  in BN_generate_prime() while a random prime number is gener‐
       ated, and when a prime  has  been  found,  callback(3,  0,  cb_arg)  is
       called.

       DH_check()  validates  Diffie-Hellman parameters. It checks that p is a
       safe prime, and that g is a suitable  generator.	 In  the  case	of  an
       error,  the bit flags DH_CHECK_P_NOT_SAFE_PRIME or DH_NOT_SUITABLE_GEN‐
       ERATOR are set in *codes.  DH_UNABLE_TO_CHECK_GENERATOR is set  if  the
       generator cannot be checked, meaning it does not equal 2 or 5.

NOTES
       The  DH_generate_parameters() function may run for several hours before
       finding a suitable prime.

       The parameters generated by DH_generate_parameters() are not to be used
       in signature schemes.

RESTRICTIONS
       If generator is not 2 or 5, dh->g=generator is not a usable generator.

RETURN VALUES
       The  DH_generate_parameters()  function	returns	 a  pointer  to the DH
       structure, or NULL if the parameter generation fails. The  error	 codes
       can be obtained from ERR_get_error().

       The  DH_check()	function  returns 1 if the check could be performed, 0
       otherwise.

HISTORY
       The DH_check() function is available in	all  versions  of  SSLeay  and
       OpenSSL.	 The  cb_arg argument to DH_generate_parameters() was added in
       SSLeay 0.9.0.

       In versions before OpenSSL 0.9.5, DH_CHECK_P_NOT_STRONG_PRIME  is  used
       instead of DH_CHECK_P_NOT_SAFE_PRIME.

SEE ALSO
       Functions: dh(3), err(3), rand(3), DH_free(3)

						     DH_generate_parameters(3)
[top]

List of man pages available for DigitalUNIX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net