diff options
Diffstat (limited to 'lib')
37 files changed, 2521 insertions, 1276 deletions
diff --git a/lib/libcrypto/man/BN_BLINDING_new.3 b/lib/libcrypto/man/BN_BLINDING_new.3 new file mode 100644 index 00000000000..c65d79c3bc4 --- /dev/null +++ b/lib/libcrypto/man/BN_BLINDING_new.3 @@ -0,0 +1,269 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_BLINDING_NEW 3 +.Os +.Sh NAME +.Nm BN_BLINDING_new , +.Nm BN_BLINDING_free , +.Nm BN_BLINDING_update , +.Nm BN_BLINDING_convert , +.Nm BN_BLINDING_invert , +.Nm BN_BLINDING_convert_ex , +.Nm BN_BLINDING_invert_ex , +.Nm BN_BLINDING_get_thread_id , +.Nm BN_BLINDING_set_thread_id , +.Nm BN_BLINDING_thread_id , +.Nm BN_BLINDING_get_flags , +.Nm BN_BLINDING_set_flags , +.Nm BN_BLINDING_create_param +.Nd blinding related BIGNUM functions +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BN_BLINDING * +.Fo BN_BLINDING_new +.Fa "const BIGNUM *A" +.Fa "const BIGNUM *Ai" +.Fa "BIGNUM *mod" +.Fc +.Ft void +.Fo BN_BLINDING_free +.Fa "BN_BLINDING *b" +.Fc +.Ft int +.Fo BN_BLINDING_update +.Fa "BN_BLINDING *b" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_BLINDING_convert +.Fa "BIGNUM *n" +.Fa "BN_BLINDING *b" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_BLINDING_invert +.Fa "BIGNUM *n" +.Fa "BN_BLINDING *b" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_BLINDING_convert_ex +.Fa "BIGNUM *n" +.Fa "BIGNUM *r" +.Fa "BN_BLINDING *b" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_BLINDING_invert_ex +.Fa "BIGNUM *n" +.Fa "const BIGNUM *r" +.Fa "BN_BLINDING *b" +.Fa "BN_CTX *ctx" +.Fc +.Fd #ifndef OPENSSL_NO_DEPRECATED +.Ft unsigned long +.Fo BN_BLINDING_get_thread_id +.Fa "const BN_BLINDING *" +.Fc +.Ft void +.Fo BN_BLINDING_set_thread_id +.Fa "BN_BLINDING *" +.Fa "unsigned long" +.Fc +.Fd #endif +.Ft CRYPTO_THREADID * +.Fo BN_BLINDING_thread_id +.Fa "BN_BLINDING *" +.Fc +.Ft unsigned long +.Fo BN_BLINDING_get_flags +.Fa "const BN_BLINDING *" +.Fc +.Ft void +.Fo BN_BLINDING_set_flags +.Fa "BN_BLINDING *" +.Fa "unsigned long" +.Fc +.Ft BN_BLINDING * +.Fo BN_BLINDING_create_param +.Fa "BN_BLINDING *b" +.Fa "const BIGNUM *e" +.Fa "BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fa "int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,\ + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)" +.Fa "BN_MONT_CTX *m_ctx" +.Fc +.Sh DESCRIPTION +.Fn BN_BLINDING_new +allocates a new +.Vt BN_BLINDING +structure and copies the +.Fa A +and +.Fa \&Ai +values into the newly created +.Vt BN_BLINDING +object. +.Pp +.Fn BN_BLINDING_free +frees the +.Vt BN_BLINDING +structure. +.Pp +.Fn BN_BLINDING_update +updates the +.Vt BN_BLINDING +parameters by squaring the +.Fa A +and +.Fa \&Ai +or, after specific number of uses and if the necessary parameters are +set, by re-creating the blinding parameters. +.Pp +.Fn BN_BLINDING_convert_ex +multiplies +.Fa n +with the blinding factor +.Fa A . +If +.Fa r +is not +.Dv NULL , +a copy of the inverse blinding factor +.Fa \&Ai +will be returned in +.Fa r +(this is useful if a +.Vt RSA +object is shared among several threads). +.Fn BN_BLINDING_invert_ex +multiplies +.Fa n +with the inverse blinding factor +.Fa \&Ai . +If +.Fa r +is not +.Dv NULL , +it will be used as the inverse blinding. +.Pp +.Fn BN_BLINDING_convert +and +.Fn BN_BLINDING_invert +are wrapper functions for +.Fn BN_BLINDING_convert_ex +and +.Fn BN_BLINDING_invert_ex +with +.Fa r +set to +.Dv NULL . +.Pp +.Fn BN_BLINDING_thread_id +provides access to the +.Vt CRYPTO_THREADID +object within the +.Vt BN_BLINDING +structure. +This is to help users provide proper locking if needed for +multi-threaded use. +The "thread id" object of a newly allocated +.Vt BN_BLINDING +structure is initialised to the thread id in which +.Fn BN_BLINDING_new +was called. +.Pp +.Fn BN_BLINDING_get_flags +returns the +.Dv BN_BLINDING_* +flags. +Currently there are two supported flags: +.Dv BN_BLINDING_NO_UPDATE +and +.Dv BN_BLINDING_NO_RECREATE . +.Dv BN_BLINDING_NO_UPDATE +inhibits the automatic update of the +.Vt BN_BLINDING +parameters after each use and +.Dv BN_BLINDING_NO_RECREATE +inhibits the automatic re-creation of the +.Vt BN_BLINDING +parameters after a fixed number of uses (currently 32). +In newly allocated +.Vt BN_BLINDING +objects no flags are set. +.Fn BN_BLINDING_set_flags +sets the +.Dv BN_BLINDING_* +parameters flags. +.Pp +.Fn BN_BLINDING_create_param +creates new +.Vt BN_BLINDING +parameters using the exponent +.Fa e +and the modulus +.Fa m . +.Fa bn_mod_exp +and +.Fa m_ctx +can be used to pass special functions for exponentiation (normally +.Xr BN_mod_exp_mont 3 +and +.Vt BN_MONT_CTX Ns ). +.Sh RETURN VALUES +.Fn BN_BLINDING_new +returns the newly allocated +.Vt BN_BLINDING +structure or +.Dv NULL +in case of an error. +.Pp +.Fn BN_BLINDING_update , +.Fn BN_BLINDING_convert , +.Fn BN_BLINDING_invert , +.Fn BN_BLINDING_convert_ex +and +.Fn BN_BLINDING_invert_ex +return 1 on success and 0 if an error occured. +.Pp +.Fn BN_BLINDING_thread_id +returns a pointer to the thread id object within a +.Vt BN_BLINDING +object. +.Pp +.Fn BN_BLINDING_get_flags +returns the currently set +.Dv BN_BLINDING_* +flags (an +.Vt unsigned long +value). +.Pp +.Fn BN_BLINDING_create_param +returns the newly created +.Vt BN_BLINDING +parameters or +.Dv NULL +on error. +.Sh SEE ALSO +.Xr bn 3 +.Sh HISTORY +.Fn BN_BLINDING_thread_id +was first introduced in OpenSSL 1.0.0, and it deprecates +.Fn BN_BLINDING_set_thread_id +and +.Fn BN_BLINDING_get_thread_id . +.Pp +.Fn BN_BLINDING_convert_ex , +.Fn BN_BLINDIND_invert_ex , +.Fn BN_BLINDING_get_thread_id , +.Fn BN_BLINDING_set_thread_id , +.Fn BN_BLINDING_set_flags , +.Fn BN_BLINDING_get_flags +and +.Fn BN_BLINDING_create_param +were first introduced in OpenSSL 0.9.8 +.Sh AUTHORS +.An Nils Larsch +for +.Lk http://www.openssl.org/ "the OpenSSL project" . diff --git a/lib/libcrypto/man/BN_CTX_new.3 b/lib/libcrypto/man/BN_CTX_new.3 new file mode 100644 index 00000000000..1a773148548 --- /dev/null +++ b/lib/libcrypto/man/BN_CTX_new.3 @@ -0,0 +1,91 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_CTX_NEW 3 +.Os +.Sh NAME +.Nm BN_CTX_new , +.Nm BN_CTX_init , +.Nm BN_CTX_free +.Nd allocate and free BN_CTX structures +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BN_CTX * +.Fo BN_CTX_new +.Fa void +.Fc +.Ft void +.Fo BN_CTX_free +.Fa "BN_CTX *c" +.Fc +.Pp +Deprecated: +.Pp +.Ft void +.Fo BN_CTX_init +.Fa "BN_CTX *c" +.Fc +.Sh DESCRIPTION +A +.Vt BN_CTX +is a structure that holds +.Vt BIGNUM +temporary variables used by library functions. +Since dynamic memory allocation to create +.Vt BIGNUM Ns s +is rather expensive when used in conjunction with repeated subroutine +calls, the +.Vt BN_CTX +structure is used. +.Pp +.Fn BN_CTX_new +allocates and initializes a +.Vt BN_CTX +structure. +.Pp +.Fn BN_CTX_free +frees the components of the +.Vt BN_CTX , +and if it was created by +.Fn BN_CTX_new , +also the structure itself. +If +.Xr BN_CTX_start 3 +has been used on the +.Vt BN_CTX , +.Xr BN_CTX_end 3 +must be called before the +.Vt BN_CTX +may be freed by +.Fn BN_CTX_free . +.Pp +.Fn BN_CTX_init +(deprecated) initializes an existing uninitialized +.Vt BN_CTX . +This should not be used for new programs. +Use +.Fn BN_CTX_new +instead. +.Sh RETURN VALUES +.Fn BN_CTX_new +returns a pointer to the +.Vt BN_CTX . +If the allocation fails, it returns +.Dv NULL +and sets an error code that can be obtained by +.Xr ERR_get_error 3 . +.Pp +.Fn BN_CTX_init +and +.Fn BN_CTX_free +return no value. +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add 3 , +.Xr BN_CTX_start 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_CTX_new +and +.Fn BN_CTX_free +are available in all versions on SSLeay and OpenSSL. +.Fn BN_CTX_init +was added in SSLeay 0.9.1b. diff --git a/lib/libcrypto/man/BN_CTX_start.3 b/lib/libcrypto/man/BN_CTX_start.3 new file mode 100644 index 00000000000..986208ba1a2 --- /dev/null +++ b/lib/libcrypto/man/BN_CTX_start.3 @@ -0,0 +1,85 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_CTX_START 3 +.Os +.Sh NAME +.Nm BN_CTX_start , +.Nm BN_CTX_get , +.Nm BN_CTX_end +.Nd use temporary BIGNUM variables +.Sh SYNOPSIS +.In openssl/bn.h +.Ft void +.Fo BN_CTX_start +.Fa "BN_CTX *ctx" +.Fc +.Ft BIGNUM * +.Fo BN_CTX_get +.Fa "BN_CTX *ctx" +.Fc +.Ft void +.Fo BN_CTX_end +.Fa "BN_CTX *ctx" +.Fc +.Sh DESCRIPTION +These functions are used to obtain temporary +.Vt BIGNUM +variables from a +.Vt BN_CTX +(which can been created by using +.Xr BN_CTX_new 3 ) +in order to save the overhead of repeatedly creating and freeing +.Vt BIGNUM Ns s +in functions that are called from inside a loop. +.Pp +A function must call +.Fn BN_CTX_start +first. +Then, +.Fn BN_CTX_get +may be called repeatedly to obtain temporary +.Vt BIGNUM Ns s. +All +.Fn BN_CTX_get +calls must be made before calling any other functions that use the +.Fa ctx +as an argument. +.Pp +Finally, +.Fn BN_CTX_end +must be called before returning from the function. +When +.Fn BN_CTX_end +is called, the +.Vt BIGNUM +pointers obtained from +.Fn BN_CTX_get +become invalid. +.Sh RETURN VALUES +.Fn BN_CTX_start +and +.Fn BN_CTX_end +return no values. +.Pp +.Fn BN_CTX_get +returns a pointer to the +.Vt BIGNUM , +or +.Dv NULL +on error. +Once +.Fn BN_CTX_get +has failed, the subsequent calls will return +.Dv NULL +as well, so it is sufficient to check the return value of the last +.Fn BN_CTX_get +call. +In case of an error, an error code is set, which can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr BN_CTX_new 3 +.Sh HISTORY +.Fn BN_CTX_start , +.Fn BN_CTX_get , +and +.Fn BN_CTX_end +were added in OpenSSL 0.9.5. diff --git a/lib/libcrypto/man/BN_add.3 b/lib/libcrypto/man/BN_add.3 new file mode 100644 index 00000000000..d41599d8b0f --- /dev/null +++ b/lib/libcrypto/man/BN_add.3 @@ -0,0 +1,352 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_ADD 3 +.Os +.Sh NAME +.Nm BN_add , +.Nm BN_sub , +.Nm BN_mul , +.Nm BN_sqr , +.Nm BN_div , +.Nm BN_mod , +.Nm BN_nnmod , +.Nm BN_mod_add , +.Nm BN_mod_sub , +.Nm BN_mod_mul , +.Nm BN_mod_sqr , +.Nm BN_exp , +.Nm BN_mod_exp , +.Nm BN_gcd +.Nd arithmetic operations on BIGNUMs +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_add +.Fa "BIGNUM *r" +.Fa "const BIGNUM *a" +.Fa "const BIGNUM *b" +.Fc +.Ft int +.Fo BN_sub +.Fa "BIGNUM *r" +.Fa "const BIGNUM *a" +.Fa "const BIGNUM *b" +.Fc +.Ft int +.Fo BN_mul +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_sqr +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_div +.Fa "BIGNUM *dv" +.Fa "BIGNUM *rem" +.Fa "const BIGNUM *a" +.Fa "const BIGNUM *d" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod +.Fa "BIGNUM *rem" +.Fa "const BIGNUM *a" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_nnmod +.Fa "BIGNUM *r" +.Fa "const BIGNUM *a" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod_add +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod_sub +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod_mul +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod_sqr +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_exp +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *p" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod_exp +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "const BIGNUM *p" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_gcd +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "BN_CTX *ctx" +.Fc +.Sh DESCRIPTION +.Fn BN_add +adds +.Fa a +and +.Fa b +and places the result in +.Fa r +.Pq Li r=a+b . +.Fa r +may be the same +.Vt BIGNUM +as +.Fa a +or +.Fa b . +.Pp +.Fn BN_sub +subtracts +.Fa b +from +.Fa a +and places the result in +.Fa r +.Pq Li r=a-b . +.Pp +.Fn BN_mul +multiplies +.Fa a +and +.Fa b +and places the result in +.Fa r +.Pq Li r=a*b . +.Fa r +may be the same +.Vt BIGNUM +as +.Fa a +or +.Fa b . +For multiplication by powers of 2, use +.Xr BN_lshift 3 . +.Pp +.Fn BN_sqr +takes the square of +.Fa a +and places the result in +.Fa r +.Pq Li r=a^2 . +.Fa r +and +.Fa a +may be the same +.Vt BIGNUM . +This function is faster than +.Fn BN_mul r a a . +.Pp +.Fn BN_div +divides +.Fa a +by +.Fa d +and places the result in +.Fa dv +and the remainder in +.Fa rem +.Pq Li dv=a/d , rem=a%d . +Either of +.Fa dv +and +.Fa rem +may be +.Dv NULL , +in which case the respective value is not returned. +The result is rounded towards zero; thus if +.Fa a +is negative, the remainder will be zero or negative. +For division by powers of 2, use +.Fn BN_rshift 3 . +.Pp +.Fn BN_mod +corresponds to +.Fn BN_div +with +.Fa dv +set to +.Dv NULL . +.Pp +.Fn BN_nnmod +reduces +.Fa a +modulo +.Fa m +and places the non-negative remainder in +.Fa r . +.Pp +.Fn BN_mod_add +adds +.Fa a +to +.Fa b +modulo +.Fa m +and places the non-negative result in +.Fa r . +.Pp +.Fn BN_mod_sub +subtracts +.Fa b +from +.Fa a +modulo +.Fa m +and places the non-negative result in +.Fa r . +.Pp +.Fn BN_mod_mul +multiplies +.Fa a +by +.Fa b +and finds the non-negative remainder respective to modulus +.Fa m +.Pq Li r=(a*b)%m . +.Fa r +may be the same +.Vt BIGNUM +as +.Fa a +or +.Fa b . +For more efficient algorithms for repeated computations using the same +modulus, see +.Xr BN_mod_mul_montgomery 3 +and +.Xr BN_mod_mul_reciprocal 3 . +.Pp +.Fn BN_mod_sqr +takes the square of +.Fa a +modulo +.Fa m +and places the result in +.Fa r . +.Pp +.Fn BN_exp +raises +.Fa a +to the +.Fa p Ns -th +power and places the result in +.Fa r +.Pq Li r=a^p . +This function is faster than repeated applications of +.Fn BN_mul . +.Pp +.Fn BN_mod_exp +computes +.Fa a +to the +.Fa p Ns -th +power modulo +.Fa m +.Pq Li r=(a^p)%m . +This function uses less time and space than +.Fn BN_exp . +.Pp +.Fn BN_gcd +computes the greatest common divisor of +.Fa a +and +.Fa b +and places the result in +.Fa r . +.Fa r +may be the same +.Vt BIGNUM +as +.Fa a +or +.Fa b . +.Pp +For all functions, +.Fa ctx +is a previously allocated +.Vt BN_CTX +used for temporary variables; see +.Xr BN_CTX_new 3 . +.Pp +Unless noted otherwise, the result +.Vt BIGNUM +must be different from the arguments. +.Sh RETURN VALUES +For all functions, 1 is returned for success, 0 on error. +The return value should always be checked, for example: +.Pp +.Dl if (!BN_add(r,a,b)) goto err; +.Pp +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add_word 3 , +.Xr BN_CTX_new 3 , +.Xr BN_set_bit 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_add , +.Fn BN_sub , +.Fn BN_sqr , +.Fn BN_div , +.Fn BN_mod , +.Fn BN_mod_mul , +.Fn BN_mod_exp , +and +.Fn BN_gcd +are available in all versions of SSLeay and OpenSSL. +The +.Fa ctx +argument to +.Fn BN_mul +was added in SSLeay 0.9.1b. +.Fn BN_exp +appeared in SSLeay 0.9.0. +.Fn BN_nnmod , +.Fn BN_mod_add , +.Fn BN_mod_sub , +and +.Fn BN_mod_sqr +were added in OpenSSL 0.9.7. diff --git a/lib/libcrypto/man/BN_add_word.3 b/lib/libcrypto/man/BN_add_word.3 new file mode 100644 index 00000000000..930aae4d320 --- /dev/null +++ b/lib/libcrypto/man/BN_add_word.3 @@ -0,0 +1,123 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_ADD_WORD 3 +.Os +.Sh NAME +.Nm BN_add_word , +.Nm BN_sub_word , +.Nm BN_mul_word , +.Nm BN_div_word , +.Nm BN_mod_word +.Nd arithmetic functions on BIGNUMs with integers +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_add_word +.Fa "BIGNUM *a" +.Fa "BN_ULONG w" +.Fc +.Ft int +.Fo BN_sub_word +.Fa "BIGNUM *a" +.Fa "BN_ULONG w" +.Fc +.Ft int +.Fo BN_mul_word +.Fa "BIGNUM *a" +.Fa "BN_ULONG w" +.Fc +.Ft BN_ULONG +.Fo BN_div_word +.Fa "BIGNUM *a" +.Fa "BN_ULONG w" +.Fc +.Ft BN_ULONG +.Fo BN_mod_word +.Fa "const BIGNUM *a" +.Fa "BN_ULONG w" +.Fc +.Sh DESCRIPTION +These functions perform arithmetic operations on BIGNUMs with unsigned +integers. +They are much more efficient than the normal BIGNUM arithmetic +operations. +.Pp +.Fn BN_add_word +adds +.Fa w +to +.Fa a +.Pq Li a+=w . +.Pp +.Fn BN_sub_word +subtracts +.Fa w +from +.Fa a +.Pq Li a-=w . +.Pp +.Fn BN_mul_word +multiplies +.Fa a +and +.Fa w +.Pq Li a*=w . +.Pp +.Fn BN_div_word +divides +.Fa a +by +.Fa w +.Pq Li a/=w +and returns the remainder. +.Pp +.Fn BN_mod_word +returns the remainder of +.Fa a +divided by +.Fa w +.Pq Li a%w . +.Pp +For +.Fn BN_div_word +and +.Fn BN_mod_word , +.Fa w +must not be 0. +.Sh RETURN VALUES +.Fn BN_add_word , +.Fn BN_sub_word , +and +.Fn BN_mul_word +return 1 for success, 0 on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Pp +.Fn BN_mod_word +and +.Fn BN_div_word +return +.Fa a Ns % Ns Fa w +on success and +.Pq Vt BN_ULONG Ns -1 +if an error occurred. +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_add_word +and +.Fn BN_mod_word +are available in all versions of SSLeay and OpenSSL. +.Fn BN_div_word +was added in SSLeay 0.8, and +.Fn BN_sub_word +and +.Fn BN_mul_word +in SSLeay 0.9.0. +.Pp +Before 0.9.8a, the return value for +.Fn BN_div_word +and +.Fn BN_mod_word +in case of an error was 0. diff --git a/lib/libcrypto/man/BN_bn2bin.3 b/lib/libcrypto/man/BN_bn2bin.3 new file mode 100644 index 00000000000..02d6b2c8b83 --- /dev/null +++ b/lib/libcrypto/man/BN_bn2bin.3 @@ -0,0 +1,237 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_BN2BIN 3 +.Os +.Sh NAME +.Nm BN_bn2bin , +.Nm BN_bin2bn , +.Nm BN_bn2hex , +.Nm BN_bn2dec , +.Nm BN_hex2bn , +.Nm BN_dec2bn , +.Nm BN_print , +.Nm BN_print_fp , +.Nm BN_bn2mpi , +.Nm BN_mpi2bn +.Nd format conversions +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_bn2bin +.Fa "const BIGNUM *a" +.Fa "unsigned char *to" +.Fc +.Ft BIGNUM * +.Fo BN_bin2bn +.Fa "const unsigned char *s" +.Fa "int len" +.Fa "BIGNUM *ret" +.Fc +.Ft char * +.Fo BN_bn2hex +.Fa "const BIGNUM *a" +.Fc +.Ft char * +.Fo BN_bn2dec +.Fa "const BIGNUM *a" +.Fc +.Ft int +.Fo BN_hex2bn +.Fa "BIGNUM **a" +.Fa "const char *str" +.Fc +.Ft int +.Fo BN_dec2bn +.Fa "BIGNUM **a" +.Fa "const char *str" +.Fc +.Ft int +.Fo BN_print +.Fa "BIO *fp" +.Fa "const BIGNUM *a" +.Fc +.Ft int +.Fo BN_print_fp +.Fa "FILE *fp" +.Fa "const BIGNUM *a" +.Fc +.Ft int +.Fo BN_bn2mpi +.Fa "const BIGNUM *a" +.Fa "unsigned char *to" +.Fc +.Ft BIGNUM * +.Fo BN_mpi2bn +.Fa "unsigned char *s" +.Fa "int len" +.Fa "BIGNUM *ret" +.Fc +.Sh DESCRIPTION +.Fn BN_bn2bin +converts the absolute value of +.Fa a +into big-endian form and stores it at +.Fa to . +.Fa to +must point to +.Fn BN_num_bytes a +bytes of memory. +.Pp +.Fn BN_bin2bn +converts the positive integer in big-endian form of length +.Fa len +at +.Fa s +into a +.Vt BIGNUM +and places it in +.Fa ret . +If +.Fa ret +is +.Dv NULL , +a new +.Vt BIGNUM +is created. +.Pp +.Fn BN_bn2hex +and +.Fn BN_bn2dec +return printable strings containing the hexadecimal and decimal encoding of +.Fa a +respectively. +For negative numbers, the string is prefaced with a leading minus sign. +The string must be freed later using +.Xr free 3 . +.Pp +.Fn BN_hex2bn +converts the string +.Fa str +containing a hexadecimal number to a +.Vt BIGNUM +and stores it in +.Pf * Fa a . +If +.Pf * Fa a +is +.Dv NULL , +a new +.Vt BIGNUM +is created. +If +.Fa a +is +.Dv NULL , +it only computes the number's length in hexadecimal digits. +If the string starts with a minus sign, the number is negative. +.Fn BN_dec2bn +is the same using the decimal system. +.Pp +.Fn BN_print +and +.Fn BN_print_fp +write the hexadecimal encoding of +.Fa a , +with a leading minus sign for negative numbers, to the +.Vt BIO +or +.Vt FILE +.Fa fp . +.Pp +.Fn BN_bn2mpi +and +.Fn BN_mpi2bn +convert +.Vt BIGNUM Ns s +from and to a format that consists of the number's length in bytes +represented as a 4-byte big-endian number, and the number itself in +big-endian format, where the most significant bit signals a negative +number (the representation of numbers with the MSB set is prefixed with +a NUL byte). +.Pp +.Fn BN_bn2mpi +stores the representation of +.Fa a +at +.Fa to , +where +.Fa to +must be large enough to hold the result. +The size can be determined by calling +.Fn BN_bn2mpi a , NULL . +.Pp +.Fn BN_mpi2bn +converts the +.Fa len +bytes long representation at +.Fa s +to a +.Vt BIGNUM +and stores it at +.Fa ret , +or in a newly allocated +.Vt BIGNUM +if +.Fa ret +is +.Dv NULL . +.Sh RETURN VALUES +.Fn BN_bn2bin +returns the length of the big-endian number placed at +.Fa to . +.Fn BN_bin2bn +returns the +.Vt BIGNUM , +or +.Dv NULL +on error. +.Pp +.Fn BN_bn2hex +and +.Fn BN_bn2dec +return a NUL-terminated string, or +.Dv NULL +on error. +.Fn BN_hex2bn +and +.Fn BN_dec2bn +return the number's length in hexadecimal or decimal digits, and 0 on +error. +.Pp +.Fn BN_print_fp +and +.Fn BN_print +return 1 on success, 0 on write errors. +.Pp +.Fn BN_bn2mpi +returns the length of the representation. +.Fn BN_mpi2bn +returns the +.Vt BIGNUM , +or +.Dv NULL +on error. +.Pp +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr ASN1_INTEGER_to_BN 3 , +.Xr bn 3 , +.Xr BN_num_bytes 3 , +.Xr BN_zero 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_bn2bin , +.Fn BN_bin2bn , +.Fn BN_print_fp , +and +.Fn BN_print +are available in all versions of SSLeay and OpenSSL. +.Pp +.Fn BN_bn2hex , +.Fn BN_bn2dec , +.Fn BN_hex2bn , +.Fn BN_dec2bn , +.Fn BN_bn2mpi , +and +.Fn BN_mpi2bn +were added in SSLeay 0.9.0. diff --git a/lib/libcrypto/man/BN_cmp.3 b/lib/libcrypto/man/BN_cmp.3 new file mode 100644 index 00000000000..b0a03b25ced --- /dev/null +++ b/lib/libcrypto/man/BN_cmp.3 @@ -0,0 +1,99 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_CMP 3 +.Os +.Sh NAME +.Nm BN_cmp , +.Nm BN_ucmp , +.Nm BN_is_zero , +.Nm BN_is_one , +.Nm BN_is_word , +.Nm BN_is_odd +.Nd BIGNUM comparison and test functions +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_cmp +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fc +.Ft int +.Fo BN_ucmp +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fc +.Ft int +.Fo BN_is_zero +.Fa "BIGNUM *a" +.Fc +.Ft int +.Fo BN_is_one +.Fa "BIGNUM *a" +.Fc +.Ft int +.Fo BN_is_word +.Fa "BIGNUM *a" +.Fa "BN_ULONG w" +.Fc +.Ft int +.Fo BN_is_odd +.Fa "BIGNUM *a" +.Fc +.Sh DESCRIPTION +.Fn BN_cmp +compares the numbers +.Fa a +and +.Fa b . +.Fn BN_ucmp +compares their absolute values. +.Pp +.Fn BN_is_zero , +.Fn BN_is_one +and +.Fn BN_is_word +test if +.Fa a +equals 0, 1, or +.Fa w +respectively. +.Fn BN_is_odd +tests if a is odd. +.Pp +.Fn BN_is_zero , +.Fn BN_is_one , +.Fn BN_is_word , +and +.Fn BN_is_odd +are macros. +.Sh RETURN VALUES +.Fn BN_cmp +returns -1 if +.Fa a Ns < Ns Fa b , +0 if +.Fa a Ns == Ns Fa b , +and 1 if +.Fa a Ns > Ns Fa b . +.Fn BN_ucmp +is the same using the absolute values of +.Fa a +and +.Fa b . +.Pp +.Fn BN_is_zero , +.Fn BN_is_one , +.Fn BN_is_word , +and +.Fn BN_is_odd +return 1 if the condition is true, 0 otherwise. +.Sh SEE ALSO +.Xr bn 3 +.Sh HISTORY +.Fn BN_cmp , +.Fn BN_ucmp , +.Fn BN_is_zero , +.Fn BN_is_one +and +.Fn BN_is_word +are available in all versions of SSLeay and OpenSSL. +.Fn BN_is_odd +was added in SSLeay 0.8. diff --git a/lib/libcrypto/man/BN_copy.3 b/lib/libcrypto/man/BN_copy.3 new file mode 100644 index 00000000000..765e46c01c8 --- /dev/null +++ b/lib/libcrypto/man/BN_copy.3 @@ -0,0 +1,52 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_COPY 3 +.Os +.Sh