man.bsd.lv manual page server

DESCRIPTION

If cb is not NULL, it is used as follows:

• BN_GENCB_call(cb, 0, i) is called after generating the i-th potential prime number.
• While the number is being tested for primality, BN_GENCB_call(cb, 1, j) is called as described below.
• When a prime has been found, BN_GENCB_call(cb, 2, i) is called.
• The callers of BN_generate_prime_ex() may call BN_GENCB_call() with other values as described in their respective manual pages; see SEE ALSO.

The prime may have to fulfill additional requirements for use in Diffie-Hellman key exchange:

If add is not NULL, the prime will fulfill the condition p % add == rem (p % add == 1 if rem == NULL) in order to suit a given generator.

If safe is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime).

The prime number generation has a negligible error probability.

BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number p is prime. The following tests are performed until one of them shows that p is composite; if p passes all these tests, it is considered prime.

BN_is_prime_fasttest_ex(), when called with do_trial_division == 1, first attempts trial division by a number of small primes; if no divisors are found by this test and cb is not NULL, BN_GENCB_call(cb, 1, -1) is called. If do_trial_division == 0, this test is skipped.

Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin probabilistic primality test with nchecks iterations. If nchecks == BN_prime_checks, a number of iterations is used that yields a false positive rate of at most 2^-80 for random input.

If cb is not NULL, BN_GENCB_call cb 1 j is called after the j-th iteration (j = 0, 1, ...). ctx is a pre-allocated BN_CTX (to save the overhead of allocating and freeing the structure in a loop), or NULL.

BN_GENCB_call() calls the callback function held in the BN_GENCB structure and passes the ints a and b as arguments. There are two types of BN_GENCB structures that are supported: "new" style and "old" style. New programs should prefer the "new" style, whilst the "old" style is provided for backwards compatibility purposes.

A BN_GENCB structure should be created through a call to BN_GENCB_new() and freed through a call to BN_GENCB_free().

For "new" style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where gencb is a BN_GENCB *, callback is of type int (*callback)(int, int, BN_GENCB *) and cb_arg is a void *. "Old" style callbacks are the same except they are initialised with a call to BN_GENCB_set_old() and callback is of type void (*callback)(int, int, void *).

A callback is invoked through a call to BN_GENCB_call(). This will check the type of the callback and will invoke callback(a, b, gencb) for new style callbacks or callback(a, b, cb_arg) for old style.

It is possible to obtain the argument associated with a BN_GENCB structure (set via a call to BN_GENCB_set() or BN_GENCB_set_old()) using BN_GENCB_get_arg().

BN_generate_prime() (deprecated) works in the same way as BN_generate_prime_ex() but expects an old style callback function directly in the callback parameter, and an argument to pass to it in the cb_arg. Similarly BN_is_prime() and BN_is_prime_fasttest() are deprecated and can be compared to BN_is_prime_ex() and BN_is_prime_fasttest_ex() respectively.