| 1 | Key size | Input | Binary(4) |
| 2 | Cryptographic service provider | Input | Char(1) |
| 3 | Cryptographic device name | Input | Char(10) |
| 4 | D-H parms | Output | Char(*) |
| 5 | Length of area provided for D-H parms | Input | Binary(4) |
| 6 | Length of D-H parms returned | Output | Binary(4) |
| 7 | Error code | I/O | Char(*) |
Diffie-Hellman (D-H) is a public key algorithm used for producing a shared secret key. It is described in RFC 2631 and Public Key Cryptography Standard (PKCS) #3. The output from the Generate Diffie-Hellman Parameters (OPM, QC3GENDH; ILE, Qc3GenDHParms) API is used in generating a D-H key pair (Generate Diffie-Hellman Key Pair (OPM, QC3GENDK; ILE, Qc3GenDHKeyPair) API). These parameters are not secret and must be given to the party (or parties) with whom a secret key will be shared. Alternatively, the D-H parameters may be supplied by another party.
Information on cryptographic standards can be found in Create Algorithm Context (OPM, QC3CRTAX; ILE, Qc3CreateAlgorithmContext) API.
The length of the modulus in bits.
The key size must be a multiple of 64 with a minimum size of 512 and a maximum size of 1024.
The cryptographic service provider (CSP) that will perform the D-H operation.
| 1 | Software CSP. The system will perform the D-H operation using software. |
This parameter must be set to blanks or the pointer to this parameter set to NULL.
The area to store the D-H parameters.
The generated D-H parameters will be returned in BER encoded PKCS #3 format. For specifications of this format, refer to RSA Security Inc. Public-Key Cryptography Standards. The D-H parameters are used in generating a Diffie-Hellman key pair and must be given to the party with whom the secret key will be shared. The generated parameters are not sensitive and need not be kept secret.
The length of the D-H parms parameter.
The maximum length needed (with a key size of 1024) is 288 bytes.
The length of the generated D-H parameters returned in the D-H parms parameter.
If the length of area provided is too small, an error will be generated and no data will be returned in the D-H parms parameter.
The structure in which to return error information.
For the format of the structure, see Error code parameter.
| Message ID | Error Message Text |
|---|---|
| CPF24B4 E | Severe error while addressing parameter list. |
| CPF3C1E E | Required parameter &1 omitted. |
| CPF3CF1 E | Error code parameter not valid. |
| CPF9872 E | Program or service program &1 in library &2 ended. Reason code &3. |
| CPF9DD6 E | Length of area provided for output data is too small. |
| CPF9DDA E | Unexpected return code &1. |
| CPF9DEA E | Key size not valid. |
| CPF9DEC E | Cryptographic service provider not valid. |
| CPF9DF8 E | Cryptographic device name not valid. |
[ Back to top | Cryptographic Services APIs | APIs by category ]