diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2020-01-31 08:18:46 +1000 |
|---|---|---|
| committer | Shane Lontis <shane.lontis@oracle.com> | 2020-01-31 08:18:46 +1000 |
| commit | ca2bf555cd64bc9624af1259ce3cd27f95a5763e (patch) | |
| tree | e02beb157e56973ada62c679cb7b3b8756e86dfe /doc | |
| parent | cd624ccd41ac3ac779c1c7a7a1e63427ce9588dd (diff) | |
Add support for DH 'modp' group parameters (RFC 3526)
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10897)
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/man3/DH_new_by_nid.pod | 9 | ||||
| -rw-r--r-- | doc/man3/EVP_PKEY_CTX_ctrl.pod | 9 |
2 files changed, 11 insertions, 7 deletions
diff --git a/doc/man3/DH_new_by_nid.pod b/doc/man3/DH_new_by_nid.pod index 6a80093c79..5fd71ffb5a 100644 --- a/doc/man3/DH_new_by_nid.pod +++ b/doc/man3/DH_new_by_nid.pod @@ -8,13 +8,16 @@ DH_new_by_nid, DH_get_nid - get or find DH named parameters #include <openssl/dh.h> DH *DH_new_by_nid(int nid); - int *DH_get_nid(const DH *dh); + int *DH_get_nid(DH *dh); =head1 DESCRIPTION DH_new_by_nid() creates and returns a DH structure containing named parameters B<nid>. Currently B<nid> must be B<NID_ffdhe2048>, B<NID_ffdhe3072>, -B<NID_ffdhe4096>, B<NID_ffdhe6144> or B<NID_ffdhe8192>. +B<NID_ffdhe4096>, B<NID_ffdhe6144>, B<NID_ffdhe8192>, +B<NID_modp_1536>, B<NID_modp_2048>, B<NID_modp_3072>, +B<NID_modp_4096>, B<NID_modp_6144> or B<NID_modp_8192>. + DH_get_nid() determines if the parameters contained in B<dh> match any named set. It returns the NID corresponding to the matching parameters or @@ -29,7 +32,7 @@ B<NID_undef> if there is no match. =head1 COPYRIGHT -Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/EVP_PKEY_CTX_ctrl.pod b/doc/man3/EVP_PKEY_CTX_ctrl.pod index 41f8d919d4..629c4190f6 100644 --- a/doc/man3/EVP_PKEY_CTX_ctrl.pod +++ b/doc/man3/EVP_PKEY_CTX_ctrl.pod @@ -410,10 +410,11 @@ prime B<p>. If B<pad> is zero (the default) then no padding is performed. EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to -B<nid> as defined in RFC7919. The B<nid> parameter must be B<NID_ffdhe2048>, -B<NID_ffdhe3072>, B<NID_ffdhe4096>, B<NID_ffdhe6144>, B<NID_ffdhe8192> -or B<NID_undef> to clear the stored value. This macro can be called during -parameter or key generation. +B<nid> as defined in RFC7919 or RFC3526. The B<nid> parameter must be +B<NID_ffdhe2048>, B<NID_ffdhe3072>, B<NID_ffdhe4096>, B<NID_ffdhe6144>, +B<NID_ffdhe8192>, B<NID_modp_1536>, B<NID_modp_2048>, B<NID_modp_3072>, +B<NID_modp_4096>, B<NID_modp_6144>, B<NID_modp_8192> or B<NID_undef> to clear +the stored value. This macro can be called during parameter or key generation. The nid parameter and the rfc5114 parameter are mutually exclusive. The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are |