[thirdparty/openssl.git] / doc / man3 / DH_get0_pqg.pod

=pod

=head1 NAME

DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key,
DH_get0_p, DH_get0_q, DH_get0_g,
DH_get0_priv_key, DH_get0_pub_key,
DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine,
DH_get_length, DH_set_length - Routines for getting and setting data in a DH object

=head1 SYNOPSIS

 #include <openssl/dh.h>

 void DH_get0_pqg(const DH *dh,
                  const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
 int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
 void DH_get0_key(const DH *dh,
                  const BIGNUM **pub_key, const BIGNUM **priv_key);
 int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
 const BIGNUM *DH_get0_p(const DH *dh);
 const BIGNUM *DH_get0_q(const DH *dh);
 const BIGNUM *DH_get0_g(const DH *dh);
 const BIGNUM *DH_get0_priv_key(const DH *dh);
 const BIGNUM *DH_get0_pub_key(const DH *dh);
 void DH_clear_flags(DH *dh, int flags);
 int DH_test_flags(const DH *dh, int flags);
 void DH_set_flags(DH *dh, int flags);

 long DH_get_length(const DH *dh);
 int DH_set_length(DH *dh, long length);

Deprecated since OpenSSL 3.0, can be hidden entirely by defining
B<OPENSSL_API_COMPAT> with a suitable version value, see
L<openssl_user_macros(7)>:

 ENGINE *DH_get0_engine(DH *d);

=head1 DESCRIPTION

A DH object contains the parameters I<p>, I<q> and I<g>. Note that the I<q>
parameter is optional. It also contains a public key (I<pub_key>) and
(optionally) a private key (I<priv_key>).

The I<p>, I<q> and I<g> parameters can be obtained by calling DH_get0_pqg().
If the parameters have not yet been set then I<*p>, I<*q> and I<*g> will be set
to NULL. Otherwise they are set to pointers to their respective values. These
point directly to the internal representations of the values and therefore
should not be freed directly.
Any of the out parameters I<p>, I<q>, and I<g> can be NULL, in which case no
value will be returned for that parameter.

The I<p>, I<q> and I<g> values can be set by calling DH_set0_pqg() and passing
the new values for I<p>, I<q> and I<g> as parameters to the function. Calling
this function transfers the memory management of the values to the DH object,
and therefore the values that have been passed in should not be freed directly
after this function has been called. The I<q> parameter may be NULL.
DH_set0_pqg() also checks if the parameters associated with I<p> and I<g> and
optionally I<q> are associated with known safe prime groups. If it is a safe
prime group then the value of I<q> will be set to q = (p - 1) / 2 if I<q> is
NULL. The optional length parameter will be set to BN_num_bits(I<q>) if I<q>
is not NULL.

To get the public and private key values use the DH_get0_key() function. A
pointer to the public key will be stored in I<*pub_key>, and a pointer to the
private key will be stored in I<*priv_key>. Either may be NULL if they have not
been set yet, although if the private key has been set then the public key must
be. The values point to the internal representation of the public key and
private key values. This memory should not be freed directly.
Any of the out parameters I<pub_key> and I<priv_key> can be NULL, in which case
no value will be returned for that parameter.

The public and private key values can be set using DH_set0_key(). Either
parameter may be NULL, which means the corresponding DH field is left
untouched. As with DH_set0_pqg() this function transfers the memory management
of the key values to the DH object, and therefore they should not be freed
directly after this function has been called.

Any of the values I<p>, I<q>, I<g>, I<priv_key>, and I<pub_key> can also be
retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(),
DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.

DH_set_flags() sets the flags in the I<flags> parameter on the DH object.
Multiple flags can be passed in one go (bitwise ORed together). Any flags that
are already set are left set. DH_test_flags() tests to see whether the flags
passed in the I<flags> parameter are currently set in the DH object. Multiple
flags can be tested in one go. All flags that are currently set are returned, or
zero if none of the flags are set. DH_clear_flags() clears the specified flags
within the DH object.

DH_get0_engine() returns a handle to the ENGINE that has been set for this DH
object, or NULL if no such ENGINE has been set. This function is deprecated.

The DH_get_length() and DH_set_length() functions get and set the optional
length parameter associated with this DH object. If the length is nonzero then
it is used, otherwise it is ignored. The I<length> parameter indicates the
length of the secret exponent (private key) in bits. These functions are
deprecated. For safe prime groups the optional length parameter I<length> can be
set to a value greater or equal to 2 * maximum_target_security_strength(BN_num_bits(I<p>))
as listed in SP800-56Ar3 Table(s) 25 & 26.

=head1 NOTES

Values retrieved with DH_get0_key() are owned by the DH object used
in the call and may therefore I<not> be passed to DH_set0_key().  If
needed, duplicate the received value using BN_dup() and pass the
duplicate.  The same applies to DH_get0_pqg() and DH_set0_pqg().

