void *BN_GENCB_get_arg(BN_GENCB *cb);
-Deprecated:
+Deprecated since OpenSSL 0.9.8, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
- #if OPENSSL_API_COMPAT < 0x00908000L
BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
BIGNUM *rem, void (*callback)(int, int, void *),
void *cb_arg);
int BN_is_prime_fasttest(const BIGNUM *a, int checks,
void (*callback)(int, int, void *), BN_CTX *ctx,
void *cb_arg, int do_trial_division);
- #endif
=head1 DESCRIPTION
When a prime has been found, B<BN_GENCB_call(cb, 2, i)> is called.
+=item *
+
+The callers of BN_generate_prime_ex() may call B<BN_GENCB_call(cb, i, j)> with
+other values as described in their respective man pages; see L</SEE ALSO>.
+
=back
The prime may have to fulfill additional requirements for use in
Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin
probabilistic primality test with B<nchecks> iterations. If
B<nchecks == BN_prime_checks>, a number of iterations is used that
-yields a false positive rate of at most 2^-80 for random input.
+yields a false positive rate of at most 2^-64 for random input.
+The error rate depends on the size of the prime and goes down for bigger primes.
+The rate is 2^-80 starting at 308 bits, 2^-112 at 852 bits, 2^-128 at 1080 bits,
+2^-192 at 3747 bits and 2^-256 at 6394 bits.
+
+When the source of the prime is not random or not trusted, the number
+of checks needs to be much higher to reach the same level of assurance:
+It should equal half of the targeted security level in bits (rounded up to the
+next integer if necessary).
+For instance, to reach the 128 bit security level, B<nchecks> should be set to
+64.
If B<cb> is not B<NULL>, B<BN_GENCB_call(cb, 1, j)> is called
after the j-th iteration (j = 0, 1, ...). B<ctx> is a
pre-allocated B<BN_CTX> (to save the overhead of allocating and
freeing the structure in a loop), or B<NULL>.
-BN_GENCB_call calls the callback function held in the B<BN_GENCB> structure
+BN_GENCB_call() calls the callback function held in the B<BN_GENCB> structure
and passes the ints B<a> and B<b> as arguments. There are two types of
B<BN_GENCB> structure that are supported: "new" style and "old" style. New
programs should prefer the "new" style, whilst the "old" style is provided
for backwards compatibility purposes.
-A BN_GENCB structure should be created through a call to BN_GENCB_new(),
+A B<BN_GENCB> structure should be created through a call to BN_GENCB_new(),
and freed through a call to BN_GENCB_free().
For "new" style callbacks a BN_GENCB structure should be initialised with a
the type of the callback and will invoke B<callback(a, b, gencb)> for new
style callbacks or B<callback(a, b, cb_arg)> for old style.
-It is possible to obtained the argument associated with a BN_GENCB structure
+It is possible to obtain the argument associated with a BN_GENCB structure
(set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.
-BN_generate_prime (deprecated) works in the same way as
-BN_generate_prime_ex but expects an old style callback function
+BN_generate_prime() (deprecated) works in the same way as
+BN_generate_prime_ex() but expects an old-style callback function
directly in the B<callback> parameter, and an argument to pass to it in
-the B<cb_arg>. Similarly BN_is_prime and BN_is_prime_fasttest are
-deprecated and can be compared to BN_is_prime_ex and
-BN_is_prime_fasttest_ex respectively.
+the B<cb_arg>. BN_is_prime() and BN_is_prime_fasttest()
+can similarly be compared to BN_is_prime_ex() and
+BN_is_prime_fasttest_ex(), respectively.
=head1 RETURN VALUES
=head1 SEE ALSO
-L<ERR_get_error(3)>, L<RAND_bytes(3)>
+L<DH_generate_parameters(3)>, L<DSA_generate_parameters(3)>,
+L<RSA_generate_key(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>
=head1 HISTORY
-BN_GENCB_new(), BN_GENCB_free(),
-and BN_GENCB_get_arg() were added in OpenSSL 1.1.0
+The BN_GENCB_new(), BN_GENCB_free(),
+and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.
=head1 COPYRIGHT
-Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
-Licensed under the OpenSSL license (the "License"). You may not use
+Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
projects / openssl.git / blobdiff