A
DH_METHOD specifies the functions that OpenSSL uses for Diffie-Hellman operations. By modifying the method, alternative implementations such as hardware accelerators may be used. IMPORTANT: See the NOTES section for important information about how these DH API functions are affected by the use of ENGINE API calls.Initially, the default DH_METHOD is the OpenSSL internal implementation, as returned by DH_OpenSSL().
DH_set_default_method() makes meth the default method for all DH structures created later. NB: This is true only whilst no ENGINE has been set as a default for DH, so this function is no longer recommended.
DH_get_default_method() returns a pointer to the current default DH_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.
DH_set_method() selects meth to perform all operations using the key dh. This will replace the DH_METHOD used by the DH key and if the previous method was supplied by an ENGINE, the handle to that ENGINE will be released during the change. It is possible to have DH keys that only work with certain DH_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the DH_METHOD for the key can have unexpected results.
DH_new_method() allocates and initializes a DH structure so that engine will be used for the DH operations. If engine is NULL, the default ENGINE for DH operations is used, and if no default ENGINE is set, the DH_METHOD controlled by DH_set_default_method() is used.