6 files changed, 159 insertions, 13 deletions
diff --git a/src/lib/libcrypto/man/BN_add.3 b/src/lib/libcrypto/man/BN_add.3
index 77afec7de3..a275dbfe95 100644
--- a/src/lib/libcrypto/man/BN_add.3
+++ b/src/lib/libcrypto/man/BN_add.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: BN_add.3,v 1.6 2017/01/07 05:06:22 schwarze Exp $
+.\"     $OpenBSD: BN_add.3,v 1.7 2017/01/30 01:29:31 schwarze Exp $
 .\"     OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\"
 .\" This file was written by Ulf Moeller <ulf@openssl.org>
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: January 7 2017 $
+.Dd $Mdocdate: January 30 2017 $
 .Dt BN_ADD 3
 .Os
 .Sh NAME
@@ -384,8 +384,8 @@ The error codes can be obtained by
 .Xr BN_CTX_new 3 ,
 .Xr BN_new 3 ,
 .Xr BN_set_bit 3 ,
-.Xr BN_set_negative 3 ,
+.Xr BN_set_flags 3 ,
-.Xr ERR_get_error 3
+.Xr BN_set_negative 3
 .Sh HISTORY
 .Fn BN_add ,
 .Fn BN_sub ,
diff --git a/src/lib/libcrypto/man/BN_copy.3 b/src/lib/libcrypto/man/BN_copy.3
index 34653be7e3..398cf1f8ec 100644
--- a/src/lib/libcrypto/man/BN_copy.3
+++ b/src/lib/libcrypto/man/BN_copy.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: BN_copy.3,v 1.5 2017/01/07 05:06:22 schwarze Exp $
+.\"     $OpenBSD: BN_copy.3,v 1.6 2017/01/30 01:29:31 schwarze Exp $
 .\"     OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\"
 .\" This file was written by Ulf Moeller <ulf@openssl.org>
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: January 7 2017 $
+.Dd $Mdocdate: January 30 2017 $
 .Dt BN_COPY 3
 .Os
 .Sh NAME
@@ -151,7 +151,7 @@ The error codes can be obtained by
 .Xr ERR_get_error 3 .
 .Sh SEE ALSO
 .Xr BN_new 3 ,
-.Xr ERR_get_error 3
+.Xr BN_set_flags 3
 .Sh HISTORY
 .Fn BN_copy
 and
diff --git a/src/lib/libcrypto/man/BN_mod_inverse.3 b/src/lib/libcrypto/man/BN_mod_inverse.3
index 6817fc2a3f..f407fa71e8 100644
--- a/src/lib/libcrypto/man/BN_mod_inverse.3
+++ b/src/lib/libcrypto/man/BN_mod_inverse.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: BN_mod_inverse.3,v 1.5 2016/12/10 21:13:25 schwarze Exp $
+.\"     $OpenBSD: BN_mod_inverse.3,v 1.6 2017/01/30 01:29:31 schwarze Exp $
 .\"     OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
 .\"
 .\" This file was written by Ulf Moeller <ulf@openssl.org>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 10 2016 $
+.Dd $Mdocdate: January 30 2017 $
 .Dt BN_MOD_INVERSE 3
 .Os
 .Sh NAME
@@ -103,7 +103,7 @@ The error codes can be obtained by
 .Sh SEE ALSO
 .Xr BN_add 3 ,
 .Xr BN_new 3 ,
-.Xr ERR_get_error 3
+.Xr BN_set_flags 3
 .Sh HISTORY
 .Fn BN_mod_inverse
 is available in all versions of SSLeay and OpenSSL.
