From 9cb1a51933a1847042ee88e16d560485f682bcad Mon Sep 17 00:00:00 2001 From: schwarze <> Date: Mon, 23 Feb 2015 17:43:24 +0000 Subject: fourth batch of perlpod(1) to mdoc(7) conversion --- src/lib/libcrypto/man/BN_BLINDING_new.3 | 269 ++++++++++++++++ src/lib/libcrypto/man/BN_CTX_new.3 | 91 ++++++ src/lib/libcrypto/man/BN_CTX_start.3 | 85 +++++ src/lib/libcrypto/man/BN_add.3 | 352 +++++++++++++++++++++ src/lib/libcrypto/man/BN_add_word.3 | 123 +++++++ src/lib/libcrypto/man/BN_bn2bin.3 | 237 ++++++++++++++ src/lib/libcrypto/man/BN_cmp.3 | 99 ++++++ src/lib/libcrypto/man/BN_copy.3 | 52 +++ src/lib/libcrypto/man/BN_generate_prime.3 | 289 +++++++++++++++++ src/lib/libcrypto/man/BN_mod_inverse.3 | 59 ++++ src/lib/libcrypto/man/BN_mod_mul_montgomery.3 | 181 +++++++++++ src/lib/libcrypto/man/BN_mod_mul_reciprocal.3 | 147 +++++++++ src/lib/libcrypto/man/BN_new.3 | 84 +++++ src/lib/libcrypto/man/BN_num_bytes.3 | 76 +++++ src/lib/libcrypto/man/BN_rand.3 | 93 ++++++ src/lib/libcrypto/man/BN_set_bit.3 | 157 +++++++++ src/lib/libcrypto/man/BN_swap.3 | 23 ++ src/lib/libcrypto/man/BN_zero.3 | 101 ++++++ src/lib/libcrypto/man/Makefile | 6 +- src/lib/libssl/src/doc/crypto/BN_BLINDING_new.pod | 115 ------- src/lib/libssl/src/doc/crypto/BN_CTX_new.pod | 57 ---- src/lib/libssl/src/doc/crypto/BN_CTX_start.pod | 52 --- src/lib/libssl/src/doc/crypto/BN_add.pod | 127 -------- src/lib/libssl/src/doc/crypto/BN_add_word.pod | 61 ---- src/lib/libssl/src/doc/crypto/BN_bn2bin.pod | 95 ------ src/lib/libssl/src/doc/crypto/BN_cmp.pod | 49 --- src/lib/libssl/src/doc/crypto/BN_copy.pod | 34 -- .../libssl/src/doc/crypto/BN_generate_prime.pod | 149 --------- src/lib/libssl/src/doc/crypto/BN_mod_inverse.pod | 36 --- .../src/doc/crypto/BN_mod_mul_montgomery.pod | 101 ------ .../src/doc/crypto/BN_mod_mul_reciprocal.pod | 81 ----- src/lib/libssl/src/doc/crypto/BN_new.pod | 53 ---- src/lib/libssl/src/doc/crypto/BN_num_bytes.pod | 57 ---- src/lib/libssl/src/doc/crypto/BN_rand.pod | 56 ---- src/lib/libssl/src/doc/crypto/BN_set_bit.pod | 66 ---- src/lib/libssl/src/doc/crypto/BN_swap.pod | 25 -- src/lib/libssl/src/doc/crypto/BN_zero.pod | 59 ---- 37 files changed, 2521 insertions(+), 1276 deletions(-) create mode 100644 src/lib/libcrypto/man/BN_BLINDING_new.3 create mode 100644 src/lib/libcrypto/man/BN_CTX_new.3 create mode 100644 src/lib/libcrypto/man/BN_CTX_start.3 create mode 100644 src/lib/libcrypto/man/BN_add.3 create mode 100644 src/lib/libcrypto/man/BN_add_word.3 create mode 100644 src/lib/libcrypto/man/BN_bn2bin.3 create mode 100644 src/lib/libcrypto/man/BN_cmp.3 create mode 100644 src/lib/libcrypto/man/BN_copy.3 create mode 100644 src/lib/libcrypto/man/BN_generate_prime.3 create mode 100644 src/lib/libcrypto/man/BN_mod_inverse.3 create mode 100644 src/lib/libcrypto/man/BN_mod_mul_montgomery.3 create mode 100644 src/lib/libcrypto/man/BN_mod_mul_reciprocal.3 create mode 100644 src/lib/libcrypto/man/BN_new.3 create mode 100644 src/lib/libcrypto/man/BN_num_bytes.3 create mode 100644 src/lib/libcrypto/man/BN_rand.3 create mode 100644 src/lib/libcrypto/man/BN_set_bit.3 create mode 100644 src/lib/libcrypto/man/BN_swap.3 create mode 100644 src/lib/libcrypto/man/BN_zero.3 delete mode 100644 src/lib/libssl/src/doc/crypto/BN_BLINDING_new.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_CTX_new.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_CTX_start.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_add.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_add_word.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_bn2bin.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_cmp.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_copy.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_generate_prime.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_mod_inverse.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_mod_mul_montgomery.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_mod_mul_reciprocal.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_new.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_num_bytes.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_rand.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_set_bit.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_swap.pod delete mode 100644 src/lib/libssl/src/doc/crypto/BN_zero.pod diff --git a/src/lib/libcrypto/man/BN_BLINDING_new.3 b/src/lib/libcrypto/man/BN_BLINDING_new.3 new file mode 100644 index 0000000000..c65d79c3bc --- /dev/null +++ b/src/lib/libcrypto/man/BN_BLINDING_new.3 @@ -0,0 +1,269 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_BLINDING_NEW 3 +.Os +.Sh NAME +.Nm BN_BLINDING_new , +.Nm BN_BLINDING_free , +.Nm BN_BLINDING_update , +.Nm BN_BLINDING_convert , +.Nm BN_BLINDING_invert , +.Nm BN_BLINDING_convert_ex , +.Nm BN_BLINDING_invert_ex , +.Nm BN_BLINDING_get_thread_id , +.Nm BN_BLINDING_set_thread_id , +.Nm BN_BLINDING_thread_id , +.Nm BN_BLINDING_get_flags , +.Nm BN_BLINDING_set_flags , +.Nm BN_BLINDING_create_param +.Nd blinding related BIGNUM functions +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BN_BLINDING * +.Fo BN_BLINDING_new +.Fa "const BIGNUM *A" +.Fa "const BIGNUM *Ai" +.Fa "BIGNUM *mod" +.Fc +.Ft void +.Fo BN_BLINDING_free +.Fa "BN_BLINDING *b" +.Fc +.Ft int +.Fo BN_BLINDING_update +.Fa "BN_BLINDING *b" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_BLINDING_convert +.Fa "BIGNUM *n" +.Fa "BN_BLINDING *b" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_BLINDING_invert +.Fa "BIGNUM *n" +.Fa "BN_BLINDING *b" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_BLINDING_convert_ex +.Fa "BIGNUM *n" +.Fa "BIGNUM *r" +.Fa "BN_BLINDING *b" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_BLINDING_invert_ex +.Fa "BIGNUM *n" +.Fa "const BIGNUM *r" +.Fa "BN_BLINDING *b" +.Fa "BN_CTX *ctx" +.Fc +.Fd #ifndef OPENSSL_NO_DEPRECATED +.Ft unsigned long +.Fo BN_BLINDING_get_thread_id +.Fa "const BN_BLINDING *" +.Fc +.Ft void +.Fo BN_BLINDING_set_thread_id +.Fa "BN_BLINDING *" +.Fa "unsigned long" +.Fc +.Fd #endif +.Ft CRYPTO_THREADID * +.Fo BN_BLINDING_thread_id +.Fa "BN_BLINDING *" +.Fc +.Ft unsigned long +.Fo BN_BLINDING_get_flags +.Fa "const BN_BLINDING *" +.Fc +.Ft void +.Fo BN_BLINDING_set_flags +.Fa "BN_BLINDING *" +.Fa "unsigned long" +.Fc +.Ft BN_BLINDING * +.Fo BN_BLINDING_create_param +.Fa "BN_BLINDING *b" +.Fa "const BIGNUM *e" +.Fa "BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fa "int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,\ + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)" +.Fa "BN_MONT_CTX *m_ctx" +.Fc +.Sh DESCRIPTION +.Fn BN_BLINDING_new +allocates a new +.Vt BN_BLINDING +structure and copies the +.Fa A +and +.Fa \&Ai +values into the newly created +.Vt BN_BLINDING +object. +.Pp +.Fn BN_BLINDING_free +frees the +.Vt BN_BLINDING +structure. +.Pp +.Fn BN_BLINDING_update +updates the +.Vt BN_BLINDING +parameters by squaring the +.Fa A +and +.Fa \&Ai +or, after specific number of uses and if the necessary parameters are +set, by re-creating the blinding parameters. +.Pp +.Fn BN_BLINDING_convert_ex +multiplies +.Fa n +with the blinding factor +.Fa A . +If +.Fa r +is not +.Dv NULL , +a copy of the inverse blinding factor +.Fa \&Ai +will be returned in +.Fa r +(this is useful if a +.Vt RSA +object is shared among several threads). +.Fn BN_BLINDING_invert_ex +multiplies +.Fa n +with the inverse blinding factor +.Fa \&Ai . +If +.Fa r +is not +.Dv NULL , +it will be used as the inverse blinding. +.Pp +.Fn BN_BLINDING_convert +and +.Fn BN_BLINDING_invert +are wrapper functions for +.Fn BN_BLINDING_convert_ex +and +.Fn BN_BLINDING_invert_ex +with +.Fa r +set to +.Dv NULL . +.Pp +.Fn BN_BLINDING_thread_id +provides access to the +.Vt CRYPTO_THREADID +object within the +.Vt BN_BLINDING +structure. +This is to help users provide proper locking if needed for +multi-threaded use. +The "thread id" object of a newly allocated +.Vt BN_BLINDING +structure is initialised to the thread id in which +.Fn BN_BLINDING_new +was called. +.Pp +.Fn BN_BLINDING_get_flags +returns the +.Dv BN_BLINDING_* +flags. +Currently there are two supported flags: +.Dv BN_BLINDING_NO_UPDATE +and +.Dv BN_BLINDING_NO_RECREATE . +.Dv BN_BLINDING_NO_UPDATE +inhibits the automatic update of the +.Vt BN_BLINDING +parameters after each use and +.Dv BN_BLINDING_NO_RECREATE +inhibits the automatic re-creation of the +.Vt BN_BLINDING +parameters after a fixed number of uses (currently 32). +In newly allocated +.Vt BN_BLINDING +objects no flags are set. +.Fn BN_BLINDING_set_flags +sets the +.Dv BN_BLINDING_* +parameters flags. +.Pp +.Fn BN_BLINDING_create_param +creates new +.Vt BN_BLINDING +parameters using the exponent +.Fa e +and the modulus +.Fa m . +.Fa bn_mod_exp +and +.Fa m_ctx +can be used to pass special functions for exponentiation (normally +.Xr BN_mod_exp_mont 3 +and +.Vt BN_MONT_CTX Ns ). +.Sh RETURN VALUES +.Fn BN_BLINDING_new +returns the newly allocated +.Vt BN_BLINDING +structure or +.Dv NULL +in case of an error. +.Pp +.Fn BN_BLINDING_update , +.Fn BN_BLINDING_convert , +.Fn BN_BLINDING_invert , +.Fn BN_BLINDING_convert_ex +and +.Fn BN_BLINDING_invert_ex +return 1 on success and 0 if an error occured. +.Pp +.Fn BN_BLINDING_thread_id +returns a pointer to the thread id object within a +.Vt BN_BLINDING +object. +.Pp +.Fn BN_BLINDING_get_flags +returns the currently set +.Dv BN_BLINDING_* +flags (an +.Vt unsigned long +value). +.Pp +.Fn BN_BLINDING_create_param +returns the newly created +.Vt BN_BLINDING +parameters or +.Dv NULL +on error. +.Sh SEE ALSO +.Xr bn 3 +.Sh HISTORY +.Fn BN_BLINDING_thread_id +was first introduced in OpenSSL 1.0.0, and it deprecates +.Fn BN_BLINDING_set_thread_id +and +.Fn BN_BLINDING_get_thread_id . +.Pp +.Fn BN_BLINDING_convert_ex , +.Fn BN_BLINDIND_invert_ex , +.Fn BN_BLINDING_get_thread_id , +.Fn BN_BLINDING_set_thread_id , +.Fn BN_BLINDING_set_flags , +.Fn BN_BLINDING_get_flags +and +.Fn BN_BLINDING_create_param +were first introduced in OpenSSL 0.9.8 +.Sh AUTHORS +.An Nils Larsch +for +.Lk http://www.openssl.org/ "the OpenSSL project" . diff --git a/src/lib/libcrypto/man/BN_CTX_new.3 b/src/lib/libcrypto/man/BN_CTX_new.3 