DOKK / manpages / debian 11 / libkcapi-dev / kcapi_kpp_dh_setparam_pkcs3.3.en
KCAPI_KPP_DH_SETPARA(3) Programming Interface KCAPI_KPP_DH_SETPARA(3)

kcapi_kpp_dh_setparam_pkcs3 - set the PG parameters using PKCS3 format

int kcapi_kpp_dh_setparam_pkcs3(struct kcapi_handle * handle, const uint8_t * pkcs3, uint32_t pkcs3len);

handle

[in] cipher handle

pkcs3

[in] parameter buffer in DER format

pkcs3len

[in] length of key buffer

With this function, the caller sets the PG parameters for subsequent cipher operations.

The parameter set must be in DER format as follows

SEQUENCE { prime INTEGER ({ dh_get_p }), base INTEGER ({ dh_get_g }) }

The following command generates such parameter set where the output

openssl dhparam -outform DER -out dhparam.der 2048

Note, this function defines that the subsequent key generation and shared secret operation performs an FFC Diffie-Hellman operation.

After the caller provided the key, the caller may destroy the parameter as it is now maintained by the kernel.

return upon success the value of the maximum size for the KPP operation is returned (e.g. the prime size); a negative errno-style error code if an error occurred

Stephan Mueller <smueller@chronox.de>

Author.

November 2020 libkcapi Manual 1.2.1