NAME +.Nm BN_copy , +.Nm BN_dup +.Nd copy BIGNUMs +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BIGNUM * +.Fo BN_copy +.Fa "BIGNUM *to" +.Fa "const BIGNUM *from" +.Fc +.Ft BIGNUM * +.Fo BN_dup +.Fa "const BIGNUM *from" +.Fc +.Sh DESCRIPTION +.Fn BN_copy +copies +.Fa from +to +.Fa to . +.Fn BN_dup +creates a new +.Vt BIGNUM +containing the value +.Fa from . +.Sh RETURN VALUES +.Fn BN_copy +returns +.Fa to +on success, +.Dv NULL +on error. +.Fn BN_dup +returns the new +.Vt BIGNUM , +or +.Dv NULL +on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_copy +and +.Fn BN_dup +are available in all versions of SSLeay and OpenSSL. diff --git a/lib/libcrypto/man/BN_generate_prime.3 b/lib/libcrypto/man/BN_generate_prime.3 new file mode 100644 index 00000000000..e269571914a --- /dev/null +++ b/lib/libcrypto/man/BN_generate_prime.3 @@ -0,0 +1,289 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_GENERATE_PRIME 3 +.Os +.Sh NAME +.Nm BN_generate_prime_ex , +.Nm BN_is_prime_ex , +.Nm BN_is_prime_fasttest_ex , +.Nm BN_GENCB_call , +.Nm BN_GENCB_set_old , +.Nm BN_GENCB_set , +.Nm BN_generate_prime , +.Nm BN_is_prime , +.Nm BN_is_prime_fasttest +.Nd generate primes and test for primality +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_generate_prime_ex +.Fa "BIGNUM *ret" +.Fa "int bits" +.Fa "int safe" +.Fa "const BIGNUM *add" +.Fa "const BIGNUM *rem" +.Fa "BN_GENCB *cb" +.Fc +.Ft int +.Fo BN_is_prime_ex +.Fa "const BIGNUM *p" +.Fa "int nchecks" +.Fa "BN_CTX *ctx" +.Fa "BN_GENCB *cb" +.Fc +.Ft int +.Fo BN_is_prime_fasttest_ex +.Fa "const BIGNUM *p" +.Fa "int nchecks" +.Fa "BN_CTX *ctx" +.Fa "int do_trial_division" +.Fa "BN_GENCB *cb" +.Fc +.Ft int +.Fo BN_GENCB_call +.Fa "BN_GENCB *cb" +.Fa "int a" +.Fa "int b" +.Fc +.Fd #define BN_GENCB_set_old(gencb, callback, cb_arg) ... +.Fd #define BN_GENCB_set(gencb, callback, cb_arg) ... +.Pp +Deprecated: +.Pp +.Ft BIGNUM * +.Fo BN_generate_prime +.Fa "BIGNUM *ret" +.Fa "int num" +.Fa "int safe" +.Fa "BIGNUM *add" +.Fa "BIGNUM *rem" +.Fa "void (*callback)(int, int, void *)" +.Fa "void *cb_arg" +.Fc +.Ft int +.Fo BN_is_prime +.Fa "const BIGNUM *a" +.Fa "int checks" +.Fa "void (*callback)(int, int, void *)" +.Fa "BN_CTX *ctx" +.Fa "void *cb_arg" +.Fc +.Ft int +.Fo BN_is_prime_fasttest +.Fa "const BIGNUM *a" +.Fa "int checks" +.Fa "void (*callback)(int, int, void *)" +.Fa "BN_CTX *ctx" +.Fa "void *cb_arg" +.Fa "int do_trial_division" +.Fc +.Sh DESCRIPTION +.Fn BN_generate_prime_ex +generates a pseudo-random prime number of bit length +.Fa bits . +If +.Fa ret +is not +.Dv NULL , +it will be used to store the number. +.Pp +If +.Fa cb +is not +.Dv NULL , +it is used as follows: +.Bl -bullet +.It +.Fn BN_GENCB_call cb 0 i +is called after generating the i-th potential prime number. +.It +While the number is being tested for primality, +.Fn BN_GENCB_call cb 1 j +is called as described below. +.It +When a prime has been found, +.Fn BN_GENCB_call cb 2 i +is called. +.El +.Pp +The prime may have to fulfill additional requirements for use in +Diffie-Hellman key exchange: +.Pp +If +.Fa add +is not +.Dv NULL , +the prime will fulfill the condition p % +.Fa add +== +.Fa rem +(p % +.Fa add +== 1 if +.Fa rem +== +.Dv NULL ) +in order to suit a given generator. +.Pp +If +.Fa safe +is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 +is also prime). +.Pp +The prime number generation has a negligible error probability. +.Pp +.Fn BN_is_prime_ex +and +.Fn BN_is_prime_fasttest_ex +test if the number +.Fa p +is prime. +The following tests are performed until one of them shows that +.Fa p +is composite; if +.Fa p +passes all these tests, it is considered prime. +.Pp +.Fn BN_is_prime_fasttest_ex , +when called with +.Fa do_trial_division +== 1, first attempts trial division by a number of small primes; +if no divisors are found by this test and +.Fa cb +is not +.Dv NULL , +.Sy BN_GENCB_call(cb, 1, -1) +is called. +If +.Fa do_trial_division +== 0, this test is skipped. +.Pp +Both +.Fn BN_is_prime_ex +and +.Fn BN_is_prime_fasttest_ex +perform a Miller-Rabin probabilistic primality test with +.Fa nchecks +iterations. +If +.Fa nchecks +== +.Dv BN_prime_checks , +a number of iterations is used that yields a false positive rate of at +most 2^-80 for random input. +.Pp +If +.Fa cb +is not +.Dv NULL , +.Fa BN_GENCB_call cb 1 j +is called after the j-th iteration (j = 0, 1, ...). +.Fa ctx +is a pre-allocated +.Vt BN_CTX +(to save the overhead of allocating and freeing the structure in a +loop), or +.Dv NULL . +.Pp +.Fn BN_GENCB_call +calls the callback function held in the +.Vt BN_GENCB +structure and passes the ints +.Fa a +and +.Fa b +as arguments. +There are two types of +.Vt BN_GENCB +structures that are supported: "new" style and "old" style. +New programs should prefer the "new" style, whilst the "old" style is +provided for backwards compatibility purposes. +.Pp +For "new" style callbacks a +.Vt BN_GENCB +structure should be initialised with a call to +.Fn BN_GENCB_set , +where +.Fa gencb +is a +.Vt BN_GENCB * , +.Fa callback +is of type +.Vt int (*callback)(int, int, BN_GENCB *) +and +.Fa cb_arg +is a +.Vt void * . +"Old" style callbacks are the same except they are initialised with a +call to +.Fn BN_GENCB_set_old +and +.Fa callback +is of type +.Vt void (*callback)(int, int, void *) . +.Pp +A callback is invoked through a call to +.Fn BN_GENCB_call . +This will check the type of the callback and will invoke +.Fn callback a b gencb +for new style callbacks or +.Fn callback a b cb_arg +for old style. +.Pp +.Fn BN_generate_prime +(deprecated) works in the same way as +.Fn BN_generate_prime_ex +but expects an old style callback function directly in the +.Fa callback +parameter, and an argument to pass to it in the +.Fa cb_arg . +Similarly +.Fn BN_is_prime +and +.Fn BN_is_prime_fasttest +are deprecated and can be compared to +.Fn BN_is_prime_ex +and +.Fn BN_is_prime_fasttest_ex +respectively. +.Sh RETURN VALUES +.Fn BN_generate_prime_ex +returns 1 on success or 0 on error. +.Pp +.Fn BN_is_prime_ex , +.Fn BN_is_prime_fasttest_ex , +.Fn BN_is_prime , +and +.Fn BN_is_prime_fasttest +return 0 if the number is composite, 1 if it is prime with an error +probability of less than +.Pf 0.25^ Fa nchecks , +and -1 on error. +.Pp +.Fn BN_generate_prime +returns the prime number on success, +.Dv NULL +otherwise. +.Pp +Callback functions should return 1 on success or 0 on error. +.Pp +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr ERR_get_error 3 , +.Xr rand 3 +.Sh HISTORY +The +.Fa cb_arg +arguments to +.Fn BN_generate_prime +and to +.Fn BN_is_prime +were added in SSLeay 0.9.0. +The +.Fa ret +argument to +.Fn BN_generate_prime +was added in SSLeay 0.9.1. +.Fn BN_is_prime_fasttest +was added in OpenSSL 0.9.5. diff --git a/lib/libcrypto/man/BN_mod_inverse.3 b/lib/libcrypto/man/BN_mod_inverse.3 new file mode 100644 index 00000000000..db63269fb85 --- /dev/null +++ b/lib/libcrypto/man/BN_mod_inverse.3 @@ -0,0 +1,59 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_MOD_INVERSE 3 +.Os +.Sh NAME +.Nm BN_mod_inverse +.Nd compute inverse modulo n +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BIGNUM * +.Fo BN_mod_inverse +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "const BIGNUM *n" +.Fa "BN_CTX *ctx" +.Fc +.Sh DESCRIPTION +.Fn BN_mod_inverse +computes the inverse of +.Fa a +modulo +.Fa n +add places the result in +.Fa r +.Pq Li (a*r)%n==1 . +If +.Fa r +is +.Dv NULL , +a new +.Vt BIGNUM +is created. +.Pp +.Fa ctx +is a previously allocated +.Vt BN_CTX +used for temporary variables. +.Fa r +may be the same +.Vt BIGNUM +as +.Fa a +or +.Fa n . +.Sh RETURN VALUES +.Fn BN_mod_inverse +returns the +.Vt BIGNUM +containing the inverse, or +.Dv NULL +on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_mod_inverse +is available in all versions of SSLeay and OpenSSL. diff --git a/lib/libcrypto/man/BN_mod_mul_montgomery.3 b/lib/libcrypto/man/BN_mod_mul_montgomery.3 new file mode 100644 index 00000000000..ac120f3c02b --- /dev/null +++ b/lib/libcrypto/man/BN_mod_mul_montgomery.3 @@ -0,0 +1,181 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_MOD_MUL_MONTGOMERY 3 +.Os +.Sh NAME +.Nm BN_mod_mul_montgomery , +.Nm BN_MONT_CTX_new , +.Nm BN_MONT_CTX_init , +.Nm BN_MONT_CTX_free , +.Nm BN_MONT_CTX_set , +.Nm BN_MONT_CTX_copy , +.Nm BN_from_montgomery , +.Nm BN_to_montgomery +.Nd Montgomery multiplication +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BN_MONT_CTX * +.Fo BN_MONT_CTX_new +.Fa void +.Fc +.Ft void +.Fo BN_MONT_CTX_init +.Fa "BN_MONT_CTX *ctx" +.Fc +.Ft void +.Fo BN_MONT_CTX_free +.Fa "BN_MONT_CTX *mont" +.Fc +.Ft int +.Fo BN_MONT_CTX_set +.Fa "BN_MONT_CTX *mont" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft BN_MONT_CTX * +.Fo BN_MONT_CTX_copy +.Fa "BN_MONT_CTX *to" +.Fa "BN_MONT_CTX *from" +.Fc +.Ft int +.Fo BN_mod_mul_montgomery +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "BN_MONT_CTX *mont" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_from_montgomery +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BN_MONT_CTX *mont" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_to_montgomery +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BN_MONT_CTX *mont" +.Fa "BN_CTX *ctx" +.Fc +.Sh DESCRIPTION +These functions implement Montgomery multiplication. +They are used automatically when +.Xr BN_mod_exp 3 +is called with suitable input, but they may be useful when several +operations are to be performed using the same modulus. +.Pp +.Fn BN_MONT_CTX_new +allocates and initializes a +.Vt BN_MONT_CTX +structure. +.Fn BN_MONT_CTX_init +initializes an existing uninitialized +.Vt BN_MONT_CTX . +.Pp +.Fn BN_MONT_CTX_set +sets up the +.Fa mont +structure from the modulus +.Fa m +by precomputing its inverse and a value R. +.Pp +.Fn BN_MONT_CTX_copy +copies the +.Vt BN_MONT_CTX +.Fa from +to +.Fa to . +.Pp +.Fn BN_MONT_CTX_free +frees the components of the +.Vt BN_MONT_CTX , +and, if it was created by +.Fn BN_MONT_CTX_new , +also the structure itself. +.Pp +.Fn BN_mod_mul_montgomery +computes +.Pp +.D1 Mont Ns Po Fa a , Fa b Pc := Fa a No * Fa b No * R^-1 +.Pp +and places the result in +.Fa r . +.Pp +.Fn BN_from_montgomery +performs the Montgomery reduction +.Pp +.D1 Fa r No = Fa a No * R^-1. +.Pp +.Fn BN_to_montgomery +computes +.Pp +.D1 Mont Ns Po Fa a , No R^2 Pc = Fa a No * R . +.Pp +Note that +.Fa a +must be non-negative and smaller than the modulus. +.Pp +For all functions, +.Fa ctx +is a previously allocated +.Vt BN_CTX +used for temporary variables. +.Pp +The +.Vt BN_MONT_CTX +structure is defined as follows: +.Bd -literal +typedef struct bn_mont_ctx_st { + int ri; /* number of bits in R */ + BIGNUM RR; /* R^2 (used to convert to Montgomery form) */ + BIGNUM N; /* The modulus */ + BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 + * (Ni is only stored for bignum algorithm) */ + BN_ULONG n0; /* least significant word of Ni */ + int flags; +} BN_MONT_CTX; +.Ed +.Pp +.Fn BN_to_montgomery +is a macro. +.Pp +.Sy Warning: +The inputs must be reduced modulo +.Fa m , +otherwise the result will be outside the expected range. +.Sh RETURN VALUES +.Fn BN_MONT_CTX_new +returns the newly allocated +.Vt BN_MONT_CTX , +and +.Dv NULL +on error. +.Pp +.Fn BN_MONT_CTX_init +and +.Fn BN_MONT_CTX_free +return no values. +.Pp +For the other functions, 1 is returned for success, 0 on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add 3 , +.Xr BN_CTX_new 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_MONT_CTX_new , +.Fn BN_MONT_CTX_free , +.Fn BN_MONT_CTX_set , +.Fn BN_mod_mul_montgomery , +.Fn BN_from_montgomery +and +.Fn BN_to_montgomery +are available in all versions of SSLeay and OpenSSL. +.Pp +.Fn BN_MONT_CTX_init +and +.Fn BN_MONT_CTX_copy +were added in SSLeay 0.9.1b. diff --git a/lib/libcrypto/man/BN_mod_mul_reciprocal.3 b/lib/libcrypto/man/BN_mod_mul_reciprocal.3 new file mode 100644 index 00000000000..ceb1ffae5b0 --- /dev/null +++ b/lib/libcrypto/man/BN_mod_mul_reciprocal.3 @@ -0,0 +1,147 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_MOD_MUL_RECIPROCAL 3 +.Os +.Sh NAME +.Nm BN_mod_mul_reciprocal , +.Nm BN_div_recp , +.Nm BN_RECP_CTX_new , +.Nm BN_RECP_CTX_init , +.Nm BN_RECP_CTX_free , +.Nm BN_RECP_CTX_set +.Nd modular multiplication using reciprocal +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BN_RECP_CTX * +.Fo BN_RECP_CTX_new +.Fa void +.Fc +.Ft void +.Fo BN_RECP_CTX_init +.Fa "BN_RECP_CTX *recp" +.Fc +.Ft void +.Fo BN_RECP_CTX_free +.Fa "BN_RECP_CTX *recp" +.Fc +.Ft int +.Fo BN_RECP_CTX_set +.Fa "BN_RECP_CTX *recp" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_div_recp +.Fa "BIGNUM *dv" +.Fa "BIGNUM *rem" +.Fa "BIGNUM *a" +.Fa "BN_RECP_CTX *recp" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod_mul_reciprocal +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "BN_RECP_CTX *recp" +.Fa "BN_CTX *ctx" +.Fc +.Sh DESCRIPTION +.Fn BN_mod_mul_reciprocal +can be used to perform an efficient +.Xr BN_mod_mul 3 +operation when the operation will be performed repeatedly with the same +modulus. +It computes +.Fa r Ns =( Ns Fa a Ns * Ns Fa b Ns )% Ns Fa m +using +.Fa recp Ns =1/ Ns Fa m , +which is set as described below. +.Fa ctx +is a previously allocated +.Vt BN_CTX +used for temporary variables. +.Pp +.Fn BN_RECP_CTX_new +allocates and initializes a +.Vt BN_RECP_CTX +structure. +.Fn BN_RECP_CTX_init +initializes an existing uninitialized +.Vt BN_RECP_CTX . +.Pp +.Fn BN_RECP_CTX_free +frees the components of the +.Vt BN_RECP_CTX , +and, if it was created by +.Fn BN_RECP_CTX_new , +also the structure itself. +.Pp +.Fn BN_RECP_CTX_set +stores +.Fa m +in +.Fa recp +and sets it up for computing +.Pf 1/ Fa m +and shifting it left by +.Fn BN_num_bits m Ns +1 +to make it an integer. +The result and the number of bits it was shifted left will later be +stored in +.Fa recp . +.Pp +.Fn BN_div_recp +divides +.Fa a +by +.Fa m +using +.Fa recp . +It places the quotient in +.Fa dv +and the remainder in +.Fa rem . +.Pp +The +.Vt BN_RECP_CTX +structure is defined as follows: +.Bd -literal +typedef struct bn_recp_ctx_st { + BIGNUM N; /* the divisor */ + BIGNUM Nr; /* the reciprocal */ + int num_bits; + int shift; + int flags; +} BN_RECP_CTX; +.Ed +.Pp +It cannot be shared between threads. +.Sh RETURN VALUES +.Fn BN_RECP_CTX_new +returns the newly allocated +.Vt BN_RECP_CTX , +or +.Dv NULL +on error. +.Pp +.Fn BN_RECP_CTX_init +and +.Fn BN_RECP_CTX_free +return no values. +.Pp +For the other functions, 1 is returned for success, 0 on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add 3 , +.Xr BN_CTX_new 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Vt BN_RECP_CTX +was added in SSLeay 0.9.0. +Before that, a function +.Fn BN_reciprocal +was used instead, and the +.Fn BN_mod_mul_reciprocal +arguments were different. diff --git a/lib/libcrypto/man/BN_new.3 b/lib/libcrypto/man/BN_new.3 new file mode 100644 index 00000000000..ad8ce886d93 --- /dev/null +++ b/lib/libcrypto/man/BN_new.3 @@ -0,0 +1,84 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_NEW 3 +.Os +.Sh NAME +.Nm BN_new , +.Nm BN_init , +.Nm BN_clear , +.Nm BN_free , +.Nm BN_clear_free +.Nd allocate and free BIGNUMs +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BIGNUM * +.Fo BN_new +.Fa void +.Fc +.Ft void +.Fo BN_init +.Fa "BIGNUM *" +.Fc +.Ft void +.Fo BN_clear +.Fa "BIGNUM *a" +.Fc +.Ft void +.Fo BN_free +.Fa "BIGNUM *a" +.Fc +.Ft void +.Fo BN_clear_free +.Fa "BIGNUM *a" +.Fc +.Sh DESCRIPTION +.Fn BN_new +allocates and initializes a +.Vt BIGNUM +structure. +.Fn BN_init +initializes an existing uninitialized +.Vt BIGNUM . +.Pp +.Fn BN_clear +is used to destroy sensitive data such as keys when they are no longer +needed. +It erases the memory used by +.Fa a +and sets it to the value 0. +.Pp +.Fn BN_free +frees the components of the +.Vt BIGNUM , +and if it was created by +.Fn BN_new , +also the structure itself. +.Fn BN_clear_free +additionally overwrites the data before the memory is returned to the +system. +.Sh RETURN VALUES +.Fn BN_new +returns a pointer to the +.Vt BIGNUM . +If the allocation fails, it returns +.Dv NULL +and sets an error code that can be obtained by +.Xr ERR_get_error 3 . +.Pp +.Fn BN_init , +.Fn BN_clear , +.Fn BN_free , +and +.Fn BN_clear_free +return no values. +.Sh SEE ALSO +.Xr bn 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_new , +.Fn BN_clear , +.Fn BN_free , +and +.Fn BN_clear_free +are available in all versions on SSLeay and OpenSSL. +.Fn BN_init +was added in SSLeay 0.9.1b. diff --git a/lib/libcrypto/man/BN_num_bytes.3 b/lib/libcrypto/man/BN_num_bytes.3 new file mode 100644 index 00000000000..2d7be7e4438 --- /dev/null +++ b/lib/libcrypto/man/BN_num_bytes.3 @@ -0,0 +1,76 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_NUM_BYTES 3 +.Os +.Sh NAME +.Nm BN_num_bits , +.Nm BN_num_bytes , +.Nm BN_num_bits_word +.Nd get BIGNUM size +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_num_bytes +.Fa "const BIGNUM *a" +.Fc +.Ft int +.Fo BN_num_bits +.Fa "const BIGNUM *a" +.Fc +.Ft int +.Fo BN_num_bits_word +.Fa "BN_ULONG w" +.Fc +.Sh DESCRIPTION +.Fn BN_num_bytes +returns the size of a +.Sy BIGNUM +in bytes. +.Pp +.Fn BN_num_bits_word +returns the number of significant bits in a word. +If we take 0x00000432 as an example, it returns 11, not 16, not 32. +Basically, except for a zero, it returns +.Pp +.D1 floor(log2( Ns Fa w ) ) No + 1 . +.Pp +.Fn BN_num_bits +returns the number of significant bits in a +.Sy BIGNUM , +following the same principle as +.Fn BN_num_bits_word . +.Pp +.Fn BN_num_bytes +is a macro. +.Sh RETURN VALUES +The size. +.Sh NOTES +Some have tried using +.Fn BN_num_bits +on individual numbers in RSA keys, DH keys and DSA keys, and found that +they don't always come up with the number of bits they expected +(something like 512, 1024, 2048, ...). This is because generating a +number with some specific number of bits doesn't always set the highest +bits, thereby making the number of +.Em significant +bits a little lower. +If you want to know the "key size" of such a key, either use functions +like +.Xr RSA_size 3 , +.Xr DH_size 3 , +and +.Xr DSA_size 3 , +or use +.Fn BN_num_bytes +and multiply with 8 (although there's no real guarantee that will match +the "key size", just a lot more probability). +.Sh SEE ALSO +.Xr bn 3 , +.Xr DH_size 3 , +.Xr DSA_size 3 , +.Xr RSA_size 3 +.Sh HISTORY +.Fn BN_num_bytes , +.Fn BN_num_bits , +and +.Fn BN_num_bits_word +are available in all versions of SSLeay and OpenSSL. diff --git a/lib/libcrypto/man/BN_rand.3 b/lib/libcrypto/man/BN_rand.3 new file mode 100644 index 00000000000..5ae9e9d7913 --- /dev/null +++ b/lib/libcrypto/man/BN_rand.3 @@ -0,0 +1,93 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_RAND 3 +.Os +.Sh NAME +.Nm BN_rand , +.Nm BN_pseudo_rand , +.Nm BN_rand_range , +.Nm BN_pseudo_rand_range +.Nd generate pseudo-random number +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_rand +.Fa "BIGNUM *rnd" +.Fa "int bits" +.Fa "int top" +.Fa "int bottom" +.Fc +.Ft int +.Fo BN_pseudo_rand +.Fa "BIGNUM *rnd" +.Fa "int bits" +.Fa "int top" +.Fa "int bottom" +.Fc +.Ft int +.Fo BN_rand_range +.Fa "BIGNUM *rnd" +.Fa "BIGNUM *range" +.Fc +.Ft int +.Fo BN_pseudo_rand_range +.Fa "BIGNUM *rnd" +.Fa "BIGNUM *range" +.Fc +.Sh DESCRIPTION +.Fn BN_rand +generates a cryptographically strong pseudo-random number of +.Fa bits +bits in length and stores it in +.Fa rnd . +If +.Fa top +is -1, the most significant bit of the random number can be zero. +If +.Fa top +is 0, it is set to 1, and if +.Fa top +is 1, the two most significant bits of the number will be set to 1, so +that the product of two such random numbers will always have +.Pf 2* Fa bits +length. +If +.Fa bottom +is true, the number will be odd. +.Pp +.Fn BN_pseudo_rand +does the same, but pseudo-random numbers generated by this function are +not necessarily unpredictable. +They can be used for non-cryptographic purposes and for certain purposes +in cryptographic protocols, but usually not for key generation etc. +.Pp +.Fn BN_rand_range +generates a cryptographically strong pseudo-random number +.Fa rnd +in the range 0 <= +.Fa rnd No < Fa range . +.Fn BN_pseudo_rand_range +does the same, but is based on +.Fn BN_pseudo_rand , +and hence numbers generated by it are not necessarily unpredictable. +.Sh RETURN VALUES +The functions return 1 on success, 0 on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr ERR_get_error 3 , +.Xr rand 3 , +.Xr RAND_add 3 , +.Xr RAND_bytes 3 +.Sh HISTORY +.Fn BN_rand +is available in all versions of SSLeay and OpenSSL. +.Fn BN_pseudo_rand +was added in OpenSSL 0.9.5. +The +.Fa top +== -1 case and the function +.Fn BN_rand_range +were added in OpenSSL 0.9.6a. +.Fn BN_pseudo_rand_range +was added in OpenSSL 0.9.6c. diff --git a/lib/libcrypto/man/BN_set_bit.3 b/lib/libcrypto/man/BN_set_bit.3 new file mode 100644 index 00000000000..4a199cd0d06 --- /dev/null +++ b/lib/libcrypto/man/BN_set_bit.3 @@ -0,0 +1,157 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_SET_BIT 3 +.Os +.Sh NAME +.Nm BN_set_bit , +.Nm BN_clear_bit , +.Nm BN_is_bit_set , +.Nm BN_mask_bits , +.Nm BN_lshift , +.Nm BN_lshift1 , +.Nm BN_rshift , +.Nm BN_rshift1 +.Nd bit operations on BIGNUMs +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_set_bit +.Fa "BIGNUM *a" +.Fa "int n" +.Fc +.Ft int +.Fo BN_clear_bit +.Fa "BIGNUM *a" +.Fa "int n" +.Fc +.Ft int +.Fo BN_is_bit_set +.Fa "const BIGNUM *a" +.Fa "int n" +.Fc +.Ft int +.Fo BN_mask_bits +.Fa "BIGNUM *a" +.Fa "int n" +.Fc +.Ft int +.Fo BN_lshift +.Fa "BIGNUM *r" +.Fa "const BIGNUM *a" +.Fa "int n" +.Fc +.Ft int +.Fo BN_lshift1 +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fc +.Ft int +.Fo BN_rshift +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "int n" +.Fc +.Ft int +.Fo BN_rshift1 +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fc +.Sh DESCRIPTION +.Fn BN_set_bit +sets bit +.Fa n +in +.Fa a +to 1 +.Pq Li a|=(1<<n) . +The number is expanded if necessary. +.Pp +.Fn BN_clear_bit +sets bit +.Fa n +in +.Fa a +to 0 +.Pq Li a&=~(1<<n) . +An error occurs if +.Fa a +is shorter than +.Fa n +bits. +.Pp +.Fn BN_is_bit_set +tests if bit +.Fa n +in +.Fa a +is set. +.Pp +.Fn BN_mask_bits +truncates +.Fa a +to an +.Fa n +bit number +.Pq Li a&=~((~0)>>n) . +An error occurs if +.Fa a +already is shorter than +.Fa n +bits. +.Pp +.Fn BN_lshift +shifts +.Fa a +left by +.Fa n +bits and places the result in +.Fa r +.Pq Li r=a*2^n . +.Fn BN_lshift1 +shifts +.Fa a +left by one and places the result in +.Fa r +.Pq Li r=2*a . +.Pp +.Fn BN_rshift +shifts +.Fa a +right by +.Fa n +bits and places the result in +.Fa r +.Pq Li r=a/2^n . +.Fn BN_rshift1 +shifts +.Fa a +right by one and places the result in +.Fa r +.Pq Li r=a/2 . +.Pp +For the shift functions, +.Fa r +and +.Fa a +may be the same variable. +.Sh RETURN VALUES +.Fn BN_is_bit_set +returns 1 if the bit is set, 0 otherwise. +.Pp +All other functions return 1 for success, 0 on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add 3 , +.Xr BN_num_bytes 3 +.Sh HISTORY +.Fn