1*1dcdf01fSchristos=pod 2*1dcdf01fSchristos 3*1dcdf01fSchristos=head1 NAME 4*1dcdf01fSchristos 5*1dcdf01fSchristosDH_set_default_method, DH_get_default_method, 6*1dcdf01fSchristosDH_set_method, DH_new_method, DH_OpenSSL - select DH method 7*1dcdf01fSchristos 8*1dcdf01fSchristos=head1 SYNOPSIS 9*1dcdf01fSchristos 10*1dcdf01fSchristos #include <openssl/dh.h> 11*1dcdf01fSchristos 12*1dcdf01fSchristos void DH_set_default_method(const DH_METHOD *meth); 13*1dcdf01fSchristos 14*1dcdf01fSchristos const DH_METHOD *DH_get_default_method(void); 15*1dcdf01fSchristos 16*1dcdf01fSchristos int DH_set_method(DH *dh, const DH_METHOD *meth); 17*1dcdf01fSchristos 18*1dcdf01fSchristos DH *DH_new_method(ENGINE *engine); 19*1dcdf01fSchristos 20*1dcdf01fSchristos const DH_METHOD *DH_OpenSSL(void); 21*1dcdf01fSchristos 22*1dcdf01fSchristos=head1 DESCRIPTION 23*1dcdf01fSchristos 24*1dcdf01fSchristosA B<DH_METHOD> specifies the functions that OpenSSL uses for Diffie-Hellman 25*1dcdf01fSchristosoperations. By modifying the method, alternative implementations 26*1dcdf01fSchristossuch as hardware accelerators may be used. IMPORTANT: See the NOTES section for 27*1dcdf01fSchristosimportant information about how these DH API functions are affected by the use 28*1dcdf01fSchristosof B<ENGINE> API calls. 29*1dcdf01fSchristos 30*1dcdf01fSchristosInitially, the default DH_METHOD is the OpenSSL internal implementation, as 31*1dcdf01fSchristosreturned by DH_OpenSSL(). 32*1dcdf01fSchristos 33*1dcdf01fSchristosDH_set_default_method() makes B<meth> the default method for all DH 34*1dcdf01fSchristosstructures created later. 35*1dcdf01fSchristosB<NB>: This is true only whilst no ENGINE has been set 36*1dcdf01fSchristosas a default for DH, so this function is no longer recommended. 37*1dcdf01fSchristosThis function is not thread-safe and should not be called at the same time 38*1dcdf01fSchristosas other OpenSSL functions. 39*1dcdf01fSchristos 40*1dcdf01fSchristosDH_get_default_method() returns a pointer to the current default DH_METHOD. 41*1dcdf01fSchristosHowever, the meaningfulness of this result is dependent on whether the ENGINE 42*1dcdf01fSchristosAPI is being used, so this function is no longer recommended. 43*1dcdf01fSchristos 44*1dcdf01fSchristosDH_set_method() selects B<meth> to perform all operations using the key B<dh>. 45*1dcdf01fSchristosThis will replace the DH_METHOD used by the DH key and if the previous method 46*1dcdf01fSchristoswas supplied by an ENGINE, the handle to that ENGINE will be released during the 47*1dcdf01fSchristoschange. It is possible to have DH keys that only work with certain DH_METHOD 48*1dcdf01fSchristosimplementations (e.g. from an ENGINE module that supports embedded 49*1dcdf01fSchristoshardware-protected keys), and in such cases attempting to change the DH_METHOD 50*1dcdf01fSchristosfor the key can have unexpected results. 51*1dcdf01fSchristos 52*1dcdf01fSchristosDH_new_method() allocates and initializes a DH structure so that B<engine> will 53*1dcdf01fSchristosbe used for the DH operations. If B<engine> is NULL, the default ENGINE for DH 54*1dcdf01fSchristosoperations is used, and if no default ENGINE is set, the DH_METHOD controlled by 55*1dcdf01fSchristosDH_set_default_method() is used. 56*1dcdf01fSchristos 57*1dcdf01fSchristosA new DH_METHOD object may be constructed using DH_meth_new() (see 58*1dcdf01fSchristosL<DH_meth_new(3)>). 59*1dcdf01fSchristos 60*1dcdf01fSchristos=head1 RETURN VALUES 61*1dcdf01fSchristos 62*1dcdf01fSchristosDH_OpenSSL() and DH_get_default_method() return pointers to the respective 63*1dcdf01fSchristosB<DH_METHOD>s. 64*1dcdf01fSchristos 65*1dcdf01fSchristosDH_set_default_method() returns no value. 66*1dcdf01fSchristos 67*1dcdf01fSchristosDH_set_method() returns nonzero if the provided B<meth> was successfully set as 68*1dcdf01fSchristosthe method for B<dh> (including unloading the ENGINE handle if the previous 69*1dcdf01fSchristosmethod was supplied by an ENGINE). 70*1dcdf01fSchristos 71*1dcdf01fSchristosDH_new_method() returns NULL and sets an error code that can be obtained by 72*1dcdf01fSchristosL<ERR_get_error(3)> if the allocation fails. Otherwise it 73*1dcdf01fSchristosreturns a pointer to the newly allocated structure. 74*1dcdf01fSchristos 75*1dcdf01fSchristos=head1 SEE ALSO 76*1dcdf01fSchristos 77*1dcdf01fSchristosL<DH_new(3)>, L<DH_new(3)>, L<DH_meth_new(3)> 78*1dcdf01fSchristos 79*1dcdf01fSchristos=head1 COPYRIGHT 80*1dcdf01fSchristos 81*1dcdf01fSchristosCopyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. 82*1dcdf01fSchristos 83*1dcdf01fSchristosLicensed under the OpenSSL license (the "License"). You may not use 84*1dcdf01fSchristosthis file except in compliance with the License. You can obtain a copy 85*1dcdf01fSchristosin the file LICENSE in the source distribution or at 86*1dcdf01fSchristosL<https://www.openssl.org/source/license.html>. 87*1dcdf01fSchristos 88*1dcdf01fSchristos=cut 89