1BN_generate_prime(3) OpenSSL BN_generate_prime(3)
2
6 BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes
7 and test for primality
8
10 #include <openssl/bn.h>
11 BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
13 BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
14 int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int,
16 void *), BN_CTX *ctx, void *cb_arg);
17 int BN_is_prime_fasttest(const BIGNUM *a, int checks,
19 void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg,
20 int do_trial_division);
21
23 BN_generate_prime() generates a pseudo-random prime number of num bits.
24 If ret is not NULL, it will be used to store the number.
25 If callback is not NULL, it is called as follows:
27 · callback(0, i, cb_arg) is called after generating the i-th
29 potential prime number.
30 · While the number is being tested for primality, callback(1, j,
32 cb_arg) is called as described below.
33 · When a prime has been found, callback(2, i, cb_arg) is called.
35 The prime may have to fulfill additional requirements for use in
37 Diffie-Hellman key exchange:
38 If add is not NULL, the prime will fulfill the condition p % add == rem
40 (p % add == 1 if rem == NULL) in order to suit a given generator.
41 If safe is true, it will be a safe prime (i.e. a prime p so that
43 (p-1)/2 is also prime).
44 The PRNG must be seeded prior to calling BN_generate_prime(). The
46 prime number generation has a negligible error probability.
47 BN_is_prime() and BN_is_prime_fasttest() test if the number a is prime.
49 The following tests are performed until one of them shows that a is
50 composite; if a passes all these tests, it is considered prime.
51 BN_is_prime_fasttest(), when called with do_trial_division == 1, first
53 attempts trial division by a number of small primes; if no divisors are
54 found by this test and callback is not NULL, callback(1, -1, cb_arg) is
55 called. If do_trial_division == 0, this test is skipped.
56 Both BN_is_prime() and BN_is_prime_fasttest() perform a Miller-Rabin
58 probabilistic primality test with checks iterations. If checks ==
59 BN_prime_checks, a number of iterations is used that yields a false
60 positive rate of at most 2^-80 for random input.
61 If callback is not NULL, callback(1, j, cb_arg) is called after the
63 j-th iteration (j = 0, 1, ...). ctx is a pre-allocated BN_CTX (to save
64 the overhead of allocating and freeing the structure in a loop), or
65 NULL.
66
68 BN_generate_prime() returns the prime number on success, NULL
69 otherwise.
70 BN_is_prime() returns 0 if the number is composite, 1 if it is prime
72 with an error probability of less than 0.25^checks, and -1 on error.
73 The error codes can be obtained by ERR_get_error(3).
75
77 bn(3), ERR_get_error(3), rand(3)
78
80 The cb_arg arguments to BN_generate_prime() and to BN_is_prime() were
81 added in SSLeay 0.9.0. The ret argument to BN_generate_prime() was
82 added in SSLeay 0.9.1. BN_is_prime_fasttest() was added in OpenSSL
83 0.9.5.
841.0.1e 2013-02-11 BN_generate_prime(3)