1BN_generate_prime(3)                OpenSSL               BN_generate_prime(3)
2
3
4

NAME

6       BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes
7       and test for primality
8

SYNOPSIS

10        #include <openssl/bn.h>
11
12        BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
13            BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
14
15        int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int,
16            void *), BN_CTX *ctx, void *cb_arg);
17
18        int BN_is_prime_fasttest(const BIGNUM *a, int checks,
19            void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg,
20            int do_trial_division);
21

DESCRIPTION

23       BN_generate_prime() generates a pseudo-random prime number of num bits.
24       If ret is not NULL, it will be used to store the number.
25
26       If callback is not NULL, it is called as follows:
27
28       ·   callback(0, i, cb_arg) is called after generating the i-th poten‐
29           tial prime number.
30
31       ·   While the number is being tested for primality, callback(1, j,
32           cb_arg) is called as described below.
33
34       ·   When a prime has been found, callback(2, i, cb_arg) is called.
35
36       The prime may have to fulfill additional requirements for use in
37       Diffie-Hellman key exchange:
38
39       If add is not NULL, the prime will fulfill the condition p % add == rem
40       (p % add == 1 if rem == NULL) in order to suit a given generator.
41
42       If safe is true, it will be a safe prime (i.e. a prime p so that
43       (p-1)/2 is also prime).
44
45       The PRNG must be seeded prior to calling BN_generate_prime().  The
46       prime number generation has a negligible error probability.
47
48       BN_is_prime() and BN_is_prime_fasttest() test if the number a is prime.
49       The following tests are performed until one of them shows that a is
50       composite; if a passes all these tests, it is considered prime.
51
52       BN_is_prime_fasttest(), when called with do_trial_division == 1, first
53       attempts trial division by a number of small primes; if no divisors are
54       found by this test and callback is not NULL, callback(1, -1, cb_arg) is
55       called.  If do_trial_division == 0, this test is skipped.
56
57       Both BN_is_prime() and BN_is_prime_fasttest() perform a Miller-Rabin
58       probabilistic primality test with checks iterations. If checks ==
59       BN_prime_checks, a number of iterations is used that yields a false
60       positive rate of at most 2^-80 for random input.
61
62       If callback is not NULL, callback(1, j, cb_arg) is called after the
63       j-th iteration (j = 0, 1, ...). ctx is a pre-allocated BN_CTX (to save
64       the overhead of allocating and freeing the structure in a loop), or
65       NULL.
66

RETURN VALUES

68       BN_generate_prime() returns the prime number on success, NULL other‐
69       wise.
70
71       BN_is_prime() returns 0 if the number is composite, 1 if it is prime
72       with an error probability of less than 0.25^checks, and -1 on error.
73
74       The error codes can be obtained by ERR_get_error(3).
75

SEE ALSO

77       bn(3), ERR_get_error(3), rand(3)
78

HISTORY

80       The cb_arg arguments to BN_generate_prime() and to BN_is_prime() were
81       added in SSLeay 0.9.0. The ret argument to BN_generate_prime() was
82       added in SSLeay 0.9.1.  BN_is_prime_fasttest() was added in OpenSSL
83       0.9.5.
84
85
86
870.9.8b                            2003-01-13              BN_generate_prime(3)
Impressum