This function will generate a new pair of prime and generator for use
in the Diffie-Hellman key exchange. This may take long time.
It is recommended not to set the number of bits directly, but use
gnutls_sec_param_to_pk_bits() instead. Also note that the DH
parameters are only useful to servers. Since clients use the
parameters sent by the server, it's of no use to call this in client
The parameters generated are of the DSA form. It also is possible to
generate provable parameters (following the Shawe-Taylor algorithm),
using gnutls_x509_privkey_generate2() with DSA option and the
GNUTLS_PRIVKEY_FLAG_PROVABLE flag set. These can the be imported with
It is no longer recommended for applications to generate parameters.
See the "Parameter generation" section in the manual.
This page is part of the GnuTLS (GnuTLS Transport Layer Security
Library) project. Information about the project can be found at
⟨http://www.gnutls.org/⟩. If you have a bug report for this manual
page, send it to email@example.com.. This page was obtained from the
tarball gnutls-3.5.9.tar.xz fetched from
⟨http://www.gnutls.org/download.html⟩ on 2017-04-25. If you discover
any rendering problems in this HTML version of the page, or you
believe there is a better or more up-to-date source for the page, or
you have corrections or improvements to the information in this
COLOPHON (which is not part of the original manual page), send a mail
gnutls 3.5.9 gnutls_dh_params_generate2(3)