BN_set_bit , +.Fn BN_clear_bit , +.Fn BN_is_bit_set , +.Fn BN_mask_bits , +.Fn BN_lshift , +.Fn BN_lshift1 , +.Fn BN_rshift , +and +.Fn BN_rshift1 +are available in all versions of SSLeay and OpenSSL. diff --git a/lib/libcrypto/man/BN_swap.3 b/lib/libcrypto/man/BN_swap.3 new file mode 100644 index 00000000000..b252261067a --- /dev/null +++ b/lib/libcrypto/man/BN_swap.3 @@ -0,0 +1,23 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_SWAP 3 +.Os +.Sh NAME +.Nm BN_swap +.Nd exchange BIGNUMs +.Sh SYNOPSIS +.In openssl/bn.h +.Ft void +.Fo BN_swap +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fc +.Sh DESCRIPTION +.Fn BN_swap +exchanges the values of +.Fa a +and +.Fa b . +.Sh SEE ALSO +.Xr bn 3 +.Sh HISTORY +BN_swap was added in OpenSSL 0.9.7. diff --git a/lib/libcrypto/man/BN_zero.3 b/lib/libcrypto/man/BN_zero.3 new file mode 100644 index 00000000000..adfd6a0c652 --- /dev/null +++ b/lib/libcrypto/man/BN_zero.3 @@ -0,0 +1,101 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_ZERO 3 +.Os +.Sh NAME +.Nm BN_zero , +.Nm BN_one , +.Nm BN_value_one , +.Nm BN_set_word , +.Nm BN_get_word +.Nd BIGNUM assignment operations +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_zero +.Fa "BIGNUM *a" +.Fc +.Ft int +.Fo BN_one +.Fa "BIGNUM *a" +.Fc +.Ft const BIGNUM * +.Fo BN_value_one +.Fa void +.Fc +.Ft int +.Fo BN_set_word +.Fa "BIGNUM *a" +.Fa "unsigned long w" +.Fc +.Ft unsigned long +.Fo BN_get_word +.Fa "BIGNUM *a" +.Fc +.Sh DESCRIPTION +.Fn BN_zero , +.Fn BN_one , +and +.Fn BN_set_word +set +.Fa a +to the values 0, 1 and +.Fa w +respectively. +.Fn BN_zero +and +.Fn BN_one +are macros. +.Pp +.Fn BN_value_one +returns a +.Vt BIGNUM +constant of value 1. +This constant is useful for use in comparisons and assignment. +.Pp +.Fn BN_get_word +returns +.Fa a +if it can be represented as an +.Vt unsigned long . +.Sh RETURN VALUES +.Fn BN_get_word +returns the value +.Fa a , +or 0xffffffffL if +.Fa a +cannot be represented as an +.Vt unsigned long . +.Pp +.Fn BN_zero , +.Fn BN_one , +and +.Fn BN_set_word +return 1 on success, 0 otherwise. +.Fn BN_value_one +returns the constant. +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_bn2bin 3 +.Sh HISTORY +.Fn BN_zero , +.Fn BN_one , +and +.Fn BN_set_word +are available in all versions of SSLeay and OpenSSL. +.Fn BN_value_one +and +.Fn BN_get_word +were added in SSLeay 0.8. +.Pp +.Fn BN_value_one +was changed to return a true +.Vt const BIGNUM * +in OpenSSL 0.9.7. +.Sh BUGS +Someone might change the constant. +.Pp +If a +.Vt BIGNUM +is equal to 0xffffffffL it can be represented as an +.Vt unsigned long +but this value is also returned on error. diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile index 2ac6e5b6f67..bce02f647f4 100644 --- a/lib/libcrypto/man/Makefile +++ b/lib/libcrypto/man/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.18 2015/02/16 16:42:14 schwarze Exp $ +# $OpenBSD: Makefile,v 1.19 2015/02/23 17:43:24 schwarze Exp $ .include <bsd.own.mk> # for NOMAN @@ -33,8 +33,6 @@ MAN= \ BIO_s_socket.3 \ BIO_set_callback.3 \ BIO_should_retry.3 \ - -GENMAN= \ BN_BLINDING_new.3 \ BN_CTX_new.3 \ BN_CTX_start.3 \ @@ -53,6 +51,8 @@ GENMAN= \ BN_set_bit.3 \ BN_swap.3 \ BN_zero.3 \ + +GENMAN= \ BUF_MEM_new.3 \ CONF_modules_free.3 \ CONF_modules_load_file.3 \ diff --git a/lib/libssl/src/doc/crypto/BN_BLINDING_new.pod b/lib/libssl/src/doc/crypto/BN_BLINDING_new.pod deleted file mode 100644 index 1c586ac54ef..00000000000 --- a/lib/libssl/src/doc/crypto/BN_BLINDING_new.pod +++ /dev/null @@ -1,115 +0,0 @@ -=pod - -=head1 NAME - -BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, -BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, -BN_BLINDING_get_thread_id, BN_BLINDING_set_thread_id, BN_BLINDING_thread_id, -BN_BLINDING_get_flags, BN_BLINDING_set_flags, -BN_BLINDING_create_param - blinding related BIGNUM functions. - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, - BIGNUM *mod); - void BN_BLINDING_free(BN_BLINDING *b); - int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx); - int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); - int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); - int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, - BN_CTX *ctx); - int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, - BN_CTX *ctx); - #ifndef OPENSSL_NO_DEPRECATED - unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *); - void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long); - #endif - CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *); - unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); - void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); - BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, - const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, - int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), - BN_MONT_CTX *m_ctx); - -=head1 DESCRIPTION - -BN_BLINDING_new() allocates a new B<BN_BLINDING> structure and copies -the B<A> and B<Ai> values into the newly created B<BN_BLINDING> object. - -BN_BLINDING_free() frees the B<BN_BLINDING> structure. - -BN_BLINDING_update() updates the B<BN_BLINDING> parameters by squaring -the B<A> and B<Ai> or, after specific number of uses and if the -necessary parameters are set, by re-creating the blinding parameters. - -BN_BLINDING_convert_ex() multiplies B<n> with the blinding factor B<A>. -If B<r> is not NULL a copy the inverse blinding factor B<Ai> will be -returned in B<r> (this is useful if a B<RSA> object is shared among -several threads). BN_BLINDING_invert_ex() multiplies B<n> with the -inverse blinding factor B<Ai>. If B<r> is not NULL it will be used as -the inverse blinding. - -BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper -functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() -with B<r> set to NULL. - -BN_BLINDING_thread_id() provides access to the B<CRYPTO_THREADID> -object within the B<BN_BLINDING> structure. This is to help users -provide proper locking if needed for multi-threaded use. The "thread -id" object of a newly allocated B<BN_BLINDING> structure is -initialised to the thread id in which BN_BLINDING_new() was called. - -BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently -there are two supported flags: B<BN_BLINDING_NO_UPDATE> and -B<BN_BLINDING_NO_RECREATE>. B<BN_BLINDING_NO_UPDATE> inhibits the -automatic update of the B<BN_BLINDING> parameters after each use -and B<BN_BLINDING_NO_RECREATE> inhibits the automatic re-creation -of the B<BN_BLINDING> parameters after a fixed number of uses (currently -32). In newly allocated B<BN_BLINDING> objects no flags are set. -BN_BLINDING_set_flags() sets the B<BN_BLINDING> parameters flags. - -BN_BLINDING_create_param() creates new B<BN_BLINDING> parameters -using the exponent B<e> and the modulus B<m>. B<bn_mod_exp> and -B<m_ctx> can be used to pass special functions for exponentiation -(normally BN_mod_exp_mont() and B<BN_MONT_CTX>). - -=head1 RETURN VALUES - -BN_BLINDING_new() returns the newly allocated B<BN_BLINDING> structure -or NULL in case of an error. - -BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), -BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on -success and 0 if an error occured. - -BN_BLINDING_thread_id() returns a pointer to the thread id object -within a B<BN_BLINDING> object. - -BN_BLINDING_get_flags() returns the currently set B<BN_BLINDING> flags -(a B<unsigned long> value). - -BN_BLINDING_create_param() returns the newly created B<BN_BLINDING> -parameters or NULL on error. - -=head1 SEE ALSO - -L<bn(3)|bn(3)> - -=head1 HISTORY - -BN_BLINDING_thread_id was first introduced in OpenSSL 1.0.0, and it -deprecates BN_BLINDING_set_thread_id and BN_BLINDING_get_thread_id. - -BN_BLINDING_convert_ex, BN_BLINDIND_invert_ex, BN_BLINDING_get_thread_id, -BN_BLINDING_set_thread_id, BN_BLINDING_set_flags, BN_BLINDING_get_flags -and BN_BLINDING_create_param were first introduced in OpenSSL 0.9.8 - -=head1 AUTHOR - -Nils Larsch for the OpenSSL project (http://www.openssl.org). - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_CTX_new.pod b/lib/libssl/src/doc/crypto/BN_CTX_new.pod deleted file mode 100644 index bbedbb17782..00000000000 --- a/lib/libssl/src/doc/crypto/BN_CTX_new.pod +++ /dev/null @@ -1,57 +0,0 @@ -=pod - -=head1 NAME - -BN_CTX_new, BN_CTX_init, BN_CTX_free - allocate and free BN_CTX structures - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - BN_CTX *BN_CTX_new(void); - - void BN_CTX_free(BN_CTX *c); - -Deprecated: - - void BN_CTX_init(BN_CTX *c); - - -=head1 DESCRIPTION - -A B<BN_CTX> is a structure that holds B<BIGNUM> temporary variables used by -library functions. Since dynamic memory allocation to create B<BIGNUM>s -is rather expensive when used in conjunction with repeated subroutine -calls, the B<BN_CTX> structure is used. - -BN_CTX_new() allocates and initializes a B<BN_CTX> -structure. - -BN_CTX_free() frees the components of the B<BN_CTX>, and if it was -created by BN_CTX_new(), also the structure itself. -If L<BN_CTX_start(3)|BN_CTX_start(3)> has been used on the B<BN_CTX>, -L<BN_CTX_end(3)|BN_CTX_end(3)> must be called before the B<BN_CTX> -may be freed by BN_CTX_free(). - -BN_CTX_init() (deprecated) initializes an existing uninitialized B<BN_CTX>. -This should not be used for new programs. Use BN_CTX_new() instead. - -=head1 RETURN VALUES - -BN_CTX_new() returns a pointer to the B<BN_CTX>. If the allocation fails, -it returns B<NULL> and sets an error code that can be obtained by -L<ERR_get_error(3)|ERR_get_error(3)>. - -BN_CTX_init() and BN_CTX_free() have no return values. - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>, -L<BN_CTX_start(3)|BN_CTX_start(3)> - -=head1 HISTORY - -BN_CTX_new() and BN_CTX_free() are available in all versions on SSLeay -and OpenSSL. BN_CTX_init() was added in SSLeay 0.9.1b. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_CTX_start.pod b/lib/libssl/src/doc/crypto/BN_CTX_start.pod deleted file mode 100644 index dfcefe1a887..00000000000 --- a/lib/libssl/src/doc/crypto/BN_CTX_start.pod +++ /dev/null @@ -1,52 +0,0 @@ -=pod - -=head1 NAME - -BN_CTX_start, BN_CTX_get, BN_CTX_end - use temporary BIGNUM variables - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - void BN_CTX_start(BN_CTX *ctx); - - BIGNUM *BN_CTX_get(BN_CTX *ctx); - - void BN_CTX_end(BN_CTX *ctx); - -=head1 DESCRIPTION - -These functions are used to obtain temporary B<BIGNUM> variables from -a B<BN_CTX> (which can been created by using L<BN_CTX_new(3)|BN_CTX_new(3)>) -in order to save the overhead of repeatedly creating and -freeing B<BIGNUM>s in functions that are called from inside a loop. - -A function must call BN_CTX_start() first. Then, BN_CTX_get() may be -called repeatedly to obtain temporary B<BIGNUM>s. All BN_CTX_get() -calls must be made before calling any other functions that use the -B<ctx> as an argument. - -Finally, BN_CTX_end() must be called before returning from the function. -When BN_CTX_end() is called, the B<BIGNUM> pointers obtained from -BN_CTX_get() become invalid. - -=head1 RETURN VALUES - -BN_CTX_start() and BN_CTX_end() return no values. - -BN_CTX_get() returns a pointer to the B<BIGNUM>, or B<NULL> on error. -Once BN_CTX_get() has failed, the subsequent calls will return B<NULL> -as well, so it is sufficient to check the return value of the last -BN_CTX_get() call. In case of an error, an error code is set, which -can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. - - -=head1 SEE ALSO - -L<BN_CTX_new(3)|BN_CTX_new(3)> - -=head1 HISTORY - -BN_CTX_start(), BN_CTX_get() and BN_CTX_end() were added in OpenSSL 0.9.5. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_add.pod b/lib/libssl/src/doc/crypto/BN_add.pod deleted file mode 100644 index 15b28d83340..00000000000 --- a/lib/libssl/src/doc/crypto/BN_add.pod +++ /dev/null @@ -1,127 +0,0 @@ -=pod - -=head1 NAME - -BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, -BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - -arithmetic operations on BIGNUMs - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); - - int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); - - int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); - - int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx); - - int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d, - BN_CTX *ctx); - - int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); - - int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); - - int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, - BN_CTX *ctx); - - int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, - BN_CTX *ctx); - - int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, - BN_CTX *ctx); - - int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); - - int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx); - - int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - - int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); - -=head1 DESCRIPTION - -BN_add() adds I<a> and I<b> and places the result in I<r> (C<r=a+b>). -I<r> may be the same B<BIGNUM> as I<a> or I<b>. - -BN_sub() subtracts I<b> from I<a> and places the result in I<r> (C<r=a-b>). - -BN_mul() multiplies I<a> and I<b> and places the result in I<r> (C<r=a*b>). -I<r> may be the same B<BIGNUM> as I<a> or I<b>. -For multiplication by powers of 2, use L<BN_lshift(3)|BN_lshift(3)>. - -BN_sqr() takes the square of I<a> and places the result in I<r> -(C<r=a^2>). I<r> and I<a> may be the same B<BIGNUM>. -This function is faster than BN_mul(r,a,a). - -BN_div() divides I<a> by I<d> and places the result in I<dv> and the -remainder in I<rem> (C<dv=a/d, rem=a%d>). Either of I<dv> and I<rem> may -be B<NULL>, in which case the respective value is not returned. -The result is rounded towards zero; thus if I<a> is negative, the -remainder will be zero or negative. -For division by powers of 2, use BN_rshift(3). - -BN_mod() corresponds to BN_div() with I<dv> set to B<NULL>. - -BN_nnmod() reduces I<a> modulo I<m> and places the non-negative -remainder in I<r>. - -BN_mod_add() adds I<a> to I<b> modulo I<m> and places the non-negative -result in I<r>. - -BN_mod_sub() subtracts I<b> from I<a> modulo I<m> and places the -non-negative result in I<r>. - -BN_mod_mul() multiplies I<a> by I<b> and finds the non-negative -remainder respective to modulus I<m> (C<r=(a*b) mod m>). I<r> may be -the same B<BIGNUM> as I<a> or I<b>. For more efficient algorithms for -repeated computations using the same modulus, see -L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)> and -L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>. - -BN_mod_sqr() takes the square of I<a> modulo B<m> and places the -result in I<r>. - -BN_exp() raises I<a> to the I<p>-th power and places the result in I<r> -(C<r=a^p>). This function is faster than repeated applications of -BN_mul(). - -BN_mod_exp() computes I<a> to the I<p>-th power modulo I<m> (C<r=a^p % -m>). This function uses less time and space than BN_exp(). - -BN_gcd() computes the greatest common divisor of I<a> and I<b> and -places the result in I<r>. I<r> may be the same B<BIGNUM> as I<a> or -I<b>. - -For all functions, I<ctx> is a previously allocated B<BN_CTX> used for -temporary variables; see L<BN_CTX_new(3)|BN_CTX_new(3)>. - -Unless noted otherwise, the result B<BIGNUM> must be different from -the arguments. - -=head1 RETURN VALUES - -For all functions, 1 is returned for success, 0 on error. The return -value should always be checked (e.g., C<if (!BN_add(r,a,b)) goto err;>). -The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, -L<BN_CTX_new(3)|BN_CTX_new(3)>, L<BN_add_word(3)|BN_add_word(3)>, -L<BN_set_bit(3)|BN_set_bit(3)> - -=head1 HISTORY - -BN_add(), BN_sub(), BN_sqr(), BN_div(), BN_mod(), BN_mod_mul(), -BN_mod_exp() and BN_gcd() are available in all versions of SSLeay and -OpenSSL. The I<ctx> argument to BN_mul() was added in SSLeay -0.9.1b. BN_exp() appeared in SSLeay 0.9.0. -BN_nnmod(), BN_mod_add(), BN_mod_sub(), and BN_mod_sqr() were added in -OpenSSL 0.9.7. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_add_word.pod b/lib/libssl/src/doc/crypto/BN_add_word.pod deleted file mode 100644 index ba1026417df..00000000000 --- a/lib/libssl/src/doc/crypto/BN_add_word.pod +++ /dev/null @@ -1,61 +0,0 @@ -=pod - -=head1 NAME - -BN_add_word, BN_sub_word, BN_mul_word, BN_div_word, BN_mod_word - arithmetic -functions on BIGNUMs with integers - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - int BN_add_word(BIGNUM *a, BN_ULONG w); - - int BN_sub_word(BIGNUM *a, BN_ULONG w); - - int BN_mul_word(BIGNUM *a, BN_ULONG w); - - BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w); - - BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w); - -=head1 DESCRIPTION - -These functions perform arithmetic operations on BIGNUMs with unsigned -integers. They are much more efficient than the normal BIGNUM -arithmetic operations. - -BN_add_word() adds B<w> to B<a> (C<a+=w>). - -BN_sub_word() subtracts B<w> from B<a> (C<a-=w>). - -BN_mul_word() multiplies B<a> and B<w> (C<a*=w>). - -BN_div_word() divides B<a> by B<w> (C<a/=w>) and returns the remainder. - -BN_mod_word() returns the remainder of B<a> divided by B<w> (C<a%w>). - -For BN_div_word() and BN_mod_word(), B<w> must not be 0. - -=head1 RETURN VALUES - -BN_add_word(), BN_sub_word() and BN_mul_word() return 1 for success, 0 on -error. The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. - -BN_mod_word() and BN_div_word() return B<a>%B<w> on success and -B<(BN_ULONG)-1> if an error occurred. - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)> - -=head1 HISTORY - -BN_add_word() and BN_mod_word() are available in all versions of -SSLeay and OpenSSL. BN_div_word() was added in SSLeay 0.8, and -BN_sub_word() and BN_mul_word() in SSLeay 0.9.0. - -Before 0.9.8a the return value for BN_div_word() and BN_mod_word() -in case of an error was 0. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_bn2bin.pod b/lib/libssl/src/doc/crypto/BN_bn2bin.pod deleted file mode 100644 index 03b439c7b94..00000000000 --- a/lib/libssl/src/doc/crypto/BN_bn2bin.pod +++ /dev/null @@ -1,95 +0,0 @@ -=pod - -=head1 NAME - -BN_bn2bin, BN_bin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, -BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - int BN_bn2bin(const BIGNUM *a, unsigned char *to); - BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret); - - char *BN_bn2hex(const BIGNUM *a); - char *BN_bn2dec(const BIGNUM *a); - int BN_hex2bn(BIGNUM **a, const char *str); - int BN_dec2bn(BIGNUM **a, const char *str); - - int BN_print(BIO *fp, const BIGNUM *a); - int BN_print_fp(FILE *fp, const BIGNUM *a); - - int BN_bn2mpi(const BIGNUM *a, unsigned char *to); - BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret); - -=head1 DESCRIPTION - -BN_bn2bin() converts the absolute value of B<a> into big-endian form -and stores it at B<to>. B<to> must point to BN_num_bytes(B<a>) bytes of -memory. - -BN_bin2bn() converts the positive integer in big-endian form of length -B<len> at B<s> into a B<BIGNUM> and places it in B<ret>. If B<ret> is -NULL, a new B<BIGNUM> is created. - -BN_bn2hex() and BN_bn2dec() return printable strings containing the -hexadecimal and decimal encoding of B<a> respectively. For negative -numbers, the string is prefaced with a leading '-'. The string must be -freed later using free(). - -BN_hex2bn() converts the string B<str> containing a hexadecimal number -to a B<BIGNUM> and stores it in **B<bn>. If *B<bn> is NULL, a new -B<BIGNUM> is created. If B<bn> is NULL, it only computes the number's -length in hexadecimal digits. If the string starts with '-', the -number is negative. BN_dec2bn() is the same using the decimal system. - -BN_print() and BN_print_fp() write the hexadecimal encoding of B<a>, -with a leading '-' for negative numbers, to the B<BIO> or B<FILE> -B<fp>. - -BN_bn2mpi() and BN_mpi2bn() convert B<BIGNUM>s from and to a format -that consists of the number's length in bytes represented as a 4-byte -big-endian number, and the number itself in big-endian format, where -the most significant bit signals a negative number (the representation -of numbers with the MSB set is prefixed with null byte). - -BN_bn2mpi() stores the representation of B<a> at B<to>, where B<to> -must be large enough to hold the result. The size can be determined by -calling BN_bn2mpi(B<a>, NULL). - -BN_mpi2bn() converts the B<len> bytes long representation at B<s> to -a B<BIGNUM> and stores it at B<ret>, or in a newly allocated B<BIGNUM> -if B<ret> is NULL. - -=head1 RETURN VALUES - -BN_bn2bin() returns the length of the big-endian number placed at B<to>. -BN_bin2bn() returns the B<BIGNUM>, NULL on error. - -BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL -on error. BN_hex2bn() and BN_dec2bn() return the number's length in -hexadecimal or decimal digits, and 0 on error. - -BN_print_fp() and BN_print() return 1 on success, 0 on write errors. - -BN_bn2mpi() returns the length of the representation. BN_mpi2bn() -returns the B<BIGNUM>, and NULL on error. - -The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_zero(3)|BN_zero(3)>, -L<ASN1_INTEGER_to_BN(3)|ASN1_INTEGER_to_BN(3)>, -L<BN_num_bytes(3)|BN_num_bytes(3)> - -=head1 HISTORY - -BN_bn2bin(), BN_bin2bn(), BN_print_fp() and BN_print() are available -in all versions of SSLeay and OpenSSL. - -BN_bn2hex(), BN_bn2dec(), BN_hex2bn(), BN_dec2bn(), BN_bn2mpi() and -BN_mpi2bn() were added in SSLeay 0.9.0. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_cmp.pod b/lib/libssl/src/doc/crypto/BN_cmp.pod deleted file mode 100644 index 29df69631ef..00000000000 --- a/lib/libssl/src/doc/crypto/BN_cmp.pod +++ /dev/null @@ -1,49 +0,0 @@ -=pod - -=head1 NAME - -BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM -comparison and test functions - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - int BN_cmp(BIGNUM *a, BIGNUM *b); - int BN_ucmp(BIGNUM *a, BIGNUM *b); - - int BN_is_zero(BIGNUM *a); - int BN_is_one(BIGNUM *a); - int BN_is_word(BIGNUM *a, BN_ULONG w); - int BN_is_odd(BIGNUM *a); - -=head1 DESCRIPTION - -BN_cmp() compares the numbers B<a> and B<b>. BN_ucmp() compares their -absolute values. - -BN_is_zero(), BN_is_one() and BN_is_word() test if B<a> equals 0, 1, -or B<w> respectively. BN_is_odd() tests if a is odd. - -BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros. - -=head1 RETURN VALUES - -BN_cmp() returns -1 if B<a> E<lt> B<b>, 0 if B<a> == B<b> and 1 if -B<a> E<gt> B<b>. BN_ucmp() is the same using the absolute values -of B<a> and B<b>. - -BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if -the condition is true, 0 otherwise. - -=head1 SEE ALSO - -L<bn(3)|bn(3)> - -=head1 HISTORY - -BN_cmp(), BN_ucmp(), BN_is_zero(), BN_is_one() and BN_is_word() are -available in all versions of SSLeay and OpenSSL. -BN_is_odd() was added in SSLeay 0.8. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_copy.pod b/lib/libssl/src/doc/crypto/BN_copy.pod deleted file mode 100644 index 388dd7df265..00000000000 --- a/lib/libssl/src/doc/crypto/BN_copy.pod +++ /dev/null @@ -1,34 +0,0 @@ -=pod - -=head1 NAME - -BN_copy, BN_dup - copy BIGNUMs - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - BIGNUM *BN_copy(BIGNUM *to, const BIGNUM *from); - - BIGNUM *BN_dup(const BIGNUM *from); - -=head1 DESCRIPTION - -BN_copy() copies B<from> to B<to>. BN_dup() creates a new B<BIGNUM> -containing the value B<from>. - -=head1 RETURN VALUES - -BN_copy() returns B<to> on success, NULL on error. BN_dup() returns -the new B<BIGNUM>, and NULL on error. The error codes can be obtained -by L<ERR_get_error(3)|ERR_get_error(3)>. - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)> - -=head1 HISTORY - -BN_copy() and BN_dup() are available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_generate_prime.pod b/lib/libssl/src/doc/crypto/BN_generate_prime.pod deleted file mode 100644 index 0a95633d541..00000000000 --- a/lib/libssl/src/doc/crypto/BN_generate_prime.pod +++ /dev/null @@ -1,149 +0,0 @@ -=pod - -=head1 NAME - -BN_generate_prime, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, -BN_GENCB_set_old, BN_GENCB_set, BN_generate_prime, BN_is_prime, -BN_is_prime_fasttest - generate primes and test for primality - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - int BN_generate_prime_ex(BIGNUM *ret,int bits,int safe, const BIGNUM *add, - const BIGNUM *rem, BN_GENCB *cb); - - int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb); - - int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, - int do_trial_division, BN_GENCB *cb); - - int BN_GENCB_call(BN_GENCB *cb, int a, int b); - - #define BN_GENCB_set_old(gencb, callback, cb_arg) ... - - #define BN_GENCB_set(gencb, callback, cb_arg) ... - - -Deprecated: - -BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add, - BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg); - - int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int, - void *), BN_CTX *ctx, void *cb_arg); - - int BN_is_prime_fasttest(const BIGNUM *a, int checks, - void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg, - int do_trial_division); - -=head1 DESCRIPTION - -BN_generate_prime_ex() generates a pseudo-random prime number of -bit length B<bits>. -If B<ret> is not B<NULL>, it will be used to store the number. - -If B<cb> is not B<NULL>, it is used as follows: - -=over 4 - -=item * - -B<BN_GENCB_call(cb, 0, i)> is called after generating the i-th -potential prime number. - -=item * - -While the number is being tested for primality, -B<BN_GENCB_call(cb, 1, j)> is called as described below. - -=item * - -When a prime has been found, B<BN_GENCB_call(cb, 2, i)> is called. - -=back - -The prime may have to fulfill additional requirements for use in -Diffie-Hellman key exchange: - -If B<add> is not B<NULL>, the prime will fulfill the condition p % B<add> -== B<rem> (p % B<add> == 1 if B<rem> == B<NULL>) in order to suit a given -generator. - -If B<safe> is true, it will be a safe prime (i.e. a prime p so -that (p-1)/2 is also prime). - -The prime number generation has a negligible error probability. - -BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number B<p> is -prime. The following tests are performed until one of them shows that -B<p> is composite; if B<p> passes all these tests, it is considered -prime. - -BN_is_prime_fasttest_ex(), when called with B<do_trial_division == 1>, -first attempts trial division by a number of small primes; -if no divisors are found by this test and B<cb> is not B<NULL>, -B<BN_GENCB_call(cb, 1, -1)> is called. -If B<do_trial_division == 0>, this test is skipped. - -Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin -probabilistic primality test with B<nchecks> iterations. If -B<nchecks == BN_prime_checks>, a number of iterations is used that -yields a false positive rate of at most 2^-80 for random input. - -If B<cb> is not B<NULL>, B<BN_GENCB_call(cb, 1, j)> is called -after the j-th iteration (j = 0, 1, ...). B<ctx> is a -pre-allocated B<BN_CTX> (to save the overhead of allocating and -freeing the structure in a loop), or B<NULL>. - -BN_GENCB_call calls the callback function held in the B<BN_GENCB> structure -and passes the ints B<a> and B<b> as arguments. There are two types of -B<BN_GENCB> structure that are supported: "new" style and "old" style. New -programs should prefer the "new" style, whilst the "old" style is provided -for backwards compatibility purposes. - -For "new" style callbacks a BN_GENCB structure should be initialised with a -call to BN_GENCB_set, where B<gencb> is a B<BN_GENCB *>, B<callback> is of -type B<int (*callback)(int, int, BN_GENCB *)> and B<cb_arg> is a B<void *>. -"Old" style callbacks are the same except they are initialised with a call -to BN_GENCB_set_old and B<callback> is of type -B<void (*callback)(int, int, void *)>. - -A callback is invoked through a call to B<BN_GENCB_call>. This will check -the type of the callback and will invoke B<callback(a, b, gencb)> for new -style callbacks or B<callback(a, b, cb_arg)> for old style. - -BN_generate_prime (deprecated) works in the same way as -BN_generate_prime_ex but expects an old style callback function -directly in the B<callback> parameter, and an argument to pass to it in -the B<cb_arg>. Similarly BN_is_prime and BN_is_prime_fasttest are -deprecated and can be compared to BN_is_prime_ex and -BN_is_prime_fasttest_ex respectively. - -=head1 RETURN VALUES - -BN_generate_prime_ex() returns 1 on success or 0 on error. - -BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and -BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is -prime with an error probability of less than 0.25^B<nchecks>, and --1 on error. - -BN_generate_prime() returns the prime number on success, B<NULL> otherwise. - -Callback functions should return 1 on success or 0 on error. - -The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)> - -=head1 HISTORY - -The B<cb_arg> arguments to BN_generate_prime() and to BN_is_prime() -were added in SSLeay 0.9.0. The B<ret> argument to BN_generate_prime() -was added in SSLeay 0.9.1. -BN_is_prime_fasttest() was added in OpenSSL 0.9.5. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_mod_inverse.pod b/lib/libssl/src/doc/crypto/BN_mod_inverse.pod deleted file mode 100644 index aefb1d27dd0..00000000000 --- a/lib/libssl/src/doc/crypto/BN_mod_inverse.pod +++ /dev/null @@ -1,36 +0,0 @@ -=pod - -=head1 NAME - -BN_mod_inverse - compute inverse modulo n - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - BIGNUM *BN_mod_inverse(BIGNUM *r, BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx); - -=head1 DESCRIPTION - -BN_mod_inverse() computes the inverse of B<a> modulo B<n> -places the result in B<r> (C<(a*r)%n==1>). If B<r> is NULL, -a new B<BIGNUM> is created. - -B<ctx> is a previously allocated B<BN_CTX> used for temporary -variables. B<r> may be the same B<BIGNUM> as B<a> or B<n>. - -=head1 RETURN VALUES - -BN_mod_inverse() returns the B<BIGNUM> containing the inverse, and NULL on -error. The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)> - -=head1 HISTORY - -BN_mod_inverse() is available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_mod_mul_montgomery.pod b/lib/libssl/src/doc/crypto/BN_mod_mul_montgomery.pod deleted file mode 100644 index 6b16351b92e..00000000000 --- a/lib/libssl/src/doc/crypto/BN_mod_mul_montgomery.pod +++ /dev/null @@ -1,101 +0,0 @@ -=pod - -=head1 NAME - -BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_init, -BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy, -BN_from_montgomery, BN_to_montgomery - Montgomery multiplication - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - BN_MONT_CTX *BN_MONT_CTX_new(void); - void BN_MONT_CTX_init(BN_MONT_CTX *ctx); - void BN_MONT_CTX_free(BN_MONT_CTX *mont); - - int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx); - BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from); - - int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b, - BN_MONT_CTX *mont, BN_CTX *ctx); - - int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, - BN_CTX *ctx); - - int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, - BN_CTX *ctx); - -=head1 DESCRIPTION - -These functions implement Montgomery multiplication. They are used -automatically when L<BN_mod_exp(3)|BN_mod_exp(3)> is called with suitable input, -but they may be useful when several operations are to be performed -using the same modulus. - -BN_MONT_CTX_new() allocates and initializes a B<BN_MONT_CTX> structure. -BN_MONT_CTX_init() initializes an existing uninitialized B<BN_MONT_CTX>. - -BN_MONT_CTX_set() sets up the I<mont> structure from the modulus I<m> -by precomputing its inverse and a value R. - -BN_MONT_CTX_copy() copies the B<BN_MONT_CTX> I<from> to I<to>. - -BN_MONT_CTX_free() frees the components of the B<BN_MONT_CTX>, and, if -it was created by BN_MONT_CTX_new(), also the structure itself. - -BN_mod_mul_montgomery() computes Mont(I<a>,I<b>):=I<a>*I<b>*R^-1 and places -the result in I<r>. - -BN_from_montgomery() performs the Montgomery reduction I<r> = I<a>*R^-1. - -BN_to_montgomery() computes Mont(I<a>,R^2), i.e. I<a>*R. -Note that I<a> must be non-negative and smaller than the modulus. - -For all functions, I<ctx> is a previously allocated B<BN_CTX> used for -temporary variables. - -The B<BN_MONT_CTX> structure is defined as follows: - - typedef struct bn_mont_ctx_st - { - int ri; /* number of bits in R */ - BIGNUM RR; /* R^2 (used to convert to Montgomery form) */ - BIGNUM N; /* The modulus */ - BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 - * (Ni is only stored for bignum algorithm) */ - BN_ULONG n0; /* least significant word of Ni */ - int flags; - } BN_MONT_CTX; - -BN_to_montgomery() is a macro. - -=head1 RETURN VALUES - -BN_MONT_CTX_new() returns the newly allocated B<BN_MONT_CTX>, and NULL -on error. - -BN_MONT_CTX_init() and BN_MONT_CTX_free() have no return values. - -For the other functions, 1 is returned for success, 0 on error. -The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. - -=head1 WARNING - -The inputs must be reduced modulo B<m>, otherwise the result will be -outside the expected range. - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>, -L<BN_CTX_new(3)|BN_CTX_new(3)> - -=head1 HISTORY - -BN_MONT_CTX_new(), BN_MONT_CTX_free(), BN_MONT_CTX_set(), -BN_mod_mul_montgomery(), BN_from_montgomery() and BN_to_montgomery() -are available in all versions of SSLeay and OpenSSL. - -BN_MONT_CTX_init() and BN_MONT_CTX_copy() were added in SSLeay 0.9.1b. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_mod_mul_reciprocal.pod b/lib/libssl/src/doc/crypto/BN_mod_mul_reciprocal.pod deleted file mode 100644 index 74a216ddc2a..00000000000 --- a/lib/libssl/src/doc/crypto/BN_mod_mul_reciprocal.pod +++ /dev/null @@ -1,81 +0,0 @@ -=pod - -=head1 NAME - -BN_mod_mul_reciprocal, BN_div_recp, BN_RECP_CTX_new, BN_RECP_CTX_init, -BN_RECP_CTX_free, BN_RECP_CTX_set - modular multiplication using -reciprocal - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - BN_RECP_CTX *BN_RECP_CTX_new(void); - void BN_RECP_CTX_init(BN_RECP_CTX *recp); - void BN_RECP_CTX_free(BN_RECP_CTX *recp); - - int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx); - - int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *a, BN_RECP_CTX *recp, - BN_CTX *ctx); - - int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b, - BN_RECP_CTX *recp, BN_CTX *ctx); - -=head1 DESCRIPTION - -BN_mod_mul_reciprocal() can be used to perform an efficient -L<BN_mod_mul(3)|BN_mod_mul(3)> operation when the operation will be performed -repeatedly with the same modulus. It computes B<r>=(B<a>*B<b>)%B<m> -using B<recp>=1/B<m>, which is set as described below. B<ctx> is a -previously allocated B<BN_CTX> used for temporary variables. - -BN_RECP_CTX_new() allocates and initializes a B<BN_RECP> structure. -BN_RECP_CTX_init() initializes an existing uninitialized B<BN_RECP>. - -BN_RECP_CTX_free() frees the components of the B<BN_RECP>, and, if it -was created by BN_RECP_CTX_new(), also the structure itself. - -BN_RECP_CTX_set() stores B<m> in B<recp> and sets it up for computing -1/B<m> and shifting it left by BN_num_bits(B<m>)+1 to make it an -integer. The result and the number of bits it was shifted left will -later be stored in B<recp>. - -BN_div_recp() divides B<a> by B<m> using B<recp>. It places the quotient -in B<dv> and the remainder in B<rem>. - -The B<BN_RECP_CTX> structure is defined as follows: - - typedef struct bn_recp_ctx_st - { - BIGNUM N; /* the divisor */ - BIGNUM Nr; /* the reciprocal */ - int num_bits; - int shift; - int flags; - } BN_RECP_CTX; - -It cannot be shared between threads. - -=head1 RETURN VALUES - -BN_RECP_CTX_new() returns the newly allocated B<BN_RECP_CTX>, and NULL -on error. - -BN_RECP_CTX_init() and BN_RECP_CTX_free() have no return values. - -For the other functions, 1 is returned for success, 0 on error. -The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>, -L<BN_CTX_new(3)|BN_CTX_new(3)> - -=head1 HISTORY - -B<BN_RECP_CTX> was added in SSLeay 0.9.0. Before that, the function -BN_reciprocal() was used instead, and the BN_mod_mul_reciprocal() -arguments were different. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_new.pod b/lib/libssl/src/doc/crypto/BN_new.pod deleted file mode 100644 index ab7a105e3ad..00000000000 --- a/lib/libssl/src/doc/crypto/BN_new.pod +++ /dev/null @@ -1,53 +0,0 @@ -=pod - -=head1 NAME - -BN_new, BN_init, BN_clear, BN_free, BN_clear_free - allocate and free BIGNUMs - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - BIGNUM *BN_new(void); - - void BN_init(BIGNUM *); - - void BN_clear(BIGNUM *a); - - void BN_free(BIGNUM *a); - - void BN_clear_free(BIGNUM *a); - -=head1 DESCRIPTION - -BN_new() allocates and initializes a B<BIGNUM> structure. BN_init() -initializes an existing uninitialized B<BIGNUM>. - -BN_clear() is used to destroy sensitive data such as keys when they -are no longer needed. It erases the memory used by B<a> and sets it -to the value 0. - -BN_free() frees the components of the B<BIGNUM>, and if it was created -by BN_new(), also the structure itself. BN_clear_free() additionally -overwrites the data before the memory is returned to the system. - -=head1 RETURN VALUES - -BN_new() returns a pointer to the B<BIGNUM>. If the allocation fails, -it returns B<NULL> and sets an error code that can be obtained -by L<ERR_get_error(3)|ERR_get_error(3)>. - -BN_init(), BN_clear(), BN_free() and BN_clear_free() have no return -values. - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)> - -=head1 HISTORY - -BN_new(), BN_clear(), BN_free() and BN_clear_free() are available in -all versions on SSLeay and OpenSSL. BN_init() was added in SSLeay -0.9.1b. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_num_bytes.pod b/lib/libssl/src/doc/crypto/BN_num_bytes.pod deleted file mode 100644 index a6a2e3f8198..00000000000 --- a/lib/libssl/src/doc/crypto/BN_num_bytes.pod +++ /dev/null @@ -1,57 +0,0 @@ -=pod - -=head1 NAME - -BN_num_bits, BN_num_bytes, BN_num_bits_word - get BIGNUM size - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - int BN_num_bytes(const BIGNUM *a); - - int BN_num_bits(const BIGNUM *a); - - int BN_num_bits_word(BN_ULONG w); - -=head1 DESCRIPTION - -BN_num_bytes() returns the size of a B<BIGNUM> in bytes. - -BN_num_bits_word() returns the number of significant bits in a word. -If we take 0x00000432 as an example, it returns 11, not 16, not 32. -Basically, except for a zero, it returns I<floor(log2(w))+1>. - -BN_num_bits() returns the number of significant bits in a B<BIGNUM>, -following the same principle as BN_num_bits_word(). - -BN_num_bytes() is a macro. - -=head1 RETURN VALUES - -The size. - -=head1 NOTES - -Some have tried using BN_num_bits() on individual numbers in RSA keys, -DH keys and DSA keys, and found that they don't always come up with -the number of bits they expected (something like 512, 1024, 2048, -...). This is because generating a number with some specific number -of bits doesn't always set the highest bits, thereby making the number -of I<significant> bits a little lower. If you want to know the "key -size" of such a key, either use functions like RSA_size(), DH_size() -and DSA_size(), or use BN_num_bytes() and multiply with 8 (although -there's no real guarantee that will match the "key size", just a lot -more probability). - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<DH_size(3)|DH_size(3)>, L<DSA_size(3)|DSA_size(3)>, -L<RSA_size(3)|RSA_size(3)> - -=head1 HISTORY - -BN_num_bytes(), BN_num_bits() and BN_num_bits_word() are available in -all versions of SSLeay and OpenSSL. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_rand.pod b/lib/libssl/src/doc/crypto/BN_rand.pod deleted file mode 100644 index 856f310077f..00000000000 --- a/lib/libssl/src/doc/crypto/BN_rand.pod +++ /dev/null @@ -1,56 +0,0 @@ -=pod - -=head1 NAME - -BN_rand, BN_pseudo_rand, BN_rand_range, BN_pseudo_rand_range - generate pseudo-random number - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - int BN_rand(BIGNUM *rnd, int bits, int top, int bottom); - - int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom); - - int BN_rand_range(BIGNUM *rnd, BIGNUM *range); - - int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range); - -=head1 DESCRIPTION - -BN_rand() generates a cryptographically strong pseudo-random number of -B<bits> bits in length and stores it in B<rnd>. If B<top> is -1, the -most significant bit of the random number can be zero. If B<top> is 0, -it is set to 1, and if B<top> is 1, the two most significant bits of -the number will be set to 1, so that the product of two such random -numbers will always have 2*B<bits> length. If B<bottom> is true, the -number will be odd. - -BN_pseudo_rand() does the same, but pseudo-random numbers generated by -this function are not necessarily unpredictable. They can be used for -non-cryptographic purposes and for certain purposes in cryptographic -protocols, but usually not for key generation etc. - -BN_rand_range() generates a cryptographically strong pseudo-random -number B<rnd> in the range 0 E<lt>= B<rnd> E<lt> B<range>. -BN_pseudo_rand_range() does the same, but is based on BN_pseudo_rand(), -and hence numbers generated by it are not necessarily unpredictable. - -=head1 RETURN VALUES - -The functions return 1 on success, 0 on error. -The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, -L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)> - -=head1 HISTORY - -BN_rand() is available in all versions of SSLeay and OpenSSL. -BN_pseudo_rand() was added in OpenSSL 0.9.5. The B<top> == -1 case -and the function BN_rand_range() were added in OpenSSL 0.9.6a. -BN_pseudo_rand_range() was added in OpenSSL 0.9.6c. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_set_bit.pod b/lib/libssl/src/doc/crypto/BN_set_bit.pod deleted file mode 100644 index b7c47b9b015..00000000000 --- a/lib/libssl/src/doc/crypto/BN_set_bit.pod +++ /dev/null @@ -1,66 +0,0 @@ -=pod - -=head1 NAME - -BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift, -BN_lshift1, BN_rshift, BN_rshift1 - bit operations on BIGNUMs - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - int BN_set_bit(BIGNUM *a, int n); - int BN_clear_bit(BIGNUM *a, int n); - - int BN_is_bit_set(const BIGNUM *a, int n); - - int BN_mask_bits(BIGNUM *a, int n); - - int BN_lshift(BIGNUM *r, const BIGNUM *a, int n); - int BN_lshift1(BIGNUM *r, BIGNUM *a); - - int BN_rshift(BIGNUM *r, BIGNUM *a, int n); - int BN_rshift1(BIGNUM *r, BIGNUM *a); - -=head1 DESCRIPTION - -BN_set_bit() sets bit B<n> in B<a> to 1 (C<a|=(1E<lt>E<lt>n)>). The -number is expanded if necessary. - -BN_clear_bit() sets bit B<n> in B<a> to 0 (C<a&=~(1E<lt>E<lt>n)>). An -error occurs if B<a> is shorter than B<n> bits. - -BN_is_bit_set() tests if bit B<n> in B<a> is set. - -BN_mask_bits() truncates B<a> to an B<n> bit number -(C<a&=~((~0)E<gt>E<gt>n)>). An error occurs if B<a> already is -shorter than B<n> bits. - -BN_lshift() shifts B<a> left by B<n> bits and places the result in -B<r> (C<r=a*2^n>). BN_lshift1() shifts B<a> left by one and places -the result in B<r> (C<r=2*a>). - -BN_rshift() shifts B<a> right by B<n> bits and places the result in -B<r> (C<r=a/2^n>). BN_rshift1() shifts B<a> right by one and places -the result in B<r> (C<r=a/2>). - -For the shift functions, B<r> and B<a> may be the same variable. - -=head1 RETURN VALUES - -BN_is_bit_set() returns 1 if the bit is set, 0 otherwise. - -All other functions return 1 for success, 0 on error. The error codes -can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>, L<BN_add(3)|BN_add(3)> - -=head1 HISTORY - -BN_set_bit(), BN_clear_bit(), BN_is_bit_set(), BN_mask_bits(), -BN_lshift(), BN_lshift1(), BN_rshift(), and BN_rshift1() are available -in all versions of SSLeay and OpenSSL. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_swap.pod b/lib/libssl/src/doc/crypto/BN_swap.pod deleted file mode 100644 index 14097ca3576..00000000000 --- a/lib/libssl/src/doc/crypto/BN_swap.pod +++ /dev/null @@ -1,25 +0,0 @@ -=pod - -=head1 NAME - -BN_swap - exchange BIGNUMs - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - void BN_swap(BIGNUM *a, BIGNUM *b); - -=head1 DESCRIPTION - -BN_swap() exchanges the values of I<a> and I<b>. - -=head1 SEE ALSO - -L<bn(3)|bn(3)> - -=head1 HISTORY - -BN_swap was added in OpenSSL 0.9.7. - -=cut diff --git a/lib/libssl/src/doc/crypto/BN_zero.pod b/lib/libssl/src/doc/crypto/BN_zero.pod deleted file mode 100644 index b555ec39885..00000000000 --- a/lib/libssl/src/doc/crypto/BN_zero.pod +++ /dev/null @@ -1,59 +0,0 @@ -=pod - -=head1 NAME - -BN_zero, BN_one, BN_value_one, BN_set_word, BN_get_word - BIGNUM assignment -operations - -=head1 SYNOPSIS - - #include <openssl/bn.h> - - int BN_zero(BIGNUM *a); - int BN_one(BIGNUM *a); - - const BIGNUM *BN_value_one(void); - - int BN_set_word(BIGNUM *a, unsigned long w); - unsigned long BN_get_word(BIGNUM *a); - -=head1 DESCRIPTION - -BN_zero(), BN_one() and BN_set_word() set B<a> to the values 0, 1 and -B<w> respectively. BN_zero() and BN_one() are macros. - -BN_value_one() returns a B<BIGNUM> constant of value 1. This constant -is useful for use in comparisons and assignment. - -BN_get_word() returns B<a>, if it can be represented as an unsigned -long. - -=head1 RETURN VALUES - -BN_get_word() returns the value B<a>, and 0xffffffffL if B<a> cannot -be represented as an unsigned long. - -BN_zero(), BN_one() and BN_set_word() return 1 on success, 0 otherwise. -BN_value_one() returns the constant. - -=head1 BUGS - -Someone might change the constant. - -If a B<BIGNUM> is equal to 0xffffffffL it can be represented as an -unsigned long but this value is also returned on error. - -=head1 SEE ALSO - -L<bn(3)|bn(3)>, L<BN_bn2bin(3)|BN_bn2bin(3)> - -=head1 HISTORY - -BN_zero(), BN_one() and BN_set_word() are available in all versions of -SSLeay and OpenSSL. BN_value_one() and BN_get_word() were added in -SSLeay 0.8. - -BN_value_one() was changed to return a true const BIGNUM * in OpenSSL -0.9.7. - -=cut |