new file mode 100644 index 0000000000..1a77314854 --- /dev/null +++ b/src/lib/libcrypto/man/BN_CTX_new.3 @@ -0,0 +1,91 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_CTX_NEW 3 +.Os +.Sh NAME +.Nm BN_CTX_new , +.Nm BN_CTX_init , +.Nm BN_CTX_free +.Nd allocate and free BN_CTX structures +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BN_CTX * +.Fo BN_CTX_new +.Fa void +.Fc +.Ft void +.Fo BN_CTX_free +.Fa "BN_CTX *c" +.Fc +.Pp +Deprecated: +.Pp +.Ft void +.Fo BN_CTX_init +.Fa "BN_CTX *c" +.Fc +.Sh DESCRIPTION +A +.Vt BN_CTX +is a structure that holds +.Vt BIGNUM +temporary variables used by library functions. +Since dynamic memory allocation to create +.Vt BIGNUM Ns s +is rather expensive when used in conjunction with repeated subroutine +calls, the +.Vt BN_CTX +structure is used. +.Pp +.Fn BN_CTX_new +allocates and initializes a +.Vt BN_CTX +structure. +.Pp +.Fn BN_CTX_free +frees the components of the +.Vt BN_CTX , +and if it was created by +.Fn BN_CTX_new , +also the structure itself. +If +.Xr BN_CTX_start 3 +has been used on the +.Vt BN_CTX , +.Xr BN_CTX_end 3 +must be called before the +.Vt BN_CTX +may be freed by +.Fn BN_CTX_free . +.Pp +.Fn BN_CTX_init +(deprecated) initializes an existing uninitialized +.Vt BN_CTX . +This should not be used for new programs. +Use +.Fn BN_CTX_new +instead. +.Sh RETURN VALUES +.Fn BN_CTX_new +returns a pointer to the +.Vt BN_CTX . +If the allocation fails, it returns +.Dv NULL +and sets an error code that can be obtained by +.Xr ERR_get_error 3 . +.Pp +.Fn BN_CTX_init +and +.Fn BN_CTX_free +return no value. +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add 3 , +.Xr BN_CTX_start 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_CTX_new +and +.Fn BN_CTX_free +are available in all versions on SSLeay and OpenSSL. +.Fn BN_CTX_init +was added in SSLeay 0.9.1b. diff --git a/src/lib/libcrypto/man/BN_CTX_start.3 b/src/lib/libcrypto/man/BN_CTX_start.3 new file mode 100644 index 0000000000..986208ba1a --- /dev/null +++ b/src/lib/libcrypto/man/BN_CTX_start.3 @@ -0,0 +1,85 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_CTX_START 3 +.Os +.Sh NAME +.Nm BN_CTX_start , +.Nm BN_CTX_get , +.Nm BN_CTX_end +.Nd use temporary BIGNUM variables +.Sh SYNOPSIS +.In openssl/bn.h +.Ft void +.Fo BN_CTX_start +.Fa "BN_CTX *ctx" +.Fc +.Ft BIGNUM * +.Fo BN_CTX_get +.Fa "BN_CTX *ctx" +.Fc +.Ft void +.Fo BN_CTX_end +.Fa "BN_CTX *ctx" +.Fc +.Sh DESCRIPTION +These functions are used to obtain temporary +.Vt BIGNUM +variables from a +.Vt BN_CTX +(which can been created by using +.Xr BN_CTX_new 3 ) +in order to save the overhead of repeatedly creating and freeing +.Vt BIGNUM Ns s +in functions that are called from inside a loop. +.Pp +A function must call +.Fn BN_CTX_start +first. +Then, +.Fn BN_CTX_get +may be called repeatedly to obtain temporary +.Vt BIGNUM Ns s. +All +.Fn BN_CTX_get +calls must be made before calling any other functions that use the +.Fa ctx +as an argument. +.Pp +Finally, +.Fn BN_CTX_end +must be called before returning from the function. +When +.Fn BN_CTX_end +is called, the +.Vt BIGNUM +pointers obtained from +.Fn BN_CTX_get +become invalid. +.Sh RETURN VALUES +.Fn BN_CTX_start +and +.Fn BN_CTX_end +return no values. +.Pp +.Fn BN_CTX_get +returns a pointer to the +.Vt BIGNUM , +or +.Dv NULL +on error. +Once +.Fn BN_CTX_get +has failed, the subsequent calls will return +.Dv NULL +as well, so it is sufficient to check the return value of the last +.Fn BN_CTX_get +call. +In case of an error, an error code is set, which can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr BN_CTX_new 3 +.Sh HISTORY +.Fn BN_CTX_start , +.Fn BN_CTX_get , +and +.Fn BN_CTX_end +were added in OpenSSL 0.9.5. diff --git a/src/lib/libcrypto/man/BN_add.3 b/src/lib/libcrypto/man/BN_add.3 new file mode 100644 index 0000000000..d41599d8b0 --- /dev/null +++ b/src/lib/libcrypto/man/BN_add.3 @@ -0,0 +1,352 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_ADD 3 +.Os +.Sh NAME +.Nm BN_add , +.Nm BN_sub , +.Nm BN_mul , +.Nm BN_sqr , +.Nm BN_div , +.Nm BN_mod , +.Nm BN_nnmod , +.Nm BN_mod_add , +.Nm BN_mod_sub , +.Nm BN_mod_mul , +.Nm BN_mod_sqr , +.Nm BN_exp , +.Nm BN_mod_exp , +.Nm BN_gcd +.Nd arithmetic operations on BIGNUMs +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_add +.Fa "BIGNUM *r" +.Fa "const BIGNUM *a" +.Fa "const BIGNUM *b" +.Fc +.Ft int +.Fo BN_sub +.Fa "BIGNUM *r" +.Fa "const BIGNUM *a" +.Fa "const BIGNUM *b" +.Fc +.Ft int +.Fo BN_mul +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_sqr +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_div +.Fa "BIGNUM *dv" +.Fa "BIGNUM *rem" +.Fa "const BIGNUM *a" +.Fa "const BIGNUM *d" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod +.Fa "BIGNUM *rem" +.Fa "const BIGNUM *a" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_nnmod +.Fa "BIGNUM *r" +.Fa "const BIGNUM *a" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod_add +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod_sub +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod_mul +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod_sqr +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_exp +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *p" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod_exp +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "const BIGNUM *p" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_gcd +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "BN_CTX *ctx" +.Fc +.Sh DESCRIPTION +.Fn BN_add +adds +.Fa a +and +.Fa b +and places the result in +.Fa r +.Pq Li r=a+b . +.Fa r +may be the same +.Vt BIGNUM +as +.Fa a +or +.Fa b . +.Pp +.Fn BN_sub +subtracts +.Fa b +from +.Fa a +and places the result in +.Fa r +.Pq Li r=a-b . +.Pp +.Fn BN_mul +multiplies +.Fa a +and +.Fa b +and places the result in +.Fa r +.Pq Li r=a*b . +.Fa r +may be the same +.Vt BIGNUM +as +.Fa a +or +.Fa b . +For multiplication by powers of 2, use +.Xr BN_lshift 3 . +.Pp +.Fn BN_sqr +takes the square of +.Fa a +and places the result in +.Fa r +.Pq Li r=a^2 . +.Fa r +and +.Fa a +may be the same +.Vt BIGNUM . +This function is faster than +.Fn BN_mul r a a . +.Pp +.Fn BN_div +divides +.Fa a +by +.Fa d +and places the result in +.Fa dv +and the remainder in +.Fa rem +.Pq Li dv=a/d , rem=a%d . +Either of +.Fa dv +and +.Fa rem +may be +.Dv NULL , +in which case the respective value is not returned. +The result is rounded towards zero; thus if +.Fa a +is negative, the remainder will be zero or negative. +For division by powers of 2, use +.Fn BN_rshift 3 . +.Pp +.Fn BN_mod +corresponds to +.Fn BN_div +with +.Fa dv +set to +.Dv NULL . +.Pp +.Fn BN_nnmod +reduces +.Fa a +modulo +.Fa m +and places the non-negative remainder in +.Fa r . +.Pp +.Fn BN_mod_add +adds +.Fa a +to +.Fa b +modulo +.Fa m +and places the non-negative result in +.Fa r . +.Pp +.Fn BN_mod_sub +subtracts +.Fa b +from +.Fa a +modulo +.Fa m +and places the non-negative result in +.Fa r . +.Pp +.Fn BN_mod_mul +multiplies +.Fa a +by +.Fa b +and finds the non-negative remainder respective to modulus +.Fa m +.Pq Li r=(a*b)%m . +.Fa r +may be the same +.Vt BIGNUM +as +.Fa a +or +.Fa b . +For more efficient algorithms for repeated computations using the same +modulus, see +.Xr BN_mod_mul_montgomery 3 +and +.Xr BN_mod_mul_reciprocal 3 . +.Pp +.Fn BN_mod_sqr +takes the square of +.Fa a +modulo +.Fa m +and places the result in +.Fa r . +.Pp +.Fn BN_exp +raises +.Fa a +to the +.Fa p Ns -th +power and places the result in +.Fa r +.Pq Li r=a^p . +This function is faster than repeated applications of +.Fn BN_mul . +.Pp +.Fn BN_mod_exp +computes +.Fa a +to the +.Fa p Ns -th +power modulo +.Fa m +.Pq Li r=(a^p)%m . +This function uses less time and space than +.Fn BN_exp . +.Pp +.Fn BN_gcd +computes the greatest common divisor of +.Fa a +and +.Fa b +and places the result in +.Fa r . +.Fa r +may be the same +.Vt BIGNUM +as +.Fa a +or +.Fa b . +.Pp +For all functions, +.Fa ctx +is a previously allocated +.Vt BN_CTX +used for temporary variables; see +.Xr BN_CTX_new 3 . +.Pp +Unless noted otherwise, the result +.Vt BIGNUM +must be different from the arguments. +.Sh RETURN VALUES +For all functions, 1 is returned for success, 0 on error. +The return value should always be checked, for example: +.Pp +.Dl if (!BN_add(r,a,b)) goto err; +.Pp +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add_word 3 , +.Xr BN_CTX_new 3 , +.Xr BN_set_bit 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_add , +.Fn BN_sub , +.Fn BN_sqr , +.Fn BN_div , +.Fn BN_mod , +.Fn BN_mod_mul , +.Fn BN_mod_exp , +and +.Fn BN_gcd +are available in all versions of SSLeay and OpenSSL. +The +.Fa ctx +argument to +.Fn BN_mul +was added in SSLeay 0.9.1b. +.Fn BN_exp +appeared in SSLeay 0.9.0. +.Fn BN_nnmod , +.Fn BN_mod_add , +.Fn BN_mod_sub , +and +.Fn BN_mod_sqr +were added in OpenSSL 0.9.7. diff --git a/src/lib/libcrypto/man/BN_add_word.3 b/src/lib/libcrypto/man/BN_add_word.3 new file mode 100644 index 0000000000..930aae4d32 --- /dev/null +++ b/src/lib/libcrypto/man/BN_add_word.3 @@ -0,0 +1,123 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_ADD_WORD 3 +.Os +.Sh NAME +.Nm BN_add_word , +.Nm BN_sub_word , +.Nm BN_mul_word , +.Nm BN_div_word , +.Nm BN_mod_word +.Nd arithmetic functions on BIGNUMs with integers +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_add_word +.Fa "BIGNUM *a" +.Fa "BN_ULONG w" +.Fc +.Ft int +.Fo BN_sub_word +.Fa "BIGNUM *a" +.Fa "BN_ULONG w" +.Fc +.Ft int +.Fo BN_mul_word +.Fa "BIGNUM *a" +.Fa "BN_ULONG w" +.Fc +.Ft BN_ULONG +.Fo BN_div_word +.Fa "BIGNUM *a" +.Fa "BN_ULONG w" +.Fc +.Ft BN_ULONG +.Fo BN_mod_word +.Fa "const BIGNUM *a" +.Fa "BN_ULONG w" +.Fc +.Sh DESCRIPTION +These functions perform arithmetic operations on BIGNUMs with unsigned +integers. +They are much more efficient than the normal BIGNUM arithmetic +operations. +.Pp +.Fn BN_add_word +adds +.Fa w +to +.Fa a +.Pq Li a+=w . +.Pp +.Fn BN_sub_word +subtracts +.Fa w +from +.Fa a +.Pq Li a-=w . +.Pp +.Fn BN_mul_word +multiplies +.Fa a +and +.Fa w +.Pq Li a*=w . +.Pp +.Fn BN_div_word +divides +.Fa a +by +.Fa w +.Pq Li a/=w +and returns the remainder. +.Pp +.Fn BN_mod_word +returns the remainder of +.Fa a +divided by +.Fa w +.Pq Li a%w . +.Pp +For +.Fn BN_div_word +and +.Fn BN_mod_word , +.Fa w +must not be 0. +.Sh RETURN VALUES +.Fn BN_add_word , +.Fn BN_sub_word , +and +.Fn BN_mul_word +return 1 for success, 0 on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Pp +.Fn BN_mod_word +and +.Fn BN_div_word +return +.Fa a Ns % Ns Fa w +on success and +.Pq Vt BN_ULONG Ns -1 +if an error occurred. +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_add_word +and +.Fn BN_mod_word +are available in all versions of SSLeay and OpenSSL. +.Fn BN_div_word +was added in SSLeay 0.8, and +.Fn BN_sub_word +and +.Fn BN_mul_word +in SSLeay 0.9.0. +.Pp +Before 0.9.8a, the return value for +.Fn BN_div_word +and +.Fn BN_mod_word +in case of an error was 0. diff --git a/src/lib/libcrypto/man/BN_bn2bin.3 b/src/lib/libcrypto/man/BN_bn2bin.3 new file mode 100644 index 0000000000..02d6b2c8b8 --- /dev/null +++ b/src/lib/libcrypto/man/BN_bn2bin.3 @@ -0,0 +1,237 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_BN2BIN 3 +.Os +.Sh NAME +.Nm BN_bn2bin , +.Nm BN_bin2bn , +.Nm BN_bn2hex , +.Nm BN_bn2dec , +.Nm BN_hex2bn , +.Nm BN_dec2bn , +.Nm BN_print , +.Nm BN_print_fp , +.Nm BN_bn2mpi , +.Nm BN_mpi2bn +.Nd format conversions +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_bn2bin +.Fa "const BIGNUM *a" +.Fa "unsigned char *to" +.Fc +.Ft BIGNUM * +.Fo BN_bin2bn +.Fa "const unsigned char *s" +.Fa "int len" +.Fa "BIGNUM *ret" +.Fc +.Ft char * +.Fo BN_bn2hex +.Fa "const BIGNUM *a" +.Fc +.Ft char * +.Fo BN_bn2dec +.Fa "const BIGNUM *a" +.Fc +.Ft int +.Fo BN_hex2bn +.Fa "BIGNUM **a" +.Fa "const char *str" +.Fc +.Ft int +.Fo BN_dec2bn +.Fa "BIGNUM **a" +.Fa "const char *str" +.Fc +.Ft int +.Fo BN_print +.Fa "BIO *fp" +.Fa "const BIGNUM *a" +.Fc +.Ft int +.Fo BN_print_fp +.Fa "FILE *fp" +.Fa "const BIGNUM *a" +.Fc +.Ft int +.Fo BN_bn2mpi +.Fa "const BIGNUM *a" +.Fa "unsigned char *to" +.Fc +.Ft BIGNUM * +.Fo BN_mpi2bn +.Fa "unsigned char *s" +.Fa "int len" +.Fa "BIGNUM *ret" +.Fc +.Sh DESCRIPTION +.Fn BN_bn2bin +converts the absolute value of +.Fa a +into big-endian form and stores it at +.Fa to . +.Fa to +must point to +.Fn BN_num_bytes a +bytes of memory. +.Pp +.Fn BN_bin2bn +converts the positive integer in big-endian form of length +.Fa len +at +.Fa s +into a +.Vt BIGNUM +and places it in +.Fa ret . +If +.Fa ret +is +.Dv NULL , +a new +.Vt BIGNUM +is created. +.Pp +.Fn BN_bn2hex +and +.Fn BN_bn2dec +return printable strings containing the hexadecimal and decimal encoding of +.Fa a +respectively. +For negative numbers, the string is prefaced with a leading minus sign. +The string must be freed later using +.Xr free 3 . +.Pp +.Fn BN_hex2bn +converts the string +.Fa str +containing a hexadecimal number to a +.Vt BIGNUM +and stores it in +.Pf * Fa a . +If +.Pf * Fa a +is +.Dv NULL , +a new +.Vt BIGNUM +is created. +If +.Fa a +is +.Dv NULL , +it only computes the number's length in hexadecimal digits. +If the string starts with a minus sign, the number is negative. +.Fn BN_dec2bn +is the same using the decimal system. +.Pp +.Fn BN_print +and +.Fn BN_print_fp +write the hexadecimal encoding of +.Fa a , +with a leading minus sign for negative numbers, to the +.Vt BIO +or +.Vt FILE +.Fa fp . +.Pp +.Fn BN_bn2mpi +and +.Fn BN_mpi2bn +convert +.Vt BIGNUM Ns s +from and to a format that consists of the number's length in bytes +represented as a 4-byte big-endian number, and the number itself in +big-endian format, where the most significant bit signals a negative +number (the representation of numbers with the MSB set is prefixed with +a NUL byte). +.Pp +.Fn BN_bn2mpi +stores the representation of +.Fa a +at +.Fa to , +where +.Fa to +must be large enough to hold the result. +The size can be determined by calling +.Fn BN_bn2mpi a , NULL . +.Pp +.Fn BN_mpi2bn +converts the +.Fa len +bytes long representation at +.Fa s +to a +.Vt BIGNUM +and stores it at +.Fa ret , +or in a newly allocated +.Vt BIGNUM +if +.Fa ret +is +.Dv NULL . +.Sh RETURN VALUES +.Fn BN_bn2bin +returns the length of the big-endian number placed at +.Fa to . +.Fn BN_bin2bn +returns the +.Vt BIGNUM , +or +.Dv NULL +on error. +.Pp +.Fn BN_bn2hex +and +.Fn BN_bn2dec +return a NUL-terminated string, or +.Dv NULL +on error. +.Fn BN_hex2bn +and +.Fn BN_dec2bn +return the number's length in hexadecimal or decimal digits, and 0 on +error. +.Pp +.Fn BN_print_fp +and +.Fn BN_print +return 1 on success, 0 on write errors. +.Pp +.Fn BN_bn2mpi +returns the length of the representation. +.Fn BN_mpi2bn +returns the +.Vt BIGNUM , +or +.Dv NULL +on error. +.Pp +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr ASN1_INTEGER_to_BN 3 , +.Xr bn 3 , +.Xr BN_num_bytes 3 , +.Xr BN_zero 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_bn2bin , +.Fn BN_bin2bn , +.Fn BN_print_fp , +and +.Fn BN_print +are available in all versions of SSLeay and OpenSSL. +.Pp +.Fn BN_bn2hex , +.Fn BN_bn2dec , +.Fn BN_hex2bn , +.Fn BN_dec2bn , +.Fn BN_bn2mpi , +and +.Fn BN_mpi2bn +were added in SSLeay 0.9.0. diff --git a/src/lib/libcrypto/man/BN_cmp.3 b/src/lib/libcrypto/man/BN_cmp.3 new file mode 100644 index 0000000000..b0a03b25ce --- /dev/null +++ b/src/lib/libcrypto/man/BN_cmp.3 @@ -0,0 +1,99 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_CMP 3 +.Os +.Sh NAME +.Nm BN_cmp , +.Nm BN_ucmp , +.Nm BN_is_zero , +.Nm BN_is_one , +.Nm BN_is_word , +.Nm BN_is_odd +.Nd BIGNUM comparison and test functions +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_cmp +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fc +.Ft int +.Fo BN_ucmp +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fc +.Ft int +.Fo BN_is_zero +.Fa "BIGNUM *a" +.Fc +.Ft int +.Fo BN_is_one +.Fa "BIGNUM *a" +.Fc +.Ft int +.Fo BN_is_word +.Fa "BIGNUM *a" +.Fa "BN_ULONG w" +.Fc +.Ft int +.Fo BN_is_odd +.Fa "BIGNUM *a" +.Fc +.Sh DESCRIPTION +.Fn BN_cmp +compares the numbers +.Fa a +and +.Fa b . +.Fn BN_ucmp +compares their absolute values. +.Pp +.Fn BN_is_zero , +.Fn BN_is_one +and +.Fn BN_is_word +test if +.Fa a +equals 0, 1, or +.Fa w +respectively. +.Fn BN_is_odd +tests if a is odd. +.Pp +.Fn BN_is_zero , +.Fn BN_is_one , +.Fn BN_is_word , +and +.Fn BN_is_odd +are macros. +.Sh RETURN VALUES +.Fn BN_cmp +returns -1 if +.Fa a Ns < Ns Fa b , +0 if +.Fa a Ns == Ns Fa b , +and 1 if +.Fa a Ns > Ns Fa b . +.Fn BN_ucmp +is the same using the absolute values of +.Fa a +and +.Fa b . +.Pp +.Fn BN_is_zero , +.Fn BN_is_one , +.Fn BN_is_word , +and +.Fn BN_is_odd +return 1 if the condition is true, 0 otherwise. +.Sh SEE ALSO +.Xr bn 3 +.Sh HISTORY +.Fn BN_cmp , +.Fn BN_ucmp , +.Fn BN_is_zero , +.Fn BN_is_one +and +.Fn BN_is_word +are available in all versions of SSLeay and OpenSSL. +.Fn BN_is_odd +was added in SSLeay 0.8. diff --git a/src/lib/libcrypto/man/BN_copy.3 b/src/lib/libcrypto/man/BN_copy.3 new file mode 100644 index 0000000000..765e46c01c --- /dev/null +++ b/src/lib/libcrypto/man/BN_copy.3 @@ -0,0 +1,52 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_COPY 3 +.Os +.Sh NAME +.Nm BN_copy , +.Nm BN_dup +.Nd copy BIGNUMs +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BIGNUM * +.Fo BN_copy +.Fa "BIGNUM *to" +.Fa "const BIGNUM *from" +.Fc +.Ft BIGNUM * +.Fo BN_dup +.Fa "const BIGNUM *from" +.Fc +.Sh DESCRIPTION +.Fn BN_copy +copies +.Fa from +to +.Fa to . +.Fn BN_dup +creates a new +.Vt BIGNUM +containing the value +.Fa from . +.Sh RETURN VALUES +.Fn BN_copy +returns +.Fa to +on success, +.Dv NULL +on error. +.Fn BN_dup +returns the new +.Vt BIGNUM , +or +.Dv NULL +on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_copy +and +.Fn BN_dup +are available in all versions of SSLeay and OpenSSL. diff --git a/src/lib/libcrypto/man/BN_generate_prime.3 b/src/lib/libcrypto/man/BN_generate_prime.3 new file mode 100644 index 0000000000..e269571914 --- /dev/null +++ b/src/lib/libcrypto/man/BN_generate_prime.3 @@ -0,0 +1,289 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_GENERATE_PRIME 3 +.Os +.Sh NAME +.Nm BN_generate_prime_ex , +.Nm BN_is_prime_ex , +.Nm BN_is_prime_fasttest_ex , +.Nm BN_GENCB_call , +.Nm BN_GENCB_set_old , +.Nm BN_GENCB_set , +.Nm BN_generate_prime , +.Nm BN_is_prime , +.Nm BN_is_prime_fasttest +.Nd generate primes and test for primality +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_generate_prime_ex +.Fa "BIGNUM *ret" +.Fa "int bits" +.Fa "int safe" +.Fa "const BIGNUM *add" +.Fa "const BIGNUM *rem" +.Fa "BN_GENCB *cb" +.Fc +.Ft int +.Fo BN_is_prime_ex +.Fa "const BIGNUM *p" +.Fa "int nchecks" +.Fa "BN_CTX *ctx" +.Fa "BN_GENCB *cb" +.Fc +.Ft int +.Fo BN_is_prime_fasttest_ex +.Fa "const BIGNUM *p" +.Fa "int nchecks" +.Fa "BN_CTX *ctx" +.Fa "int do_trial_division" +.Fa "BN_GENCB *cb" +.Fc +.Ft int +.Fo BN_GENCB_call +.Fa "BN_GENCB *cb" +.Fa "int a" +.Fa "int b" +.Fc +.Fd #define BN_GENCB_set_old(gencb, callback, cb_arg) ... +.Fd #define BN_GENCB_set(gencb, callback, cb_arg) ... +.Pp +Deprecated: +.Pp +.Ft BIGNUM * +.Fo BN_generate_prime +.Fa "BIGNUM *ret" +.Fa "int num" +.Fa "int safe" +.Fa "BIGNUM *add" +.Fa "BIGNUM *rem" +.Fa "void (*callback)(int, int, void *)" +.Fa "void *cb_arg" +.Fc +.Ft int +.Fo BN_is_prime +.Fa "const BIGNUM *a" +.Fa "int checks" +.Fa "void (*callback)(int, int, void *)" +.Fa "BN_CTX *ctx" +.Fa "void *cb_arg" +.Fc +.Ft int +.Fo BN_is_prime_fasttest +.Fa "const BIGNUM *a" +.Fa "int checks" +.Fa "void (*callback)(int, int, void *)" +.Fa "BN_CTX *ctx" +.Fa "void *cb_arg" +.Fa "int do_trial_division" +.Fc +.Sh DESCRIPTION +.Fn BN_generate_prime_ex +generates a pseudo-random prime number of bit length +.Fa bits . +If +.Fa ret +is not +.Dv NULL , +it will be used to store the number. +.Pp +If +.Fa cb +is not +.Dv NULL , +it is used as follows: +.Bl -bullet +.It +.Fn BN_GENCB_call cb 0 i +is called after generating the i-th potential prime number. +.It +While the number is being tested for primality, +.Fn BN_GENCB_call cb 1 j +is called as described below. +.It +When a prime has been found, +.Fn BN_GENCB_call cb 2 i +is called. +.El +.Pp +The prime may have to fulfill additional requirements for use in +Diffie-Hellman key exchange: +.Pp +If +.Fa add +is not +.Dv NULL , +the prime