diff --git a/src/lib/libcrypto/man/BN_new.3 b/src/lib/libcrypto/man/BN_new.3
index 8294a4f4d1..ce3734938d 100644
--- a/src/lib/libcrypto/man/BN_new.3
+++ b/src/lib/libcrypto/man/BN_new.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: BN_new.3,v 1.7 2017/01/29 23:41:49 schwarze Exp $
+.\"     $OpenBSD: BN_new.3,v 1.8 2017/01/30 01:29:31 schwarze Exp $
 .\"     OpenSSL doc/man3/BN_new.pod 2457c19d Mar 6 08:43:36 2004 +0000
 .\"     OpenSSL doc/man7/bn.pod 05ea606a May 20 20:52:46 2016 -0400
 .\"
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: January 29 2017 $
+.Dd $Mdocdate: January 30 2017 $
 .Dt BN_NEW 3
 .Os
 .Sh NAME
@@ -155,6 +155,7 @@ and sets an error code that can be obtained by
 .Xr BN_num_bytes 3 ,
 .Xr BN_rand 3 ,
 .Xr BN_set_bit 3 ,
+.Xr BN_set_flags 3 ,
 .Xr BN_set_negative 3 ,
 .Xr BN_swap 3 ,
 .Xr BN_zero 3
diff --git a/src/lib/libcrypto/man/BN_set_flags.3 b/src/lib/libcrypto/man/BN_set_flags.3
new file mode 100644
index 0000000000..27649fd074
--- /dev/null
+++ b/src/lib/libcrypto/man/BN_set_flags.3
@@ -0,0 +1,144 @@
+.\"     $OpenBSD: BN_set_flags.3,v 1.1 2017/01/30 01:29:31 schwarze Exp $
+.\"
+.\" Copyright (c) 2017 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: January 30 2017 $
+.Dt BN_SET_FLAGS 3
+.Os
+.Sh NAME
+.Nm BN_set_flags ,
+.Nm BN_get_flags
+.Nd enable and inspect flags on BIGNUM objects
+.Sh SYNOPSIS
+.In openssl/bn.h
+.Ft void
+.Fo BN_set_flags
+.Fa "BIGNUM *b"
+.Fa "int flags"
+.Fc
+.Ft int
+.Fo BN_get_flags
+.Fa "const BIGNUM *b"
+.Fa "int flags"
+.Fc
+.Sh DESCRIPTION
+.Fn BN_set_flags
+enables the given
+.Fa flags
+on
+.Fa b .
+The
+.Fa flags
+argument can contain zero or more of the following constants OR'ed
+together:
+.Bl -tag -width Ds
+.It Dv BN_FLG_CONSTTIME
+If this flag is set on the divident
+.Fa a
+in
+.Xr BN_div 3 ,
+on the exponent
+.Fa p
+in
+.Xr BN_mod_exp 3 ,
+or on the divisor
+.Fa a
+or the modulus
+.Fa n
+in
+.Xr BN_mod_inverse 3 ,
+these functions prefer algorithms with an execution time independent
+of the respective numbers, to avoid exposing sensitive information
+to timing attacks.
+.Pp
+If this flag is set on the exponent
+.Fa p
+in
+.Xr BN_exp 3
+or if the modulus
+.Fa m
+is even for
+.Xr BN_mod_exp 3 ,
+an error occurs.
+.Pp
+Various functions automatically set this flag on sensitive data.
+For example, the default implementations of
+.Xr DH_generate_key 3 ,
+.Xr DSA_generate_key 3 ,
+and
+.Xr RSA_generate_key_ex 3
+set it on the generated private key.
+.It Dv BN_FLG_MALLOCED
+If this flag is set,
+.Xr BN_free 3
+and
+.Xr BN_clear_free 3
+will not only clear and free the components of
+.Fa b ,
+but also
+.Fa b
+itself.
+This flag is set internally by
+.Xr BN_new 3 .
+Setting it manually on an existing
+.Vt BIGNUM
+object is usually a bad idea and can cause calls to
+.Xr free 3
+with bogus arguments.
+.It Dv BN_FLG_STATIC_DATA
+If this flag is set,
+.Xr BN_clear_free 3
+will neither clear nor free the memory used for storing the number.
+Consequently, setting it manually on an existing
+.Vt BIGNUM
+object is usually a terrible idea that can cause both disclosure
+of secret data and memory leaks.
+This flag is automatically set on the constant
+.Vt BIGNUM
+objects returned by
+.Xr BN_value_one 3
+and by the functions documented in
+.Xr BN_get0_nist_prime_521 3 .
+.El
+.Pp
+.Fn BN_get_flags
+interpretes
+.Fa flags
+as a bitmask and returns those of the given flags that are set in
+.Fa b ,
+OR'ed together, or 0 if none of the given
+.Fa flags
+is set.
+The
+.Fa flags
+argument has the same syntax as for
+.Fn BN_set_flags .
+.Pp
+These functions are currently implemented as macros, but they are
+likely to become real functions in the future when the
+.Vt BIGNUM
+data type will be made opaque.
+.Sh RETURN VALUES
+.Fn BN_get_flags
+returns zero or more of the above constants, OR'ed together.
+.Sh SEE ALSO
+.Xr BN_mod_exp 3 ,
+.Xr BN_mod_inverse 3 ,
+.Xr BN_new 3 ,
+.Xr BN_with_flags 3
+.Sh CAVEATS
+No public interface exists to clear a flag once it is set.
+So think twice before using
+.Fn BN_set_flags .
