MirBSD manpage: BN_generate_prime(3), BN_is_prime(3), BN_is_prime_fasttest(3)



     BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - gen-
     erate primes and test for primality


      #include <openssl/bn.h>

      BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
          BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);

      int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int,
          void *), BN_CTX *ctx, void *cb_arg);

      int BN_is_prime_fasttest(const BIGNUM *a, int checks,
          void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg,
          int do_trial_division);


     BN_generate_prime() generates a pseudo-random prime number
     of num bits. If ret is not NULL, it will be used to store
     the number.

     If callback is not NULL, it is called as follows:

     +   callback(0, i, cb_arg) is called after generating the
         i-th potential prime number.

     +   While the number is being tested for primality, call-
         back(1, j, cb_arg) is called as described below.

     +   When a prime has been found, callback(2, i, cb_arg) is

     The prime may have to fulfill additional requirements for
     use in Diffie-Hellman key exchange:

     If add is not NULL, the prime will fulfill the condition p %
     add == rem (p % add == 1 if rem == NULL) in order to suit a
     given generator.

     If safe is true, it will be a safe prime (i.e. a prime p so
     that (p-1)/2 is also prime).

     The PRNG must be seeded prior to calling
     BN_generate_prime(). The prime number generation has a
     negligible error probability.

     BN_is_prime() and BN_is_prime_fasttest() test if the number
     a is prime.  The following tests are performed until one of
     them shows that a is composite; if a passes all these tests,
     it is considered prime.

MirBSD #10-current         2005-02-05                           1


     BN_is_prime_fasttest(), when called with do_trial_division
     == 1, first attempts trial division by a number of small
     primes; if no divisors are found by this test and callback
     is not NULL, callback(1, -1, cb_arg) is called. If
     do_trial_division == 0, this test is skipped.

     Both BN_is_prime() and BN_is_prime_fasttest() perform a
     Miller-Rabin probabilistic primality test with checks itera-
     tions. If checks == BN_prime_checks, a number of iterations
     is used that yields a false positive rate of at most 2^-80
     for random input.

     If callback is not NULL, callback(1, j, cb_arg) is called
     after the j-th iteration (j = 0, 1, ...). ctx is a pre-
     allocated BN_CTX (to save the overhead of allocating and
     freeing the structure in a loop), or NULL.


     BN_generate_prime() returns the prime number on success,
     NULL otherwise.

     BN_is_prime() returns 0 if the number is composite, 1 if it
     is prime with an error probability of less than 0.25^checks,
     and -1 on error.

     The error codes can be obtained by ERR_get_error(3).


     bn(3), ERR_get_error(3), rand(3)


     The cb_arg arguments to BN_generate_prime() and to
     BN_is_prime() were added in SSLeay 0.9.0. The ret argument
     to BN_generate_prime() was added in SSLeay 0.9.1.
     BN_is_prime_fasttest() was added in OpenSSL 0.9.5.

MirBSD #10-current         2005-02-05                           2

Generated on 2022-12-24 01:00:14 by $MirOS: src/scripts/roff2htm,v 1.113 2022/12/21 23:14:31 tg Exp $ — This product includes material provided by mirabilos.

These manual pages and other documentation are copyrighted by their respective writers; their sources are available at the project’s CVSweb, AnonCVS and other mirrors. The rest is Copyright © 2002–2022 MirBSD.

This manual page’s HTML representation is supposed to be valid XHTML/1.1; if not, please send a bug report — diffs preferred.

Kontakt / Impressum & Datenschutzerklärung