will fulfill the condition p % +.Fa add +== +.Fa rem +(p % +.Fa add +== 1 if +.Fa rem +== +.Dv NULL ) +in order to suit a given generator. +.Pp +If +.Fa safe +is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 +is also prime). +.Pp +The prime number generation has a negligible error probability. +.Pp +.Fn BN_is_prime_ex +and +.Fn BN_is_prime_fasttest_ex +test if the number +.Fa p +is prime. +The following tests are performed until one of them shows that +.Fa p +is composite; if +.Fa p +passes all these tests, it is considered prime. +.Pp +.Fn BN_is_prime_fasttest_ex , +when called with +.Fa do_trial_division +== 1, first attempts trial division by a number of small primes; +if no divisors are found by this test and +.Fa cb +is not +.Dv NULL , +.Sy BN_GENCB_call(cb, 1, -1) +is called. +If +.Fa do_trial_division +== 0, this test is skipped. +.Pp +Both +.Fn BN_is_prime_ex +and +.Fn BN_is_prime_fasttest_ex +perform a Miller-Rabin probabilistic primality test with +.Fa nchecks +iterations. +If +.Fa nchecks +== +.Dv BN_prime_checks , +a number of iterations is used that yields a false positive rate of at +most 2^-80 for random input. +.Pp +If +.Fa cb +is not +.Dv NULL , +.Fa BN_GENCB_call cb 1 j +is called after the j-th iteration (j = 0, 1, ...). +.Fa ctx +is a pre-allocated +.Vt BN_CTX +(to save the overhead of allocating and freeing the structure in a +loop), or +.Dv NULL . +.Pp +.Fn BN_GENCB_call +calls the callback function held in the +.Vt BN_GENCB +structure and passes the ints +.Fa a +and +.Fa b +as arguments. +There are two types of +.Vt BN_GENCB +structures that are supported: "new" style and "old" style. +New programs should prefer the "new" style, whilst the "old" style is +provided for backwards compatibility purposes. +.Pp +For "new" style callbacks a +.Vt BN_GENCB +structure should be initialised with a call to +.Fn BN_GENCB_set , +where +.Fa gencb +is a +.Vt BN_GENCB * , +.Fa callback +is of type +.Vt int (*callback)(int, int, BN_GENCB *) +and +.Fa cb_arg +is a +.Vt void * . +"Old" style callbacks are the same except they are initialised with a +call to +.Fn BN_GENCB_set_old +and +.Fa callback +is of type +.Vt void (*callback)(int, int, void *) . +.Pp +A callback is invoked through a call to +.Fn BN_GENCB_call . +This will check the type of the callback and will invoke +.Fn callback a b gencb +for new style callbacks or +.Fn callback a b cb_arg +for old style. +.Pp +.Fn BN_generate_prime +(deprecated) works in the same way as +.Fn BN_generate_prime_ex +but expects an old style callback function directly in the +.Fa callback +parameter, and an argument to pass to it in the +.Fa cb_arg . +Similarly +.Fn BN_is_prime +and +.Fn BN_is_prime_fasttest +are deprecated and can be compared to +.Fn BN_is_prime_ex +and +.Fn BN_is_prime_fasttest_ex +respectively. +.Sh RETURN VALUES +.Fn BN_generate_prime_ex +returns 1 on success or 0 on error. +.Pp +.Fn BN_is_prime_ex , +.Fn BN_is_prime_fasttest_ex , +.Fn BN_is_prime , +and +.Fn BN_is_prime_fasttest +return 0 if the number is composite, 1 if it is prime with an error +probability of less than +.Pf 0.25^ Fa nchecks , +and -1 on error. +.Pp +.Fn BN_generate_prime +returns the prime number on success, +.Dv NULL +otherwise. +.Pp +Callback functions should return 1 on success or 0 on error. +.Pp +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr ERR_get_error 3 , +.Xr rand 3 +.Sh HISTORY +The +.Fa cb_arg +arguments to +.Fn BN_generate_prime +and to +.Fn BN_is_prime +were added in SSLeay 0.9.0. +The +.Fa ret +argument to +.Fn BN_generate_prime +was added in SSLeay 0.9.1. +.Fn BN_is_prime_fasttest +was added in OpenSSL 0.9.5. diff --git a/src/lib/libcrypto/man/BN_mod_inverse.3 b/src/lib/libcrypto/man/BN_mod_inverse.3 new file mode 100644 index 0000000000..db63269fb8 --- /dev/null +++ b/src/lib/libcrypto/man/BN_mod_inverse.3 @@ -0,0 +1,59 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_MOD_INVERSE 3 +.Os +.Sh NAME +.Nm BN_mod_inverse +.Nd compute inverse modulo n +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BIGNUM * +.Fo BN_mod_inverse +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "const BIGNUM *n" +.Fa "BN_CTX *ctx" +.Fc +.Sh DESCRIPTION +.Fn BN_mod_inverse +computes the inverse of +.Fa a +modulo +.Fa n +add places the result in +.Fa r +.Pq Li (a*r)%n==1 . +If +.Fa r +is +.Dv NULL , +a new +.Vt BIGNUM +is created. +.Pp +.Fa ctx +is a previously allocated +.Vt BN_CTX +used for temporary variables. +.Fa r +may be the same +.Vt BIGNUM +as +.Fa a +or +.Fa n . +.Sh RETURN VALUES +.Fn BN_mod_inverse +returns the +.Vt BIGNUM +containing the inverse, or +.Dv NULL +on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_mod_inverse +is available in all versions of SSLeay and OpenSSL. diff --git a/src/lib/libcrypto/man/BN_mod_mul_montgomery.3 b/src/lib/libcrypto/man/BN_mod_mul_montgomery.3 new file mode 100644 index 0000000000..ac120f3c02 --- /dev/null +++ b/src/lib/libcrypto/man/BN_mod_mul_montgomery.3 @@ -0,0 +1,181 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_MOD_MUL_MONTGOMERY 3 +.Os +.Sh NAME +.Nm BN_mod_mul_montgomery , +.Nm BN_MONT_CTX_new , +.Nm BN_MONT_CTX_init , +.Nm BN_MONT_CTX_free , +.Nm BN_MONT_CTX_set , +.Nm BN_MONT_CTX_copy , +.Nm BN_from_montgomery , +.Nm BN_to_montgomery +.Nd Montgomery multiplication +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BN_MONT_CTX * +.Fo BN_MONT_CTX_new +.Fa void +.Fc +.Ft void +.Fo BN_MONT_CTX_init +.Fa "BN_MONT_CTX *ctx" +.Fc +.Ft void +.Fo BN_MONT_CTX_free +.Fa "BN_MONT_CTX *mont" +.Fc +.Ft int +.Fo BN_MONT_CTX_set +.Fa "BN_MONT_CTX *mont" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft BN_MONT_CTX * +.Fo BN_MONT_CTX_copy +.Fa "BN_MONT_CTX *to" +.Fa "BN_MONT_CTX *from" +.Fc +.Ft int +.Fo BN_mod_mul_montgomery +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "BN_MONT_CTX *mont" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_from_montgomery +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BN_MONT_CTX *mont" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_to_montgomery +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BN_MONT_CTX *mont" +.Fa "BN_CTX *ctx" +.Fc +.Sh DESCRIPTION +These functions implement Montgomery multiplication. +They are used automatically when +.Xr BN_mod_exp 3 +is called with suitable input, but they may be useful when several +operations are to be performed using the same modulus. +.Pp +.Fn BN_MONT_CTX_new +allocates and initializes a +.Vt BN_MONT_CTX +structure. +.Fn BN_MONT_CTX_init +initializes an existing uninitialized +.Vt BN_MONT_CTX . +.Pp +.Fn BN_MONT_CTX_set +sets up the +.Fa mont +structure from the modulus +.Fa m +by precomputing its inverse and a value R. +.Pp +.Fn BN_MONT_CTX_copy +copies the +.Vt BN_MONT_CTX +.Fa from +to +.Fa to . +.Pp +.Fn BN_MONT_CTX_free +frees the components of the +.Vt BN_MONT_CTX , +and, if it was created by +.Fn BN_MONT_CTX_new , +also the structure itself. +.Pp +.Fn BN_mod_mul_montgomery +computes +.Pp +.D1 Mont Ns Po Fa a , Fa b Pc := Fa a No * Fa b No * R^-1 +.Pp +and places the result in +.Fa r . +.Pp +.Fn BN_from_montgomery +performs the Montgomery reduction +.Pp +.D1 Fa r No = Fa a No * R^-1. +.Pp +.Fn BN_to_montgomery +computes +.Pp +.D1 Mont Ns Po Fa a , No R^2 Pc = Fa a No * R . +.Pp +Note that +.Fa a +must be non-negative and smaller than the modulus. +.Pp +For all functions, +.Fa ctx +is a previously allocated +.Vt BN_CTX +used for temporary variables. +.Pp +The +.Vt BN_MONT_CTX +structure is defined as follows: +.Bd -literal +typedef struct bn_mont_ctx_st { + int ri; /* number of bits in R */ + BIGNUM RR; /* R^2 (used to convert to Montgomery form) */ + BIGNUM N; /* The modulus */ + BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 + * (Ni is only stored for bignum algorithm) */ + BN_ULONG n0; /* least significant word of Ni */ + int flags; +} BN_MONT_CTX; +.Ed +.Pp +.Fn BN_to_montgomery +is a macro. +.Pp +.Sy Warning: +The inputs must be reduced modulo +.Fa m , +otherwise the result will be outside the expected range. +.Sh RETURN VALUES +.Fn BN_MONT_CTX_new +returns the newly allocated +.Vt BN_MONT_CTX , +and +.Dv NULL +on error. +.Pp +.Fn BN_MONT_CTX_init +and +.Fn BN_MONT_CTX_free +return no values. +.Pp +For the other functions, 1 is returned for success, 0 on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add 3 , +.Xr BN_CTX_new 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_MONT_CTX_new , +.Fn BN_MONT_CTX_free , +.Fn BN_MONT_CTX_set , +.Fn BN_mod_mul_montgomery , +.Fn BN_from_montgomery +and +.Fn BN_to_montgomery +are available in all versions of SSLeay and OpenSSL. +.Pp +.Fn BN_MONT_CTX_init +and +.Fn BN_MONT_CTX_copy +were added in SSLeay 0.9.1b. diff --git a/src/lib/libcrypto/man/BN_mod_mul_reciprocal.3 b/src/lib/libcrypto/man/BN_mod_mul_reciprocal.3 new file mode 100644 index 0000000000..ceb1ffae5b --- /dev/null +++ b/src/lib/libcrypto/man/BN_mod_mul_reciprocal.3 @@ -0,0 +1,147 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_MOD_MUL_RECIPROCAL 3 +.Os +.Sh NAME +.Nm BN_mod_mul_reciprocal , +.Nm BN_div_recp , +.Nm BN_RECP_CTX_new , +.Nm BN_RECP_CTX_init , +.Nm BN_RECP_CTX_free , +.Nm BN_RECP_CTX_set +.Nd modular multiplication using reciprocal +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BN_RECP_CTX * +.Fo BN_RECP_CTX_new +.Fa void +.Fc +.Ft void +.Fo BN_RECP_CTX_init +.Fa "BN_RECP_CTX *recp" +.Fc +.Ft void +.Fo BN_RECP_CTX_free +.Fa "BN_RECP_CTX *recp" +.Fc +.Ft int +.Fo BN_RECP_CTX_set +.Fa "BN_RECP_CTX *recp" +.Fa "const BIGNUM *m" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_div_recp +.Fa "BIGNUM *dv" +.Fa "BIGNUM *rem" +.Fa "BIGNUM *a" +.Fa "BN_RECP_CTX *recp" +.Fa "BN_CTX *ctx" +.Fc +.Ft int +.Fo BN_mod_mul_reciprocal +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fa "BN_RECP_CTX *recp" +.Fa "BN_CTX *ctx" +.Fc +.Sh DESCRIPTION +.Fn BN_mod_mul_reciprocal +can be used to perform an efficient +.Xr BN_mod_mul 3 +operation when the operation will be performed repeatedly with the same +modulus. +It computes +.Fa r Ns =( Ns Fa a Ns * Ns Fa b Ns )% Ns Fa m +using +.Fa recp Ns =1/ Ns Fa m , +which is set as described below. +.Fa ctx +is a previously allocated +.Vt BN_CTX +used