1*2175Sjp161948=pod 2*2175Sjp161948 3*2175Sjp161948=head1 NAME 4*2175Sjp161948 5*2175Sjp161948dh - Diffie-Hellman key agreement 6*2175Sjp161948 7*2175Sjp161948=head1 SYNOPSIS 8*2175Sjp161948 9*2175Sjp161948 #include <openssl/dh.h> 10*2175Sjp161948 #include <openssl/engine.h> 11*2175Sjp161948 12*2175Sjp161948 DH * DH_new(void); 13*2175Sjp161948 void DH_free(DH *dh); 14*2175Sjp161948 15*2175Sjp161948 int DH_size(const DH *dh); 16*2175Sjp161948 17*2175Sjp161948 DH * DH_generate_parameters(int prime_len, int generator, 18*2175Sjp161948 void (*callback)(int, int, void *), void *cb_arg); 19*2175Sjp161948 int DH_check(const DH *dh, int *codes); 20*2175Sjp161948 21*2175Sjp161948 int DH_generate_key(DH *dh); 22*2175Sjp161948 int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); 23*2175Sjp161948 24*2175Sjp161948 void DH_set_default_method(const DH_METHOD *meth); 25*2175Sjp161948 const DH_METHOD *DH_get_default_method(void); 26*2175Sjp161948 int DH_set_method(DH *dh, const DH_METHOD *meth); 27*2175Sjp161948 DH *DH_new_method(ENGINE *engine); 28*2175Sjp161948 const DH_METHOD *DH_OpenSSL(void); 29*2175Sjp161948 30*2175Sjp161948 int DH_get_ex_new_index(long argl, char *argp, int (*new_func)(), 31*2175Sjp161948 int (*dup_func)(), void (*free_func)()); 32*2175Sjp161948 int DH_set_ex_data(DH *d, int idx, char *arg); 33*2175Sjp161948 char *DH_get_ex_data(DH *d, int idx); 34*2175Sjp161948 35*2175Sjp161948 DH * d2i_DHparams(DH **a, unsigned char **pp, long length); 36*2175Sjp161948 int i2d_DHparams(const DH *a, unsigned char **pp); 37*2175Sjp161948 38*2175Sjp161948 int DHparams_print_fp(FILE *fp, const DH *x); 39*2175Sjp161948 int DHparams_print(BIO *bp, const DH *x); 40*2175Sjp161948 41*2175Sjp161948=head1 DESCRIPTION 42*2175Sjp161948 43*2175Sjp161948These functions implement the Diffie-Hellman key agreement protocol. 44*2175Sjp161948The generation of shared DH parameters is described in 45*2175Sjp161948L<DH_generate_parameters(3)|DH_generate_parameters(3)>; L<DH_generate_key(3)|DH_generate_key(3)> describes how 46*2175Sjp161948to perform a key agreement. 47*2175Sjp161948 48*2175Sjp161948The B<DH> structure consists of several BIGNUM components. 49*2175Sjp161948 50*2175Sjp161948 struct 51*2175Sjp161948 { 52*2175Sjp161948 BIGNUM *p; // prime number (shared) 53*2175Sjp161948 BIGNUM *g; // generator of Z_p (shared) 54*2175Sjp161948 BIGNUM *priv_key; // private DH value x 55*2175Sjp161948 BIGNUM *pub_key; // public DH value g^x 56*2175Sjp161948 // ... 57*2175Sjp161948 }; 58*2175Sjp161948 DH 59*2175Sjp161948 60*2175Sjp161948Note that DH keys may use non-standard B<DH_METHOD> implementations, 61*2175Sjp161948either directly or by the use of B<ENGINE> modules. In some cases (eg. an 62*2175Sjp161948ENGINE providing support for hardware-embedded keys), these BIGNUM values 63*2175Sjp161948will not be used by the implementation or may be used for alternative data 64*2175Sjp161948storage. For this reason, applications should generally avoid using DH 65*2175Sjp161948structure elements directly and instead use API functions to query or 66*2175Sjp161948modify keys. 67*2175Sjp161948 68*2175Sjp161948=head1 SEE ALSO 69*2175Sjp161948 70*2175Sjp161948L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)>, 71*2175Sjp161948L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>, 72*2175Sjp161948L<DH_set_method(3)|DH_set_method(3)>, L<DH_new(3)|DH_new(3)>, 73*2175Sjp161948L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>, 74*2175Sjp161948L<DH_generate_parameters(3)|DH_generate_parameters(3)>, 75*2175Sjp161948L<DH_compute_key(3)|DH_compute_key(3)>, L<d2i_DHparams(3)|d2i_DHparams(3)>, 76*2175Sjp161948L<RSA_print(3)|RSA_print(3)> 77*2175Sjp161948 78*2175Sjp161948=cut 79