OpenSSL BN_generate_prime(3openssl)
NNNNAAAAMMMMEEEEBN_generate_prime, BN_is_prime, BN_is_prime_fasttest -
generate primes and test for primality SSSSYYYYNNNNOOOOPPPPSSSSIIIISSSS#include
BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int,
void *), BN_CTX *ctx, void *cb_arg);
int BN_is_prime_fasttest(const BIGNUM *a, int checks,
void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg,
int do_trial_division);
DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNNBN_generate_prime() generates a pseudo-random prime number
of nnnnuuuummmm bits. If rrrreeeetttt is not NNNNUUUULLLLLLLL, it will be used to store the number. If ccccaaaallllllllbbbbaaaacccckkkk is not NNNNUUUULLLLLLLL, it is called as follows:+o ccccaaaallllllllbbbbaaaacccckkkk((((0000,,,, iiii,,,, ccccbbbb_aaaarrrrgggg)))) is called after generating the
i-th potential prime number.
+o While the number is being tested for primality,ccccaaaallllllllbbbbaaaacccckkkk((((1111,,,, jjjj,,,, ccccbbbb_aaaarrrrgggg)))) is called as described below.
+o When a prime has been found, ccccaaaallllllllbbbbaaaacccckkkk((((2222,,,, iiii,,,, ccccbbbb_aaaarrrrgggg)))) is
called. The prime may have to fulfill additional requirements foruse in Diffie-Hellman key exchange:
If aaaadddddddd is not NNNNUUUULLLLLLLL, the prime will fulfill the condition p %
aaaadddddddd == rrrreeeemmmm (p % aaaadddddddd == 1 if rrrreeeemmmm == NNNNUUUULLLLLLLL) in order to suit a
given generator. If ssssaaaaffffeeee is true, it will be a safe prime (i.e. a prime p sothat (p-1)/2 is also prime).
The PRNG must be seeded prior to callingBN_generate_prime(). The prime number generation has a
negligible error probability.BN_is_prime() and BN_is_prime_fasttest() test if the number
aaaa is prime. The following tests are performed until one of them shows that aaaa is composite; if aaaa passes all these tests, it is considered prime.13/Jan/2003 Last change: 0.9.8o 1
OpenSSL BN_generate_prime(3openssl)
BN_is_prime_fasttest(), when called with ddddoooo_ttttrrrriiiiaaaallll_ddddiiiivvvviiiissssiiiioooonnnn
======== 1111, first attempts trial division by a number of small primes; if no divisors are found by this test and ccccaaaallllllllbbbbaaaacccckkkkis not NNNNUUUULLLLLLLL, ccccaaaallllllllbbbbaaaacccckkkk((((1111,,,, ----1111,,,, ccccbbbb_aaaarrrrgggg)))) is called. If
ddddoooo_ttttrrrriiiiaaaallll_ddddiiiivvvviiiissssiiiioooonnnn ======== 0000, this test is skipped.
Both BN_is_prime() and BN_is_prime_fasttest() perform a
Miller-Rabin probabilistic primality test with cccchhhheeeecccckkkkssss
iterations. If cccchhhheeeecccckkkkssss ======== BBBBNNNN_pppprrrriiiimmmmeeee_cccchhhheeeecccckkkkssss, a number of
iterations is used that yields a false positive rate of atmost 2^-80 for random input.
If ccccaaaallllllllbbbbaaaacccckkkk is not NNNNUUUULLLLLLLL, ccccaaaallllllllbbbbaaaacccckkkk((((1111,,,, jjjj,,,, ccccbbbb_aaaarrrrgggg)))) is called
after the j-th iteration (j = 0, 1, ...). ccccttttxxxx is a pre-
allocated BBBBNNNN_CCCCTTTTXXXX (to save the overhead of allocating and
freeing the structure in a loop), or NNNNUUUULLLLLLLL. RRRREEEETTTTUUUURRRRNNNN VVVVAAAALLLLUUUUEEEESSSSBN_generate_prime() returns the prime number on success,
NNNNUUUULLLLLLLL otherwise.BN_is_prime() returns 0 if the number is composite, 1 if it
is prime with an error probability of less than 0.25^cccchhhheeeecccckkkkssss,and -1 on error.
The error codes can be obtained by ERR_get_error(3).
SSSSEEEEEEEE AAAALLLLSSSSOOOObn(3), ERR_get_error(3), rand(3)
HHHHIIIISSSSTTTTOOOORRRRYYYYThe ccccbbbb_aaaarrrrgggg arguments to BN_generate_prime() and to
BN_is_prime() were added in SSLeay 0.9.0. The rrrreeeetttt argument
to BN_generate_prime() was added in SSLeay 0.9.1.
BN_is_prime_fasttest() was added in OpenSSL 0.9.5.
13/Jan/2003 Last change: 0.9.8o 2