# if OPENSSL_API_COMPAT < 0x10100000L
# include <openssl/bn.h>
# endif
+# include <openssl/dherr.h>
# ifdef __cplusplus
extern "C" {
int DH_generate_parameters_ex(DH *dh, int prime_len, int generator,
BN_GENCB *cb);
+int DH_check_params_ex(const DH *dh);
+int DH_check_ex(const DH *dh);
+int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key);
int DH_check_params(const DH *dh, int *ret);
int DH_check(const DH *dh, int *codes);
int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes);
DH *DH_get_2048_224(void);
DH *DH_get_2048_256(void);
+/* Named parameters, currently RFC7919 */
+DH *DH_new_by_nid(int nid);
+int DH_get_nid(const DH *dh);
+
# ifndef OPENSSL_NO_CMS
/* RFC2631 KDF */
int DH_KDF_X9_42(unsigned char *out, size_t outlen,
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
+# define EVP_PKEY_CTX_set_dh_nid(ctx, nid) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, \
+ EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, \
+ EVP_PKEY_CTRL_DH_NID, nid, NULL)
+
+# define EVP_PKEY_CTX_set_dh_pad(ctx, pad) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_PAD, pad, NULL)
+
# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
EVP_PKEY_OP_DERIVE, \
# define EVP_PKEY_CTRL_GET_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 12)
# define EVP_PKEY_CTRL_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 13)
# define EVP_PKEY_CTRL_GET_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 14)
+# define EVP_PKEY_CTRL_DH_NID (EVP_PKEY_ALG_CTRL + 15)
+# define EVP_PKEY_CTRL_DH_PAD (EVP_PKEY_ALG_CTRL + 16)
/* KDF types */
# define EVP_PKEY_DH_KDF_NONE 1
# define EVP_PKEY_DH_KDF_X9_42 2
# endif
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-int ERR_load_DH_strings(void);
-
-/* Error codes for the DH functions. */
-
-/* Function codes. */
-# define DH_F_COMPUTE_KEY 102
-# define DH_F_DHPARAMS_PRINT_FP 101
-# define DH_F_DH_BUILTIN_GENPARAMS 106
-# define DH_F_DH_CMS_DECRYPT 114
-# define DH_F_DH_CMS_SET_PEERKEY 115
-# define DH_F_DH_CMS_SET_SHARED_INFO 116
-# define DH_F_DH_METH_DUP 117
-# define DH_F_DH_METH_NEW 118
-# define DH_F_DH_METH_SET1_NAME 119
-# define DH_F_DH_NEW_METHOD 105
-# define DH_F_DH_PARAM_DECODE 107
-# define DH_F_DH_PRIV_DECODE 110
-# define DH_F_DH_PRIV_ENCODE 111
-# define DH_F_DH_PUB_DECODE 108
-# define DH_F_DH_PUB_ENCODE 109
-# define DH_F_DO_DH_PRINT 100
-# define DH_F_GENERATE_KEY 103
-# define DH_F_PKEY_DH_DERIVE 112
-# define DH_F_PKEY_DH_KEYGEN 113
-
-/* Reason codes. */
-# define DH_R_BAD_GENERATOR 101
-# define DH_R_BN_DECODE_ERROR 109
-# define DH_R_BN_ERROR 106
-# define DH_R_DECODE_ERROR 104
-# define DH_R_INVALID_PUBKEY 102
-# define DH_R_KDF_PARAMETER_ERROR 112
-# define DH_R_KEYS_NOT_SET 108
-# define DH_R_MODULUS_TOO_LARGE 103
-# define DH_R_NO_PARAMETERS_SET 107
-# define DH_R_NO_PRIVATE_VALUE 100
-# define DH_R_PARAMETER_ENCODING_ERROR 105
-# define DH_R_PEER_KEY_ERROR 111
-# define DH_R_SHARED_INFO_ERROR 113
# ifdef __cplusplus
}