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile
index 46e8ba5739..d991508cff 100644
--- a/src/lib/libcrypto/man/Makefile
+++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.112 2017/01/07 00:45:04 schwarze Exp $
+# $OpenBSD: Makefile,v 1.113 2017/01/30 01:29:31 schwarze Exp $
 .include <bsd.own.mk>
@@ -55,6 +55,7 @@ MAN=	\
        BN_num_bytes.3 \
        BN_rand.3 \
        BN_set_bit.3 \
+        BN_set_flags.3 \
        BN_set_negative.3 \
        BN_swap.3 \
        BN_zero.3 \

diff --git a/src/lib/libcrypto/man/BN_add.3 b/src/lib/libcrypto/man/BN_add.3 index 77afec7de3..a275dbfe95 100644 --- a/src/lib/libcrypto/man/BN_add.3 +++ b/src/lib/libcrypto/man/BN_add.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: BN_add.3,v 1.6 2017/01/07 05:06:22 schwarze Exp $	1	.\" $OpenBSD: BN_add.3,v 1.7 2017/01/30 01:29:31 schwarze Exp $
2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100	2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3	.\"	3	.\"
4	.\" This file was written by Ulf Moeller <ulf@openssl.org>	4	.\" This file was written by Ulf Moeller <ulf@openssl.org>
@@ -49,7 +49,7 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	51	.\"
52	.Dd $Mdocdate: January 7 2017 $	52	.Dd $Mdocdate: January 30 2017 $
53	.Dt BN_ADD 3	53	.Dt BN_ADD 3
54	.Os	54	.Os
55	.Sh NAME	55	.Sh NAME
@@ -384,8 +384,8 @@ The error codes can be obtained by
384	.Xr BN_CTX_new 3 ,	384	.Xr BN_CTX_new 3 ,
385	.Xr BN_new 3 ,	385	.Xr BN_new 3 ,
386	.Xr BN_set_bit 3 ,	386	.Xr BN_set_bit 3 ,
387	.Xr BN_set_negative 3 ,	387	.Xr BN_set_flags 3 ,
388	.Xr ERR_get_error 3	388	.Xr BN_set_negative 3
389	.Sh HISTORY	389	.Sh HISTORY
390	.Fn BN_add ,	390	.Fn BN_add ,
391	.Fn BN_sub ,	391	.Fn BN_sub ,


diff --git a/src/lib/libcrypto/man/BN_copy.3 b/src/lib/libcrypto/man/BN_copy.3 index 34653be7e3..398cf1f8ec 100644 --- a/src/lib/libcrypto/man/BN_copy.3 +++ b/src/lib/libcrypto/man/BN_copy.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: BN_copy.3,v 1.5 2017/01/07 05:06:22 schwarze Exp $	1	.\" $OpenBSD: BN_copy.3,v 1.6 2017/01/30 01:29:31 schwarze Exp $
2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100	2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3	.\"	3	.\"
4	.\" This file was written by Ulf Moeller <ulf@openssl.org>	4	.\" This file was written by Ulf Moeller <ulf@openssl.org>
@@ -49,7 +49,7 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	51	.\"
52	.Dd $Mdocdate: January 7 2017 $	52	.Dd $Mdocdate: January 30 2017 $
53	.Dt BN_COPY 3	53	.Dt BN_COPY 3
54	.Os	54	.Os
55	.Sh NAME	55	.Sh NAME
@@ -151,7 +151,7 @@ The error codes can be obtained by
151	.Xr ERR_get_error 3 .	151	.Xr ERR_get_error 3 .
152	.Sh SEE ALSO	152	.Sh SEE ALSO
153	.Xr BN_new 3 ,	153	.Xr BN_new 3 ,
154	.Xr ERR_get_error 3	154	.Xr BN_set_flags 3
155	.Sh HISTORY	155	.Sh HISTORY
156	.Fn BN_copy	156	.Fn BN_copy
157	and	157	and


diff --git a/src/lib/libcrypto/man/BN_mod_inverse.3 b/src/lib/libcrypto/man/BN_mod_inverse.3 index 6817fc2a3f..f407fa71e8 100644 --- a/src/lib/libcrypto/man/BN_mod_inverse.3 +++ b/src/lib/libcrypto/man/BN_mod_inverse.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: BN_mod_inverse.3,v 1.5 2016/12/10 21:13:25 schwarze Exp $	1	.\" $OpenBSD: BN_mod_inverse.3,v 1.6 2017/01/30 01:29:31 schwarze Exp $
2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100	2	.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
3	.\"	3	.\"
4	.\" This file was written by Ulf Moeller <ulf@openssl.org>.	4	.\" This file was written by Ulf Moeller <ulf@openssl.org>.