=head1 RETURN VALUES

DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.

DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key()
return the respective value, or NULL if it is unset.

DH_test_flags() returns the current state of the flags in the DH object.

DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE
has been set.

DH_get_length() returns the length of the secret exponent (private key) in bits,
or zero if no such length has been explicitly set.

=head1 SEE ALSO

L<DH_new(3)>, L<DH_new(3)>, L<DH_generate_parameters(3)>, L<DH_generate_key(3)>,
L<DH_set_method(3)>, L<DH_size(3)>, L<DH_meth_new(3)>

=head1 HISTORY

The DH_get0_engine() function was deprecated in OpenSSL 3.0.

The functions described here were added in OpenSSL 1.1.0.

=head1 COPYRIGHT

Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
0263b992 MC	1	=pod
	2
	3	=head1 NAME
	4
6db7fadf DMSP	5	DH_get0_pqg, DH_set0_pqg, DH_get0_key, DH_set0_key,
	6	DH_get0_p, DH_get0_q, DH_get0_g,
	7	DH_get0_priv_key, DH_get0_pub_key,
	8	DH_clear_flags, DH_test_flags, DH_set_flags, DH_get0_engine,
	9	DH_get_length, DH_set_length - Routines for getting and setting data in a DH object
0263b992 MC	10
	11	=head1 SYNOPSIS
	12
	13	#include <openssl/dh.h>
	14
fd809cfd RL	15	void DH_get0_pqg(const DH *dh,
fd809cfd RL	16	const BIGNUM p, const BIGNUM q, const BIGNUM **g);
0263b992	17	int DH_set0_pqg(DH dh, BIGNUM p, BIGNUM q, BIGNUM g);
fd809cfd RL	18	void DH_get0_key(const DH *dh,
fd809cfd RL	19	const BIGNUM pub_key, const BIGNUM priv_key);
0263b992	20	int DH_set0_key(DH dh, BIGNUM pub_key, BIGNUM *priv_key);
6db7fadf DMSP	21	const BIGNUM DH_get0_p(const DH dh);
	22	const BIGNUM DH_get0_q(const DH dh);
	23	const BIGNUM DH_get0_g(const DH dh);
	24	const BIGNUM DH_get0_priv_key(const DH dh);
	25	const BIGNUM DH_get0_pub_key(const DH dh);
0263b992 MC	26	void DH_clear_flags(DH *dh, int flags);
	27	int DH_test_flags(const DH *dh, int flags);
	28	void DH_set_flags(DH *dh, int flags);
ada66e78	29
ccefc341 P	30	long DH_get_length(const DH *dh);
	31	int DH_set_length(DH *dh, long length);
	32
ada66e78 P	33	Deprecated since OpenSSL 3.0, can be hidden entirely by defining
	34	B<OPENSSL_API_COMPAT> with a suitable version value, see
	35	L<openssl_user_macros(7)>:
	36
0263b992	37	ENGINE DH_get0_engine(DH d);
0263b992 MC	38
	39	=head1 DESCRIPTION
	40
55f02cb6 SL	41	A DH object contains the parameters I<p>, I<q> and I<g>. Note that the I<q>
	42	parameter is optional. It also contains a public key (I<pub_key>) and
	43	(optionally) a private key (I<priv_key>).
0263b992	44
55f02cb6 SL	45	The I<p>, I<q> and I<g> parameters can be obtained by calling DH_get0_pqg().
55f02cb6 SL	46	If the parameters have not yet been set then I<p>, I<q> and I<*g> will be set
0263b992 MC	47	to NULL. Otherwise they are set to pointers to their respective values. These
	48	point directly to the internal representations of the values and therefore
	49	should not be freed directly.
55f02cb6	50	Any of the out parameters I<p>, I<q>, and I<g> can be NULL, in which case no
5777254b	51	value will be returned for that parameter.
0263b992	52
55f02cb6 SL	53	The I<p>, I<q> and I<g> values can be set by calling DH_set0_pqg() and passing
55f02cb6 SL	54	the new values for I<p>, I<q> and I<g> as parameters to the function. Calling
0263b992 MC	55	this function transfers the memory management of the values to the DH object,
0263b992 MC	56	and therefore the values that have been passed in should not be freed directly
55f02cb6 SL	57	after this function has been called. The I<q> parameter may be NULL.
	58	DH_set0_pqg() also checks if the parameters associated with I<p> and I<g> and
	59	optionally I<q> are associated with known safe prime groups. If it is a safe
738ee181 SL	60	prime group then the value of I<q> will be set to q = (p - 1) / 2 if I<q> is
	61	NULL. The optional length parameter will be set to BN_num_bits(I<q>) if I<q>
	62	is not NULL.
0263b992 MC	63
0263b992 MC	64	To get the public and private key values use the DH_get0_key() function. A
55f02cb6 SL	65	pointer to the public key will be stored in I<*pub_key>, and a pointer to the
55f02cb6 SL	66	private key will be stored in I<*priv_key>. Either may be NULL if they have not
