On Tue, Dec 05, 2006, Olivier Mascia wrote: > Dear, > > Using current OpenSSL version (0.9.8d), which of: > DH_generate_parameters > DH_generate_parameters_ex > should better be used in new code? > > Documentation pages do not refer to the _ex version, yet dh.h shows: > > >/* Deprecated version */ > >#ifndef OPENSSL_NO_DEPRECATED > >DH * DH_generate_parameters(int prime_len,int generator, > > void (*callback)(int,int,void *),void *cb_arg); > >#endif /* !defined(OPENSSL_NO_DEPRECATED) */ > > > >/* New version */ > >int DH_generate_parameters_ex(DH *dh, int prime_len,int generator, > >BN_GENCB *cb); > > It looks like I have no problem using the _ex version, calling DH_new > () first and passing 0 for the BN_GENCB (callback) which I don't need > for now. > > Am I driving in the wrong lane? >
The DH_generate_parameters() function is deprecated as the comment implies. The _ex version can use a non-default ENGINE for the parameter generation. If you really want to be up to date you can use the new EVP_PKEY version but that's only supported in 0.9.9-dev :-) Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]