summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authortb <>2023-05-11 05:45:33 +0000
committertb <>2023-05-11 05:45:33 +0000
commit4db2231e537d43969f997fc94537bafaec54f8d8 (patch)
tree832ccdd40abab97189da23e998f38e158bfed68e /src/lib
parenta03c417c0bb6170b5891dc327c9c68d629316b81 (diff)
downloadopenbsd-4db2231e537d43969f997fc94537bafaec54f8d8.tar.gz
openbsd-4db2231e537d43969f997fc94537bafaec54f8d8.tar.bz2
openbsd-4db2231e537d43969f997fc94537bafaec54f8d8.zip
Document recent changes in primality testing
With input from beck and jsing
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libcrypto/man/BN_generate_prime.331
1 files changed, 23 insertions, 8 deletions
diff --git a/src/lib/libcrypto/man/BN_generate_prime.3 b/src/lib/libcrypto/man/BN_generate_prime.3
index 268bc02a03..85c7349b1b 100644
--- a/src/lib/libcrypto/man/BN_generate_prime.3
+++ b/src/lib/libcrypto/man/BN_generate_prime.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: BN_generate_prime.3,v 1.22 2023/04/30 20:17:59 tb Exp $ 1.\" $OpenBSD: BN_generate_prime.3,v 1.23 2023/05/11 05:45:33 tb Exp $
2.\" full merge up to: OpenSSL f987a4dd Jun 27 10:12:08 2019 +0200 2.\" full merge up to: OpenSSL f987a4dd Jun 27 10:12:08 2019 +0200
3.\" 3.\"
4.\" This file is a derived work. 4.\" This file is a derived work.
@@ -67,7 +67,7 @@
67.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 67.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
68.\" OF THE POSSIBILITY OF SUCH DAMAGE. 68.\" OF THE POSSIBILITY OF SUCH DAMAGE.
69.\" 69.\"
70.Dd $Mdocdate: April 30 2023 $ 70.Dd $Mdocdate: May 11 2023 $
71.Dt BN_GENERATE_PRIME 3 71.Dt BN_GENERATE_PRIME 3
72.Os 72.Os
73.Sh NAME 73.Sh NAME
@@ -81,7 +81,7 @@
81.Nm BN_GENCB_get_arg , 81.Nm BN_GENCB_get_arg ,
82.Nm BN_GENCB_set_old 82.Nm BN_GENCB_set_old
83.\" Nm BN_prime_checks_for_size is intentionally undocumented 83.\" Nm BN_prime_checks_for_size is intentionally undocumented
84.\" because it is no longer used by LibreSSL. 84.\" because it should not be used outside of libcrypto.
85.Nd generate primes and test for primality 85.Nd generate primes and test for primality
86.Sh SYNOPSIS 86.Sh SYNOPSIS
87.In openssl/bn.h 87.In openssl/bn.h
@@ -147,13 +147,14 @@ and
147test whether the number 147test whether the number
148.Fa a 148.Fa a
149is prime. 149is prime.
150In LibreSSL, both functions behave identically, 150In LibreSSL, both functions behave identically
151use the Baillie-Pomerance-Selfridge-Wagstaff algorithm, 151and use the Baillie-Pomerance-Selfridge-Wagstaff algorithm
152and ignore the 152combined with
153.Fa checks 153.Fa checks
154and 154Miller-Rabin rounds.
155The
155.Fa do_trial_division 156.Fa do_trial_division
156arguments. 157argument is ignored.
157.Pp 158.Pp
158It is unknown whether any composite number exists that the 159It is unknown whether any composite number exists that the
159Baillie-PSW algorithm misclassifies as a prime. 160Baillie-PSW algorithm misclassifies as a prime.
@@ -161,6 +162,20 @@ Some suspect that there may be infinitely many such numbers,
161but not a single one is currently known. 162but not a single one is currently known.
162It is known that no such number exists below 2\(ha64. 163It is known that no such number exists below 2\(ha64.
163.Pp 164.Pp
165In order to reduce the likelihood of a composite number
166passing the primility tests
167.Fn BN_is_prime_fasttest_ex
168and
169.Fn BN_is_prime_ex ,
170a number of rounds of the probabilistic Miller-Rabin test is performed.
171If
172.Fa checks
173is positive, it is used as the number of rounds;
174if it is zero or the special value
175.Dv BN_prime_checks ,
176a suitable number of rounds is calculated from the bit length of
177.Fa a .
178.Pp
164If 179If
165.Dv NULL 180.Dv NULL
166is passed for the 181is passed for the
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-23 00:56:37 +0000