@@ -48,7 +48,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: December 10 2016 $	51	.Dd $Mdocdate: January 30 2017 $
52	.Dt BN_MOD_INVERSE 3	52	.Dt BN_MOD_INVERSE 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
@@ -103,7 +103,7 @@ The error codes can be obtained by
103	.Sh SEE ALSO	103	.Sh SEE ALSO
104	.Xr BN_add 3 ,	104	.Xr BN_add 3 ,
105	.Xr BN_new 3 ,	105	.Xr BN_new 3 ,
106	.Xr ERR_get_error 3	106	.Xr BN_set_flags 3
107	.Sh HISTORY	107	.Sh HISTORY
108	.Fn BN_mod_inverse	108	.Fn BN_mod_inverse
109	is available in all versions of SSLeay and OpenSSL.	109	is available in all versions of SSLeay and OpenSSL.


diff --git a/src/lib/libcrypto/man/BN_new.3 b/src/lib/libcrypto/man/BN_new.3 index 8294a4f4d1..ce3734938d 100644 --- a/src/lib/libcrypto/man/BN_new.3 +++ b/src/lib/libcrypto/man/BN_new.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: BN_new.3,v 1.7 2017/01/29 23:41:49 schwarze Exp $	1	.\" $OpenBSD: BN_new.3,v 1.8 2017/01/30 01:29:31 schwarze Exp $
2	.\" OpenSSL doc/man3/BN_new.pod 2457c19d Mar 6 08:43:36 2004 +0000	2	.\" OpenSSL doc/man3/BN_new.pod 2457c19d Mar 6 08:43:36 2004 +0000
3	.\" OpenSSL doc/man7/bn.pod 05ea606a May 20 20:52:46 2016 -0400	3	.\" OpenSSL doc/man7/bn.pod 05ea606a May 20 20:52:46 2016 -0400
4	.\"	4	.\"
@@ -49,7 +49,7 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	51	.\"
52	.Dd $Mdocdate: January 29 2017 $	52	.Dd $Mdocdate: January 30 2017 $
53	.Dt BN_NEW 3	53	.Dt BN_NEW 3
54	.Os	54	.Os
55	.Sh NAME	55	.Sh NAME
@@ -155,6 +155,7 @@ and sets an error code that can be obtained by
155	.Xr BN_num_bytes 3 ,	155	.Xr BN_num_bytes 3 ,
156	.Xr BN_rand 3 ,	156	.Xr BN_rand 3 ,
157	.Xr BN_set_bit 3 ,	157	.Xr BN_set_bit 3 ,
		158	.Xr BN_set_flags 3 ,
158	.Xr BN_set_negative 3 ,	159	.Xr BN_set_negative 3 ,
159	.Xr BN_swap 3 ,	160	.Xr BN_swap 3 ,
160	.Xr BN_zero 3	161	.Xr BN_zero 3


diff --git a/src/lib/libcrypto/man/BN_set_flags.3 b/src/lib/libcrypto/man/BN_set_flags.3 new file mode 100644 index 0000000000..27649fd074 --- /dev/null +++ b/src/lib/libcrypto/man/BN_set_flags.3
@@ -0,0 +1,144 @@
		1	.\" $OpenBSD: BN_set_flags.3,v 1.1 2017/01/30 01:29:31 schwarze Exp $
		2	.\"
		3	.\" Copyright (c) 2017 Ingo Schwarze <schwarze@openbsd.org>
		4	.\"
		5	.\" Permission to use, copy, modify, and distribute this software for any
		6	.\" purpose with or without fee is hereby granted, provided that the above
		7	.\" copyright notice and this permission notice appear in all copies.
		8	.\"
		9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		16	.\"
		17	.Dd $Mdocdate: January 30 2017 $
		18	.Dt BN_SET_FLAGS 3
		19	.Os
		20	.Sh NAME
		21	.Nm BN_set_flags ,
		22	.Nm BN_get_flags
		23	.Nd enable and inspect flags on BIGNUM objects
		24	.Sh SYNOPSIS
		25	.In openssl/bn.h
		26	.Ft void
		27	.Fo BN_set_flags
		28	.Fa "BIGNUM *b"
		29	.Fa "int flags"
		30	.Fc
		31	.Ft int
		32	.Fo BN_get_flags
		33	.Fa "const BIGNUM *b"
		34	.Fa "int flags"
		35	.Fc
		36	.Sh DESCRIPTION
		37	.Fn BN_set_flags
		38	enables the given
		39	.Fa flags
		40	on
		41	.Fa b .
