Function

SSLSetDiffieHellmanParams(_:_:_:)

Specifies Diffie-Hellman parameters for a given context.

Declaration

func SSLSetDiffieHellmanParams(_ context: SSLContext, _ dhParams: UnsafeRawPointer?, _ dhParamsLen: Int) -> OSStatus

Parameters

context

An SSL session context reference.

dhParams

A pointer to a buffer containing the Diffie-Hellman parameters in Open SSL DER format.

dhParamsLen

A value representing the size of the buffer pointed to by the dhParams parameter.

Return Value

A result code. See Secure Transport Result Codes.

Discussion

You can use this function to specify a set of Diffie-Hellman parameters to be used by Secure Transport for a specific session. Use of this function is optional. If Diffie-Hellman ciphers are allowed, the server and client negotiate a Diffie-Hellman cipher, and this function has not been called, then secure transport calculates a set of process wide parameters. However, that process can take as long as 30 seconds. Diffie-Hellman ciphers are enabled by default. See SSLSetEnabledCiphers(_:_:_:).

In SSL/TLS, Diffie-Hellman parameters are always specified by the server. Therefore, this function can be called only by the server side of the connection.

You can use the SSLGetDiffieHellmanParams(_:_:_:) function to retrieve Diffie-Hellman parameters specified in an earlier call to SSLSetDiffieHellmanParams(_:_:_:).

See Also

Ciphers

func SSLGetNumberSupportedCiphers(SSLContext, UnsafeMutablePointer<Int>) -> OSStatus

Determines the number of cipher suites supported.

Deprecated
func SSLSetEnabledCiphers(SSLContext, UnsafePointer<SSLCipherSuite>, Int) -> OSStatus

Specifies a restricted set of SSL cipher suites to be enabled by the current SSL session context.

Deprecated
func SSLGetNumberEnabledCiphers(SSLContext, UnsafeMutablePointer<Int>) -> OSStatus

Determines the number of cipher suites currently enabled.

Deprecated
func SSLGetNegotiatedCipher(SSLContext, UnsafeMutablePointer<SSLCipherSuite>) -> OSStatus

Retrieves the cipher suite negotiated for this session.

Deprecated
enum tls_ciphersuite_group_t

Groups that collect ciphersuites of comparable security properties.

enum tls_ciphersuite_t

The collection of valid ciphersuites.

typealias SSLCipherSuite

A type for storing cipher suite values.

enum SSLCiphersuiteGroup

A mechanism for grouping related cipher suites.

SSL Cipher Suite Values

Recognize the set of valid SSL cipher suite values.