Function

SSLSetDiffieHellmanParams

Specifies Diffie-Hellman parameters for a given context.

Declaration

OSStatus SSLSetDiffieHellmanParams(SSLContextRef context, const void *dhParams, size_t dhParamsLen);

Parameters

context

An SSL session context reference.

dhParams

A pointer to a buffer containing the Diffie-Hellman parameters in Open SSL DER format.

dhParamsLen

A value representing the size of the buffer pointed to by the dhParams parameter.

Return Value

A result code. See Secure Transport Result Codes.

Discussion

You can use this function to specify a set of Diffie-Hellman parameters to be used by Secure Transport for a specific session. Use of this function is optional. If Diffie-Hellman ciphers are allowed, the server and client negotiate a Diffie-Hellman cipher, and this function has not been called, then secure transport calculates a set of process wide parameters. However, that process can take as long as 30 seconds. Diffie-Hellman ciphers are enabled by default. See SSLSetEnabledCiphers.

In SSL/TLS, Diffie-Hellman parameters are always specified by the server. Therefore, this function can be called only by the server side of the connection.

You can use the SSLGetDiffieHellmanParams function to retrieve Diffie-Hellman parameters specified in an earlier call to SSLSetDiffieHellmanParams.

See Also

Ciphers

SSLGetNumberSupportedCiphers

Determines the number of cipher suites supported.

Deprecated
SSLGetSupportedCiphers

Determines the values of the supported cipher suites.

Deprecated
SSLSetEnabledCiphers

Specifies a restricted set of SSL cipher suites to be enabled by the current SSL session context.

Deprecated
SSLGetNumberEnabledCiphers

Determines the number of cipher suites currently enabled.

Deprecated
SSLGetEnabledCiphers

Determines which SSL cipher suites are currently enabled.

Deprecated
SSLGetNegotiatedCipher

Retrieves the cipher suite negotiated for this session.

Deprecated
SSLGetDiffieHellmanParams

Retrieves the Diffie-Hellman parameters for a given context.

Deprecated
SSLCipherSuite

A type for storing cipher suite values.

SSLCiphersuiteGroup

A mechanism for grouping related cipher suites.

SSL Cipher Suite Values

Recognize the set of valid SSL cipher suite values.