		42	The
		43	.Fa flags
		44	argument can contain zero or more of the following constants OR'ed
		45	together:
		46	.Bl -tag -width Ds
		47	.It Dv BN_FLG_CONSTTIME
		48	If this flag is set on the divident
		49	.Fa a
		50	in
		51	.Xr BN_div 3 ,
		52	on the exponent
		53	.Fa p
		54	in
		55	.Xr BN_mod_exp 3 ,
		56	or on the divisor
		57	.Fa a
		58	or the modulus
		59	.Fa n
		60	in
		61	.Xr BN_mod_inverse 3 ,
		62	these functions prefer algorithms with an execution time independent
		63	of the respective numbers, to avoid exposing sensitive information
		64	to timing attacks.
		65	.Pp
		66	If this flag is set on the exponent
		67	.Fa p
		68	in
		69	.Xr BN_exp 3
		70	or if the modulus
		71	.Fa m
		72	is even for
		73	.Xr BN_mod_exp 3 ,
		74	an error occurs.
		75	.Pp
		76	Various functions automatically set this flag on sensitive data.
		77	For example, the default implementations of
		78	.Xr DH_generate_key 3 ,
		79	.Xr DSA_generate_key 3 ,
		80	and
		81	.Xr RSA_generate_key_ex 3
		82	set it on the generated private key.
		83	.It Dv BN_FLG_MALLOCED
		84	If this flag is set,
		85	.Xr BN_free 3
		86	and
		87	.Xr BN_clear_free 3
		88	will not only clear and free the components of
		89	.Fa b ,
		90	but also
		91	.Fa b
		92	itself.
		93	This flag is set internally by
		94	.Xr BN_new 3 .
		95	Setting it manually on an existing
		96	.Vt BIGNUM
		97	object is usually a bad idea and can cause calls to
		98	.Xr free 3
		99	with bogus arguments.
		100	.It Dv BN_FLG_STATIC_DATA
		101	If this flag is set,
		102	.Xr BN_clear_free 3
		103	will neither clear nor free the memory used for storing the number.
		104	Consequently, setting it manually on an existing
		105	.Vt BIGNUM
		106	object is usually a terrible idea that can cause both disclosure
		107	of secret data and memory leaks.
		108	This flag is automatically set on the constant
		109	.Vt BIGNUM
		110	objects returned by
		111	.Xr BN_value_one 3
		112	and by the functions documented in
		113	.Xr BN_get0_nist_prime_521 3 .
		114	.El
		115	.Pp
		116	.Fn BN_get_flags
		117	interpretes
		118	.Fa flags
		119	as a bitmask and returns those of the given flags that are set in
		120	.Fa b ,
		121	OR'ed together, or 0 if none of the given
		122	.Fa flags
		123	is set.
		124	The
		125	.Fa flags
		126	argument has the same syntax as for
		127	.Fn BN_set_flags .
		128	.Pp
		129	These functions are currently implemented as macros, but they are
		130	likely to become real functions in the future when the
		131	.Vt BIGNUM
		132	data type will be made opaque.
		133	.Sh RETURN VALUES
		134	.Fn BN_get_flags
		135	returns zero or more of the above constants, OR'ed together.
		136	.Sh SEE ALSO
		137	.Xr BN_mod_exp 3 ,
		138	.Xr BN_mod_inverse 3 ,
		139	.Xr BN_new 3 ,
		140	.Xr BN_with_flags 3
		141	.Sh CAVEATS
		142	No public interface exists to clear a flag once it is set.
		143	So think twice before using
		144	.Fn BN_set_flags .


diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index 46e8ba5739..d991508cff 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.112 2017/01/07 00:45:04 schwarze Exp $	1	# $OpenBSD: Makefile,v 1.113 2017/01/30 01:29:31 schwarze Exp $
2		2
3	.include <bsd.own.mk>	3	.include <bsd.own.mk>
4		4
@@ -55,6 +55,7 @@ MAN= \
55	BN_num_bytes.3 \	55	BN_num_bytes.3 \
56	BN_rand.3 \	56	BN_rand.3 \
57	BN_set_bit.3 \	57	BN_set_bit.3 \
		58	BN_set_flags.3 \
58	BN_set_negative.3 \	59	BN_set_negative.3 \
59	BN_swap.3 \	60	BN_swap.3 \
60	BN_zero.3 \	61	BN_zero.3 \