0263b992 MC	67	been set yet, although if the private key has been set then the public key must
	68	be. The values point to the internal representation of the public key and
	69	private key values. This memory should not be freed directly.
55f02cb6	70	Any of the out parameters I<pub_key> and I<priv_key> can be NULL, in which case
5777254b	71	no value will be returned for that parameter.
0263b992	72
7966101e DB	73	The public and private key values can be set using DH_set0_key(). Either
	74	parameter may be NULL, which means the corresponding DH field is left
	75	untouched. As with DH_set0_pqg() this function transfers the memory management
	76	of the key values to the DH object, and therefore they should not be freed
	77	directly after this function has been called.
0263b992	78
55f02cb6	79	Any of the values I<p>, I<q>, I<g>, I<priv_key>, and I<pub_key> can also be
6db7fadf DMSP	80	retrieved separately by the corresponding function DH_get0_p(), DH_get0_q(),
	81	DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key(), respectively.
	82
55f02cb6	83	DH_set_flags() sets the flags in the I<flags> parameter on the DH object.
0263b992 MC	84	Multiple flags can be passed in one go (bitwise ORed together). Any flags that
0263b992 MC	85	are already set are left set. DH_test_flags() tests to see whether the flags
55f02cb6	86	passed in the I<flags> parameter are currently set in the DH object. Multiple
0263b992 MC	87	flags can be tested in one go. All flags that are currently set are returned, or
	88	zero if none of the flags are set. DH_clear_flags() clears the specified flags
	89	within the DH object.
	90
	91	DH_get0_engine() returns a handle to the ENGINE that has been set for this DH
ada66e78	92	object, or NULL if no such ENGINE has been set. This function is deprecated.
0263b992 MC	93
0263b992 MC	94	The DH_get_length() and DH_set_length() functions get and set the optional
9c0586d5	95	length parameter associated with this DH object. If the length is nonzero then
55f02cb6	96	it is used, otherwise it is ignored. The I<length> parameter indicates the
738ee181 SL	97	length of the secret exponent (private key) in bits. These functions are
	98	deprecated. For safe prime groups the optional length parameter I<length> can be
	99	set to a value greater or equal to 2 * maximum_target_security_strength(BN_num_bits(I<p>))
	100	as listed in SP800-56Ar3 Table(s) 25 & 26.
0263b992	101
4c5e6b2c RL	102	=head1 NOTES
	103
	104	Values retrieved with DH_get0_key() are owned by the DH object used
	105	in the call and may therefore I<not> be passed to DH_set0_key(). If
	106	needed, duplicate the received value using BN_dup() and pass the
	107	duplicate. The same applies to DH_get0_pqg() and DH_set0_pqg().
	108
0263b992 MC	109	=head1 RETURN VALUES
	110
	111	DH_set0_pqg() and DH_set0_key() return 1 on success or 0 on failure.
	112
6db7fadf	113	DH_get0_p(), DH_get0_q(), DH_get0_g(), DH_get0_priv_key(), and DH_get0_pub_key()
5777254b	114	return the respective value, or NULL if it is unset.
6db7fadf	115
0263b992 MC	116	DH_test_flags() returns the current state of the flags in the DH object.
	117
	118	DH_get0_engine() returns the ENGINE set for the DH object or NULL if no ENGINE
	119	has been set.
	120
	121	DH_get_length() returns the length of the secret exponent (private key) in bits,
	122	or zero if no such length has been explicitly set.
	123
	124	=head1 SEE ALSO
	125
b97fdb57	126	L<DH_new(3)>, L<DH_new(3)>, L<DH_generate_parameters(3)>, L<DH_generate_key(3)>,
0263b992 MC	127	L<DH_set_method(3)>, L<DH_size(3)>, L<DH_meth_new(3)>
	128
	129	=head1 HISTORY
	130
ccefc341	131	The DH_get0_engine() function was deprecated in OpenSSL 3.0.
ada66e78	132
e90fc053	133	The functions described here were added in OpenSSL 1.1.0.
0263b992	134
e2f92610 RS	135	=head1 COPYRIGHT
e2f92610 RS	136
33388b44	137	Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	138
4746f25a	139	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	140	this file except in compliance with the License. You can obtain a copy
	141	in the file LICENSE in the source distribution or at
	142	L<https://www.openssl.org/source/license.html>.
	143
	144	=cut