for temporary variables. +.Pp +.Fn BN_RECP_CTX_new +allocates and initializes a +.Vt BN_RECP_CTX +structure. +.Fn BN_RECP_CTX_init +initializes an existing uninitialized +.Vt BN_RECP_CTX . +.Pp +.Fn BN_RECP_CTX_free +frees the components of the +.Vt BN_RECP_CTX , +and, if it was created by +.Fn BN_RECP_CTX_new , +also the structure itself. +.Pp +.Fn BN_RECP_CTX_set +stores +.Fa m +in +.Fa recp +and sets it up for computing +.Pf 1/ Fa m +and shifting it left by +.Fn BN_num_bits m Ns +1 +to make it an integer. +The result and the number of bits it was shifted left will later be +stored in +.Fa recp . +.Pp +.Fn BN_div_recp +divides +.Fa a +by +.Fa m +using +.Fa recp . +It places the quotient in +.Fa dv +and the remainder in +.Fa rem . +.Pp +The +.Vt BN_RECP_CTX +structure is defined as follows: +.Bd -literal +typedef struct bn_recp_ctx_st { + BIGNUM N; /* the divisor */ + BIGNUM Nr; /* the reciprocal */ + int num_bits; + int shift; + int flags; +} BN_RECP_CTX; +.Ed +.Pp +It cannot be shared between threads. +.Sh RETURN VALUES +.Fn BN_RECP_CTX_new +returns the newly allocated +.Vt BN_RECP_CTX , +or +.Dv NULL +on error. +.Pp +.Fn BN_RECP_CTX_init +and +.Fn BN_RECP_CTX_free +return no values. +.Pp +For the other functions, 1 is returned for success, 0 on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add 3 , +.Xr BN_CTX_new 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Vt BN_RECP_CTX +was added in SSLeay 0.9.0. +Before that, a function +.Fn BN_reciprocal +was used instead, and the +.Fn BN_mod_mul_reciprocal +arguments were different. diff --git a/src/lib/libcrypto/man/BN_new.3 b/src/lib/libcrypto/man/BN_new.3 new file mode 100644 index 0000000000..ad8ce886d9 --- /dev/null +++ b/src/lib/libcrypto/man/BN_new.3 @@ -0,0 +1,84 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_NEW 3 +.Os +.Sh NAME +.Nm BN_new , +.Nm BN_init , +.Nm BN_clear , +.Nm BN_free , +.Nm BN_clear_free +.Nd allocate and free BIGNUMs +.Sh SYNOPSIS +.In openssl/bn.h +.Ft BIGNUM * +.Fo BN_new +.Fa void +.Fc +.Ft void +.Fo BN_init +.Fa "BIGNUM *" +.Fc +.Ft void +.Fo BN_clear +.Fa "BIGNUM *a" +.Fc +.Ft void +.Fo BN_free +.Fa "BIGNUM *a" +.Fc +.Ft void +.Fo BN_clear_free +.Fa "BIGNUM *a" +.Fc +.Sh DESCRIPTION +.Fn BN_new +allocates and initializes a +.Vt BIGNUM +structure. +.Fn BN_init +initializes an existing uninitialized +.Vt BIGNUM . +.Pp +.Fn BN_clear +is used to destroy sensitive data such as keys when they are no longer +needed. +It erases the memory used by +.Fa a +and sets it to the value 0. +.Pp +.Fn BN_free +frees the components of the +.Vt BIGNUM , +and if it was created by +.Fn BN_new , +also the structure itself. +.Fn BN_clear_free +additionally overwrites the data before the memory is returned to the +system. +.Sh RETURN VALUES +.Fn BN_new +returns a pointer to the +.Vt BIGNUM . +If the allocation fails, it returns +.Dv NULL +and sets an error code that can be obtained by +.Xr ERR_get_error 3 . +.Pp +.Fn BN_init , +.Fn BN_clear , +.Fn BN_free , +and +.Fn BN_clear_free +return no values. +.Sh SEE ALSO +.Xr bn 3 , +.Xr ERR_get_error 3 +.Sh HISTORY +.Fn BN_new , +.Fn BN_clear , +.Fn BN_free , +and +.Fn BN_clear_free +are available in all versions on SSLeay and OpenSSL. +.Fn BN_init +was added in SSLeay 0.9.1b. diff --git a/src/lib/libcrypto/man/BN_num_bytes.3 b/src/lib/libcrypto/man/BN_num_bytes.3 new file mode 100644 index 0000000000..2d7be7e443 --- /dev/null +++ b/src/lib/libcrypto/man/BN_num_bytes.3 @@ -0,0 +1,76 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_NUM_BYTES 3 +.Os +.Sh NAME +.Nm BN_num_bits , +.Nm BN_num_bytes , +.Nm BN_num_bits_word +.Nd get BIGNUM size +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_num_bytes +.Fa "const BIGNUM *a" +.Fc +.Ft int +.Fo BN_num_bits +.Fa "const BIGNUM *a" +.Fc +.Ft int +.Fo BN_num_bits_word +.Fa "BN_ULONG w" +.Fc +.Sh DESCRIPTION +.Fn BN_num_bytes +returns the size of a +.Sy BIGNUM +in bytes. +.Pp +.Fn BN_num_bits_word +returns the number of significant bits in a word. +If we take 0x00000432 as an example, it returns 11, not 16, not 32. +Basically, except for a zero, it returns +.Pp +.D1 floor(log2( Ns Fa w ) ) No + 1 . +.Pp +.Fn BN_num_bits +returns the number of significant bits in a +.Sy BIGNUM , +following the same principle as +.Fn BN_num_bits_word . +.Pp +.Fn BN_num_bytes +is a macro. +.Sh RETURN VALUES +The size. +.Sh NOTES +Some have tried using +.Fn BN_num_bits +on individual numbers in RSA keys, DH keys and DSA keys, and found that +they don't always come up with the number of bits they expected +(something like 512, 1024, 2048, ...). This is because generating a +number with some specific number of bits doesn't always set the highest +bits, thereby making the number of +.Em significant +bits a little lower. +If you want to know the "key size" of such a key, either use functions +like +.Xr RSA_size 3 , +.Xr DH_size 3 , +and +.Xr DSA_size 3 , +or use +.Fn BN_num_bytes +and multiply with 8 (although there's no real guarantee that will match +the "key size", just a lot more probability). +.Sh SEE ALSO +.Xr bn 3 , +.Xr DH_size 3 , +.Xr DSA_size 3 , +.Xr RSA_size 3 +.Sh HISTORY +.Fn BN_num_bytes , +.Fn BN_num_bits , +and +.Fn BN_num_bits_word +are available in all versions of SSLeay and OpenSSL. diff --git a/src/lib/libcrypto/man/BN_rand.3 b/src/lib/libcrypto/man/BN_rand.3 new file mode 100644 index 0000000000..5ae9e9d791 --- /dev/null +++ b/src/lib/libcrypto/man/BN_rand.3 @@ -0,0 +1,93 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_RAND 3 +.Os +.Sh NAME +.Nm BN_rand , +.Nm BN_pseudo_rand , +.Nm BN_rand_range , +.Nm BN_pseudo_rand_range +.Nd generate pseudo-random number +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_rand +.Fa "BIGNUM *rnd" +.Fa "int bits" +.Fa "int top" +.Fa "int bottom" +.Fc +.Ft int +.Fo BN_pseudo_rand +.Fa "BIGNUM *rnd" +.Fa "int bits" +.Fa "int top" +.Fa "int bottom" +.Fc +.Ft int +.Fo BN_rand_range +.Fa "BIGNUM *rnd" +.Fa "BIGNUM *range" +.Fc +.Ft int +.Fo BN_pseudo_rand_range +.Fa "BIGNUM *rnd" +.Fa "BIGNUM *range" +.Fc +.Sh DESCRIPTION +.Fn BN_rand +generates a cryptographically strong pseudo-random number of +.Fa bits +bits in length and stores it in +.Fa rnd . +If +.Fa top +is -1, the most significant bit of the random number can be zero. +If +.Fa top +is 0, it is set to 1, and if +.Fa top +is 1, the two most significant bits of the number will be set to 1, so +that the product of two such random numbers will always have +.Pf 2* Fa bits +length. +If +.Fa bottom +is true, the number will be odd. +.Pp +.Fn BN_pseudo_rand +does the same, but pseudo-random numbers generated by this function are +not necessarily unpredictable. +They can be used for non-cryptographic purposes and for certain purposes +in cryptographic protocols, but usually not for key generation etc. +.Pp +.Fn BN_rand_range +generates a cryptographically strong pseudo-random number +.Fa rnd +in the range 0 <= +.Fa rnd No < Fa range . +.Fn BN_pseudo_rand_range +does the same, but is based on +.Fn BN_pseudo_rand , +and hence numbers generated by it are not necessarily unpredictable. +.Sh RETURN VALUES +The functions return 1 on success, 0 on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr ERR_get_error 3 , +.Xr rand 3 , +.Xr RAND_add 3 , +.Xr RAND_bytes 3 +.Sh HISTORY +.Fn BN_rand +is available in all versions of SSLeay and OpenSSL. +.Fn BN_pseudo_rand +was added in OpenSSL 0.9.5. +The +.Fa top +== -1 case and the function +.Fn BN_rand_range +were added in OpenSSL 0.9.6a. +.Fn BN_pseudo_rand_range +was added in OpenSSL 0.9.6c. diff --git a/src/lib/libcrypto/man/BN_set_bit.3 b/src/lib/libcrypto/man/BN_set_bit.3 new file mode 100644 index 0000000000..4a199cd0d0 --- /dev/null +++ b/src/lib/libcrypto/man/BN_set_bit.3 @@ -0,0 +1,157 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_SET_BIT 3 +.Os +.Sh NAME +.Nm BN_set_bit , +.Nm BN_clear_bit , +.Nm BN_is_bit_set , +.Nm BN_mask_bits , +.Nm BN_lshift , +.Nm BN_lshift1 , +.Nm BN_rshift , +.Nm BN_rshift1 +.Nd bit operations on BIGNUMs +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_set_bit +.Fa "BIGNUM *a" +.Fa "int n" +.Fc +.Ft int +.Fo BN_clear_bit +.Fa "BIGNUM *a" +.Fa "int n" +.Fc +.Ft int +.Fo BN_is_bit_set +.Fa "const BIGNUM *a" +.Fa "int n" +.Fc +.Ft int +.Fo BN_mask_bits +.Fa "BIGNUM *a" +.Fa "int n" +.Fc +.Ft int +.Fo BN_lshift +.Fa "BIGNUM *r" +.Fa "const BIGNUM *a" +.Fa "int n" +.Fc +.Ft int +.Fo BN_lshift1 +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fc +.Ft int +.Fo BN_rshift +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fa "int n" +.Fc +.Ft int +.Fo BN_rshift1 +.Fa "BIGNUM *r" +.Fa "BIGNUM *a" +.Fc +.Sh DESCRIPTION +.Fn BN_set_bit +sets bit +.Fa n +in +.Fa a +to 1 +.Pq Li a|=(1<>n) . +An error occurs if +.Fa a +already is shorter than +.Fa n +bits. +.Pp +.Fn BN_lshift +shifts +.Fa a +left by +.Fa n +bits and places the result in +.Fa r +.Pq Li r=a*2^n . +.Fn BN_lshift1 +shifts +.Fa a +left by one and places the result in +.Fa r +.Pq Li r=2*a . +.Pp +.Fn BN_rshift +shifts +.Fa a +right by +.Fa n +bits and places the result in +.Fa r +.Pq Li r=a/2^n . +.Fn BN_rshift1 +shifts +.Fa a +right by one and places the result in +.Fa r +.Pq Li r=a/2 . +.Pp +For the shift functions, +.Fa r +and +.Fa a +may be the same variable. +.Sh RETURN VALUES +.Fn BN_is_bit_set +returns 1 if the bit is set, 0 otherwise. +.Pp +All other functions return 1 for success, 0 on error. +The error codes can be obtained by +.Xr ERR_get_error 3 . +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_add 3 , +.Xr BN_num_bytes 3 +.Sh HISTORY +.Fn BN_set_bit , +.Fn BN_clear_bit , +.Fn BN_is_bit_set , +.Fn BN_mask_bits , +.Fn BN_lshift , +.Fn BN_lshift1 , +.Fn BN_rshift , +and +.Fn BN_rshift1 +are available in all versions of SSLeay and OpenSSL. diff --git a/src/lib/libcrypto/man/BN_swap.3 b/src/lib/libcrypto/man/BN_swap.3 new file mode 100644 index 0000000000..b252261067 --- /dev/null +++ b/src/lib/libcrypto/man/BN_swap.3 @@ -0,0 +1,23 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_SWAP 3 +.Os +.Sh NAME +.Nm BN_swap +.Nd exchange BIGNUMs +.Sh SYNOPSIS +.In openssl/bn.h +.Ft void +.Fo BN_swap +.Fa "BIGNUM *a" +.Fa "BIGNUM *b" +.Fc +.Sh DESCRIPTION +.Fn BN_swap +exchanges the values of +.Fa a +and +.Fa b . +.Sh SEE ALSO +.Xr bn 3 +.Sh HISTORY +BN_swap was added in OpenSSL 0.9.7. diff --git a/src/lib/libcrypto/man/BN_zero.3 b/src/lib/libcrypto/man/BN_zero.3 new file mode 100644 index 0000000000..adfd6a0c65 --- /dev/null +++ b/src/lib/libcrypto/man/BN_zero.3 @@ -0,0 +1,101 @@ +.Dd $Mdocdate: February 23 2015 $ +.Dt BN_ZERO 3 +.Os +.Sh NAME +.Nm BN_zero , +.Nm BN_one , +.Nm BN_value_one , +.Nm BN_set_word , +.Nm BN_get_word +.Nd BIGNUM assignment operations +.Sh SYNOPSIS +.In openssl/bn.h +.Ft int +.Fo BN_zero +.Fa "BIGNUM *a" +.Fc +.Ft int +.Fo BN_one +.Fa "BIGNUM *a" +.Fc +.Ft const BIGNUM * +.Fo BN_value_one +.Fa void +.Fc +.Ft int +.Fo BN_set_word +.Fa "BIGNUM *a" +.Fa "unsigned long w" +.Fc +.Ft unsigned long +.Fo BN_get_word +.Fa "BIGNUM *a" +.Fc +.Sh DESCRIPTION +.Fn BN_zero , +.Fn BN_one , +and +.Fn BN_set_word +set +.Fa a +to the values 0, 1 and +.Fa w +respectively. +.Fn BN_zero +and +.Fn BN_one +are macros. +.Pp +.Fn BN_value_one +returns a +.Vt BIGNUM +constant of value 1. +This constant is useful for use in comparisons and assignment. +.Pp +.Fn BN_get_word +returns +.Fa a +if it can be represented as an +.Vt unsigned long . +.Sh RETURN VALUES +.Fn BN_get_word +returns the value +.Fa a , +or 0xffffffffL if +.Fa a +cannot be represented as an +.Vt unsigned long . +.Pp +.Fn BN_zero , +.Fn BN_one , +and +.Fn BN_set_word +return 1 on success, 0 otherwise. +.Fn BN_value_one +returns the constant. +.Sh SEE ALSO +.Xr bn 3 , +.Xr BN_bn2bin 3 +.Sh HISTORY +.Fn BN_zero , +.Fn BN_one , +and +.Fn BN_set_word +are available in all versions of SSLeay and OpenSSL. +.Fn BN_value_one +and +.Fn BN_get_word +were added in SSLeay 0.8. +.Pp +.Fn BN_value_one +was changed to return a true +.Vt const BIGNUM * +in OpenSSL 0.9.7. +.Sh BUGS +Someone might change the constant. +.Pp +If a +.Vt BIGNUM +is equal to 0xffffffffL it can be represented as an +.Vt unsigned long +but this value is also returned on error. diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index 2ac6e5b6f6..bce02f647f 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.18 2015/02/16 16:42:14 schwarze Exp $ +# $OpenBSD: Makefile,v 1.19 2015/02/23 17:43:24 schwarze Exp $ .include # for NOMAN @@ -33,8 +33,6 @@ MAN= \ BIO_s_socket.3 \ BIO_set_callback.3 \ BIO_should_retry.3 \ - -GENMAN= \ BN_BLINDING_new.3 \ BN_CTX_new.3 \ BN_CTX_start.3 \ @@ -53,6 +51,8 @@ GENMAN= \ BN_set_bit.3 \ BN_swap.3 \ BN_zero.3 \ + +GENMAN= \ BUF_MEM_new.3 \ CONF_modules_free.3 \ CONF_modules_load_file.3 \ diff --git a/src/lib/libssl/src/doc/crypto/BN_BLINDING_new.pod b/src/lib/libssl/src/doc/crypto/BN_BLINDING_new.pod deleted file mode 100644 index 1c586ac54e..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_BLINDING_new.pod +++ /dev/null @@ -1,115 +0,0 @@ -=pod - -=head1 NAME - -BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, -BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, -BN_BLINDING_get_thread_id, BN_BLINDING_set_thread_id, BN_BLINDING_thread_id, -BN_BLINDING_get_flags, BN_BLINDING_set_flags, -BN_BLINDING_create_param - blinding related BIGNUM functions. - -=head1 SYNOPSIS - - #include - - BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, - BIGNUM *mod); - void BN_BLINDING_free(BN_BLINDING *b); - int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx); - int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); - int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); - int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, - BN_CTX *ctx); - int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, - BN_CTX *ctx); - #ifndef OPENSSL_NO_DEPRECATED - unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *); - void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long); - #endif - CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *); - unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); - void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); - BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, - const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, - int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), - BN_MONT_CTX *m_ctx); - -=head1 DESCRIPTION - -BN_BLINDING_new() allocates a new B structure and copies -the B and B values into the newly created B object. - -BN_BLINDING_free() frees the B structure. - -BN_BLINDING_update() updates the B parameters by squaring -the B and B or, after specific number of uses and if the -necessary parameters are set, by re-creating the blinding parameters. - -BN_BLINDING_convert_ex() multiplies B with the blinding factor B. -If B is not NULL a copy the inverse blinding factor B will be -returned in B (this is useful if a B object is shared among -several threads). BN_BLINDING_invert_ex() multiplies B with the -inverse blinding factor B. If B is not NULL it will be used as -the inverse blinding. - -BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper -functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() -with B set to NULL. - -BN_BLINDING_thread_id() provides access to the B -object within the B structure. This is to help users -provide proper locking if needed for multi-threaded use. The "thread -id" object of a newly allocated B structure is -initialised to the thread id in which BN_BLINDING_new() was called. - -BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently -there are two supported flags: B and -B. B inhibits the -automatic update of the B parameters after each use -and B inhibits the automatic re-creation -of the B parameters after a fixed number of uses (currently -32). In newly allocated B objects no flags are set. -BN_BLINDING_set_flags() sets the B parameters flags. - -BN_BLINDING_create_param() creates new B parameters -using the exponent B and the modulus B. B and -B can be used to pass special functions for exponentiation -(normally BN_mod_exp_mont() and B). - -=head1 RETURN VALUES - -BN_BLINDING_new() returns the newly allocated B structure -or NULL in case of an error. - -BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), -BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on -success and 0 if an error occured. - -BN_BLINDING_thread_id() returns a pointer to the thread id object -within a B object. - -BN_BLINDING_get_flags() returns the currently set B flags -(a B value). - -BN_BLINDING_create_param() returns the newly created B -parameters or NULL on error. - -=head1 SEE ALSO - -L - -=head1 HISTORY - -BN_BLINDING_thread_id was first introduced in OpenSSL 1.0.0, and it -deprecates BN_BLINDING_set_thread_id and BN_BLINDING_get_thread_id. - -BN_BLINDING_convert_ex, BN_BLINDIND_invert_ex, BN_BLINDING_get_thread_id, -BN_BLINDING_set_thread_id, BN_BLINDING_set_flags, BN_BLINDING_get_flags -and BN_BLINDING_create_param were first introduced in OpenSSL 0.9.8 - -=head1 AUTHOR - -Nils Larsch for the OpenSSL project (http://www.openssl.org). - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_CTX_new.pod b/src/lib/libssl/src/doc/crypto/BN_CTX_new.pod deleted file mode 100644 index bbedbb1778..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_CTX_new.pod +++ /dev/null @@ -1,57 +0,0 @@ -=pod - -=head1 NAME - -BN_CTX_new, BN_CTX_init, BN_CTX_free - allocate and free BN_CTX structures - -=head1 SYNOPSIS - - #include - - BN_CTX *BN_CTX_new(void); - - void BN_CTX_free(BN_CTX *c); - -Deprecated: - - void BN_CTX_init(BN_CTX *c); - - -=head1 DESCRIPTION - -A B is a structure that holds B temporary variables used by -library functions. Since dynamic memory allocation to create Bs -is rather expensive when used in conjunction with repeated subroutine -calls, the B structure is used. - -BN_CTX_new() allocates and initializes a B -structure. - -BN_CTX_free() frees the components of the B, and if it was -created by BN_CTX_new(), also the structure itself. -If L has been used on the B, -L must be called before the B -may be freed by BN_CTX_free(). - -BN_CTX_init() (deprecated) initializes an existing uninitialized B. -This should not be used for new programs. Use BN_CTX_new() instead. - -=head1 RETURN VALUES - -BN_CTX_new() returns a pointer to the B. If the allocation fails, -it returns B and sets an error code that can be obtained by -L. - -BN_CTX_init() and BN_CTX_free() have no return values. - -=head1 SEE ALSO - -L, L, L, -L - -=head1 HISTORY - -BN_CTX_new() and BN_CTX_free() are available in all versions on SSLeay -and OpenSSL. BN_CTX_init() was added in SSLeay 0.9.1b. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_CTX_start.pod b/src/lib/libssl/src/doc/crypto/BN_CTX_start.pod deleted file mode 100644 index dfcefe1a88..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_CTX_start.pod +++ /dev/null @@ -1,52 +0,0 @@ -=pod - -=head1 NAME - -BN_CTX_start, BN_CTX_get, BN_CTX_end - use temporary BIGNUM variables - -=head1 SYNOPSIS - - #include - - void BN_CTX_start(BN_CTX *ctx); - - BIGNUM *BN_CTX_get(BN_CTX *ctx); - - void BN_CTX_end(BN_CTX *ctx); - -=head1 DESCRIPTION - -These functions are used to obtain temporary B variables from -a B (which can been created by using L) -in order to save the overhead of repeatedly creating and -freeing Bs in functions that are called from inside a loop. - -A function must call BN_CTX_start() first. Then, BN_CTX_get() may be -called repeatedly to obtain temporary Bs. All BN_CTX_get() -calls must be made before calling any other functions that use the -B as an argument. - -Finally, BN_CTX_end() must be called before returning from the function. -When BN_CTX_end() is called, the B pointers obtained from -BN_CTX_get() become invalid. - -=head1 RETURN VALUES - -BN_CTX_start() and BN_CTX_end() return no values. - -BN_CTX_get() returns a pointer to the B, or B on error. -Once BN_CTX_get() has failed, the subsequent calls will return B -as well, so it is sufficient to check the return value of the last -BN_CTX_get() call. In case of an error, an error code is set, which -can be obtained by L. - - -=head1 SEE ALSO - -L - -=head1 HISTORY - -BN_CTX_start(), BN_CTX_get() and BN_CTX_end() were added in OpenSSL 0.9.5. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_add.pod b/src/lib/libssl/src/doc/crypto/BN_add.pod deleted file mode 100644 index 15b28d8334..