Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
SSL_SET_TMP_ECDH(3)	 BSD Library Functions Manual	   SSL_SET_TMP_ECDH(3)

NAME
     SSL_set_tmp_ecdh, SSL_CTX_set_tmp_ecdh, SSL_set_ecdh_auto,
     SSL_CTX_set_ecdh_auto, SSL_set_tmp_ecdh_callback,
     SSL_CTX_set_tmp_ecdh_callback -- select a curve for ECDH ephemeral	key
     exchange

SYNOPSIS
     #include <openssl/ssl.h>

     long
     SSL_set_tmp_ecdh(SSL *ssl,	EC_KEY *ecdh);

     long
     SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx,	EC_KEY *ecdh);

     long
     SSL_set_ecdh_auto(SSL *ssl, int state);

     long
     SSL_CTX_set_ecdh_auto(SSL_CTX *ctx, int state);

     void
     SSL_set_tmp_ecdh_callback(SSL *ssl,
	 EC_KEY	*(*ecdh)(SSL *ssl, int is_export, int keylength));

     void
     SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
	 EC_KEY	*(*ecdh)(SSL *ssl, int is_export, int keylength));

DESCRIPTION
     Automatic EC curve	selection and generation is always enabled in Li-
     breSSL, and applications cannot manually provide EC keys for use with
     ECDHE key exchange.

     The only remaining	effect of SSL_set_tmp_ecdh() is	that the curve of the
     given ecdh	key becomes the	only curve enabled for the ssl connection, so
     it	is equivalent to calling SSL_set1_groups_list(3) with the same single
     curve name.

     SSL_CTX_set_tmp_ecdh() has	the same effect	on all connections that	will
     be	created	from ctx in the	future.

     The functions SSL_set_ecdh_auto(),	SSL_CTX_set_ecdh_auto(),
     SSL_set_tmp_ecdh_callback(), and SSL_CTX_set_tmp_ecdh_callback() are dep-
     recated and have no effect.

RETURN VALUES
     SSL_set_tmp_ecdh()	and SSL_CTX_set_tmp_ecdh() return 1 on success or 0 on
     failure.

     SSL_set_ecdh_auto(), SSL_CTX_set_ecdh_auto(),
     SSL_set_tmp_ecdh_callback(), and SSL_CTX_set_tmp_ecdh_callback() always
     return 1.

SEE ALSO
     ssl(3), SSL_CTX_set1_groups(3), SSL_CTX_set_cipher_list(3),
     SSL_CTX_set_options(3), SSL_CTX_set_tmp_dh_callback(3), SSL_new(3)

HISTORY
     SSL_set_tmp_ecdh(), SSL_CTX_set_tmp_ecdh(), SSL_set_tmp_ecdh_callback(),
     and SSL_CTX_set_tmp_ecdh_callback() first appeared	in OpenSSL 0.9.8 and
     have been available since OpenBSD 4.5.

     SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto() first appeared in OpenSSL
     1.0.2 and have been available since OpenBSD 5.7.

BSD				March 23, 2018				   BSD
NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | SEE ALSO | HISTORY

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=SSL_set_tmp_ecdh&sektion=3&manpath=FreeBSD+13.0-RELEASE+and+Ports>

home | help