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_add.pod +++ /dev/null @@ -1,127 +0,0 @@ -=pod - -=head1 NAME - -BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, -BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd - -arithmetic operations on BIGNUMs - -=head1 SYNOPSIS - - #include - - int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); - - int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); - - int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); - - int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx); - - int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d, - BN_CTX *ctx); - - int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); - - int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); - - int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, - BN_CTX *ctx); - - int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, - BN_CTX *ctx); - - int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, - BN_CTX *ctx); - - int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); - - int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx); - - int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - - int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); - -=head1 DESCRIPTION - -BN_add() adds I and I and places the result in I (C). -I may be the same B as I or I. - -BN_sub() subtracts I from I and places the result in I (C). - -BN_mul() multiplies I and I and places the result in I (C). -I may be the same B as I or I. -For multiplication by powers of 2, use L. - -BN_sqr() takes the square of I and places the result in I -(C). I and I may be the same B. -This function is faster than BN_mul(r,a,a). - -BN_div() divides I by I and places the result in I and the -remainder in I (C). Either of I and I may -be B, in which case the respective value is not returned. -The result is rounded towards zero; thus if I is negative, the -remainder will be zero or negative. -For division by powers of 2, use BN_rshift(3). - -BN_mod() corresponds to BN_div() with I set to B. - -BN_nnmod() reduces I modulo I and places the non-negative -remainder in I. - -BN_mod_add() adds I to I modulo I and places the non-negative -result in I. - -BN_mod_sub() subtracts I from I modulo I and places the -non-negative result in I. - -BN_mod_mul() multiplies I by I and finds the non-negative -remainder respective to modulus I (C). I may be -the same B as I or I. For more efficient algorithms for -repeated computations using the same modulus, see -L and -L. - -BN_mod_sqr() takes the square of I modulo B and places the -result in I. - -BN_exp() raises I to the I

-th power and places the result in I -(C). This function is faster than repeated applications of -BN_mul(). - -BN_mod_exp() computes I to the I

-th power modulo I (C). This function uses less time and space than BN_exp(). - -BN_gcd() computes the greatest common divisor of I and I and -places the result in I. I may be the same B as I or -I. - -For all functions, I is a previously allocated B used for -temporary variables; see L. - -Unless noted otherwise, the result B must be different from -the arguments. - -=head1 RETURN VALUES - -For all functions, 1 is returned for success, 0 on error. The return -value should always be checked (e.g., C). -The error codes can be obtained by L. - -=head1 SEE ALSO - -L, L, -L, L, -L - -=head1 HISTORY - -BN_add(), BN_sub(), BN_sqr(), BN_div(), BN_mod(), BN_mod_mul(), -BN_mod_exp() and BN_gcd() are available in all versions of SSLeay and -OpenSSL. The I argument to BN_mul() was added in SSLeay -0.9.1b. BN_exp() appeared in SSLeay 0.9.0. -BN_nnmod(), BN_mod_add(), BN_mod_sub(), and BN_mod_sqr() were added in -OpenSSL 0.9.7. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_add_word.pod b/src/lib/libssl/src/doc/crypto/BN_add_word.pod deleted file mode 100644 index ba1026417d..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_add_word.pod +++ /dev/null @@ -1,61 +0,0 @@ -=pod - -=head1 NAME - -BN_add_word, BN_sub_word, BN_mul_word, BN_div_word, BN_mod_word - arithmetic -functions on BIGNUMs with integers - -=head1 SYNOPSIS - - #include - - int BN_add_word(BIGNUM *a, BN_ULONG w); - - int BN_sub_word(BIGNUM *a, BN_ULONG w); - - int BN_mul_word(BIGNUM *a, BN_ULONG w); - - BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w); - - BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w); - -=head1 DESCRIPTION - -These functions perform arithmetic operations on BIGNUMs with unsigned -integers. They are much more efficient than the normal BIGNUM -arithmetic operations. - -BN_add_word() adds B to B (C). - -BN_sub_word() subtracts B from B (C). - -BN_mul_word() multiplies B and B (C). - -BN_div_word() divides B by B (C) and returns the remainder. - -BN_mod_word() returns the remainder of B divided by B (C). - -For BN_div_word() and BN_mod_word(), B must not be 0. - -=head1 RETURN VALUES - -BN_add_word(), BN_sub_word() and BN_mul_word() return 1 for success, 0 on -error. The error codes can be obtained by L. - -BN_mod_word() and BN_div_word() return B%B on success and -B<(BN_ULONG)-1> if an error occurred. - -=head1 SEE ALSO - -L, L, L - -=head1 HISTORY - -BN_add_word() and BN_mod_word() are available in all versions of -SSLeay and OpenSSL. BN_div_word() was added in SSLeay 0.8, and -BN_sub_word() and BN_mul_word() in SSLeay 0.9.0. - -Before 0.9.8a the return value for BN_div_word() and BN_mod_word() -in case of an error was 0. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_bn2bin.pod b/src/lib/libssl/src/doc/crypto/BN_bn2bin.pod deleted file mode 100644 index 03b439c7b9..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_bn2bin.pod +++ /dev/null @@ -1,95 +0,0 @@ -=pod - -=head1 NAME - -BN_bn2bin, BN_bin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn, -BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions - -=head1 SYNOPSIS - - #include - - int BN_bn2bin(const BIGNUM *a, unsigned char *to); - BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret); - - char *BN_bn2hex(const BIGNUM *a); - char *BN_bn2dec(const BIGNUM *a); - int BN_hex2bn(BIGNUM **a, const char *str); - int BN_dec2bn(BIGNUM **a, const char *str); - - int BN_print(BIO *fp, const BIGNUM *a); - int BN_print_fp(FILE *fp, const BIGNUM *a); - - int BN_bn2mpi(const BIGNUM *a, unsigned char *to); - BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret); - -=head1 DESCRIPTION - -BN_bn2bin() converts the absolute value of B into big-endian form -and stores it at B. B must point to BN_num_bytes(B) bytes of -memory. - -BN_bin2bn() converts the positive integer in big-endian form of length -B at B into a B and places it in B. If B is -NULL, a new B is created. - -BN_bn2hex() and BN_bn2dec() return printable strings containing the -hexadecimal and decimal encoding of B respectively. For negative -numbers, the string is prefaced with a leading '-'. The string must be -freed later using free(). - -BN_hex2bn() converts the string B containing a hexadecimal number -to a B and stores it in **B. If *B is NULL, a new -B is created. If B is NULL, it only computes the number's -length in hexadecimal digits. If the string starts with '-', the -number is negative. BN_dec2bn() is the same using the decimal system. - -BN_print() and BN_print_fp() write the hexadecimal encoding of B, -with a leading '-' for negative numbers, to the B or B -B. - -BN_bn2mpi() and BN_mpi2bn() convert Bs from and to a format -that consists of the number's length in bytes represented as a 4-byte -big-endian number, and the number itself in big-endian format, where -the most significant bit signals a negative number (the representation -of numbers with the MSB set is prefixed with null byte). - -BN_bn2mpi() stores the representation of B at B, where B -must be large enough to hold the result. The size can be determined by -calling BN_bn2mpi(B, NULL). - -BN_mpi2bn() converts the B bytes long representation at B to -a B and stores it at B, or in a newly allocated B -if B is NULL. - -=head1 RETURN VALUES - -BN_bn2bin() returns the length of the big-endian number placed at B. -BN_bin2bn() returns the B, NULL on error. - -BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL -on error. BN_hex2bn() and BN_dec2bn() return the number's length in -hexadecimal or decimal digits, and 0 on error. - -BN_print_fp() and BN_print() return 1 on success, 0 on write errors. - -BN_bn2mpi() returns the length of the representation. BN_mpi2bn() -returns the B, and NULL on error. - -The error codes can be obtained by L. - -=head1 SEE ALSO - -L, L, L, -L, -L - -=head1 HISTORY - -BN_bn2bin(), BN_bin2bn(), BN_print_fp() and BN_print() are available -in all versions of SSLeay and OpenSSL. - -BN_bn2hex(), BN_bn2dec(), BN_hex2bn(), BN_dec2bn(), BN_bn2mpi() and -BN_mpi2bn() were added in SSLeay 0.9.0. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_cmp.pod b/src/lib/libssl/src/doc/crypto/BN_cmp.pod deleted file mode 100644 index 29df69631e..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_cmp.pod +++ /dev/null @@ -1,49 +0,0 @@ -=pod - -=head1 NAME - -BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM -comparison and test functions - -=head1 SYNOPSIS - - #include - - int BN_cmp(BIGNUM *a, BIGNUM *b); - int BN_ucmp(BIGNUM *a, BIGNUM *b); - - int BN_is_zero(BIGNUM *a); - int BN_is_one(BIGNUM *a); - int BN_is_word(BIGNUM *a, BN_ULONG w); - int BN_is_odd(BIGNUM *a); - -=head1 DESCRIPTION - -BN_cmp() compares the numbers B and B. BN_ucmp() compares their -absolute values. - -BN_is_zero(), BN_is_one() and BN_is_word() test if B equals 0, 1, -or B respectively. BN_is_odd() tests if a is odd. - -BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros. - -=head1 RETURN VALUES - -BN_cmp() returns -1 if B E B, 0 if B == B and 1 if -B E B. BN_ucmp() is the same using the absolute values -of B and B. - -BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if -the condition is true, 0 otherwise. - -=head1 SEE ALSO - -L - -=head1 HISTORY - -BN_cmp(), BN_ucmp(), BN_is_zero(), BN_is_one() and BN_is_word() are -available in all versions of SSLeay and OpenSSL. -BN_is_odd() was added in SSLeay 0.8. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_copy.pod b/src/lib/libssl/src/doc/crypto/BN_copy.pod deleted file mode 100644 index 388dd7df26..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_copy.pod +++ /dev/null @@ -1,34 +0,0 @@ -=pod - -=head1 NAME - -BN_copy, BN_dup - copy BIGNUMs - -=head1 SYNOPSIS - - #include - - BIGNUM *BN_copy(BIGNUM *to, const BIGNUM *from); - - BIGNUM *BN_dup(const BIGNUM *from); - -=head1 DESCRIPTION - -BN_copy() copies B to B. BN_dup() creates a new B -containing the value B. - -=head1 RETURN VALUES - -BN_copy() returns B on success, NULL on error. BN_dup() returns -the new B, and NULL on error. The error codes can be obtained -by L. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -BN_copy() and BN_dup() are available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_generate_prime.pod b/src/lib/libssl/src/doc/crypto/BN_generate_prime.pod deleted file mode 100644 index 0a95633d54..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_generate_prime.pod +++ /dev/null @@ -1,149 +0,0 @@ -=pod - -=head1 NAME - -BN_generate_prime, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call, -BN_GENCB_set_old, BN_GENCB_set, BN_generate_prime, BN_is_prime, -BN_is_prime_fasttest - generate primes and test for primality - -=head1 SYNOPSIS - - #include - - int BN_generate_prime_ex(BIGNUM *ret,int bits,int safe, const BIGNUM *add, - const BIGNUM *rem, BN_GENCB *cb); - - int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb); - - int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, - int do_trial_division, BN_GENCB *cb); - - int BN_GENCB_call(BN_GENCB *cb, int a, int b); - - #define BN_GENCB_set_old(gencb, callback, cb_arg) ... - - #define BN_GENCB_set(gencb, callback, cb_arg) ... - - -Deprecated: - -BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add, - BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg); - - int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int, - void *), BN_CTX *ctx, void *cb_arg); - - int BN_is_prime_fasttest(const BIGNUM *a, int checks, - void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg, - int do_trial_division); - -=head1 DESCRIPTION - -BN_generate_prime_ex() generates a pseudo-random prime number of -bit length B. -If B is not B, it will be used to store the number. - -If B is not B, it is used as follows: - -=over 4 - -=item * - -B is called after generating the i-th -potential prime number. - -=item * - -While the number is being tested for primality, -B is called as described below. - -=item * - -When a prime has been found, B is called. - -=back - -The prime may have to fulfill additional requirements for use in -Diffie-Hellman key exchange: - -If B is not B, the prime will fulfill the condition p % B -== B (p % B == 1 if B == B) in order to suit a given -generator. - -If B is true, it will be a safe prime (i.e. a prime p so -that (p-1)/2 is also prime). - -The prime number generation has a negligible error probability. - -BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number B

is -prime. The following tests are performed until one of them shows that -B

is composite; if B

passes all these tests, it is considered -prime. - -BN_is_prime_fasttest_ex(), when called with B, -first attempts trial division by a number of small primes; -if no divisors are found by this test and B is not B, -B is called. -If B, this test is skipped. - -Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin -probabilistic primality test with B iterations. If -B, a number of iterations is used that -yields a false positive rate of at most 2^-80 for random input. - -If B is not B, B is called -after the j-th iteration (j = 0, 1, ...). B is a -pre-allocated B (to save the overhead of allocating and -freeing the structure in a loop), or B. - -BN_GENCB_call calls the callback function held in the B structure -and passes the ints B and B as arguments. There are two types of -B structure that are supported: "new" style and "old" style. New -programs should prefer the "new" style, whilst the "old" style is provided -for backwards compatibility purposes. - -For "new" style callbacks a BN_GENCB structure should be initialised with a -call to BN_GENCB_set, where B is a B, B is of -type B and B is a B. -"Old" style callbacks are the same except they are initialised with a call -to BN_GENCB_set_old and B is of type -B. - -A callback is invoked through a call to B. This will check -the type of the callback and will invoke B for new -style callbacks or B for old style. - -BN_generate_prime (deprecated) works in the same way as -BN_generate_prime_ex but expects an old style callback function -directly in the B parameter, and an argument to pass to it in -the B. Similarly BN_is_prime and BN_is_prime_fasttest are -deprecated and can be compared to BN_is_prime_ex and -BN_is_prime_fasttest_ex respectively. - -=head1 RETURN VALUES - -BN_generate_prime_ex() returns 1 on success or 0 on error. - -BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and -BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is -prime with an error probability of less than 0.25^B, and --1 on error. - -BN_generate_prime() returns the prime number on success, B otherwise. - -Callback functions should return 1 on success or 0 on error. - -The error codes can be obtained by L. - -=head1 SEE ALSO - -L, L, L - -=head1 HISTORY - -The B arguments to BN_generate_prime() and to BN_is_prime() -were added in SSLeay 0.9.0. The B argument to BN_generate_prime() -was added in SSLeay 0.9.1. -BN_is_prime_fasttest() was added in OpenSSL 0.9.5. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_mod_inverse.pod b/src/lib/libssl/src/doc/crypto/BN_mod_inverse.pod deleted file mode 100644 index aefb1d27dd..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_mod_inverse.pod +++ /dev/null @@ -1,36 +0,0 @@ -=pod - -=head1 NAME - -BN_mod_inverse - compute inverse modulo n - -=head1 SYNOPSIS - - #include - - BIGNUM *BN_mod_inverse(BIGNUM *r, BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx); - -=head1 DESCRIPTION - -BN_mod_inverse() computes the inverse of B modulo B -places the result in B (C<(a*r)%n==1>). If B is NULL, -a new B is created. - -B is a previously allocated B used for temporary -variables. B may be the same B as B or B. - -=head1 RETURN VALUES - -BN_mod_inverse() returns the B containing the inverse, and NULL on -error. The error codes can be obtained by L. - -=head1 SEE ALSO - -L, L, L - -=head1 HISTORY - -BN_mod_inverse() is available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_mod_mul_montgomery.pod b/src/lib/libssl/src/doc/crypto/BN_mod_mul_montgomery.pod deleted file mode 100644 index 6b16351b92..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_mod_mul_montgomery.pod +++ /dev/null @@ -1,101 +0,0 @@ -=pod - -=head1 NAME - -BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_init, -BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy, -BN_from_montgomery, BN_to_montgomery - Montgomery multiplication - -=head1 SYNOPSIS - - #include - - BN_MONT_CTX *BN_MONT_CTX_new(void); - void BN_MONT_CTX_init(BN_MONT_CTX *ctx); - void BN_MONT_CTX_free(BN_MONT_CTX *mont); - - int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx); - BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from); - - int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b, - BN_MONT_CTX *mont, BN_CTX *ctx); - - int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, - BN_CTX *ctx); - - int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, - BN_CTX *ctx); - -=head1 DESCRIPTION - -These functions implement Montgomery multiplication. They are used -automatically when L is called with suitable input, -but they may be useful when several operations are to be performed -using the same modulus. - -BN_MONT_CTX_new() allocates and initializes a B structure. -BN_MONT_CTX_init() initializes an existing uninitialized B. - -BN_MONT_CTX_set() sets up the I structure from the modulus I -by precomputing its inverse and a value R. - -BN_MONT_CTX_copy() copies the B I to I. - -BN_MONT_CTX_free() frees the components of the B, and, if -it was created by BN_MONT_CTX_new(), also the structure itself. - -BN_mod_mul_montgomery() computes Mont(I,I):=I*I*R^-1 and places -the result in I. - -BN_from_montgomery() performs the Montgomery reduction I = I*R^-1. - -BN_to_montgomery() computes Mont(I,R^2), i.e. I*R. -Note that I must be non-negative and smaller than the modulus. - -For all functions, I is a previously allocated B used for -temporary variables. - -The B structure is defined as follows: - - typedef struct bn_mont_ctx_st - { - int ri; /* number of bits in R */ - BIGNUM RR; /* R^2 (used to convert to Montgomery form) */ - BIGNUM N; /* The modulus */ - BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 - * (Ni is only stored for bignum algorithm) */ - BN_ULONG n0; /* least significant word of Ni */ - int flags; - } BN_MONT_CTX; - -BN_to_montgomery() is a macro. - -=head1 RETURN VALUES - -BN_MONT_CTX_new() returns the newly allocated B, and NULL -on error. - -BN_MONT_CTX_init() and BN_MONT_CTX_free() have no return values. - -For the other functions, 1 is returned for success, 0 on error. -The error codes can be obtained by L. - -=head1 WARNING - -The inputs must be reduced modulo B, otherwise the result will be -outside the expected range. - -=head1 SEE ALSO - -L, L, L, -L - -=head1 HISTORY - -BN_MONT_CTX_new(), BN_MONT_CTX_free(), BN_MONT_CTX_set(), -BN_mod_mul_montgomery(), BN_from_montgomery() and BN_to_montgomery() -are available in all versions of SSLeay and OpenSSL. - -BN_MONT_CTX_init() and BN_MONT_CTX_copy() were added in SSLeay 0.9.1b. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_mod_mul_reciprocal.pod b/src/lib/libssl/src/doc/crypto/BN_mod_mul_reciprocal.pod deleted file mode 100644 index 74a216ddc2..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_mod_mul_reciprocal.pod +++ /dev/null @@ -1,81 +0,0 @@ -=pod - -=head1 NAME - -BN_mod_mul_reciprocal, BN_div_recp, BN_RECP_CTX_new, BN_RECP_CTX_init, -BN_RECP_CTX_free, BN_RECP_CTX_set - modular multiplication using -reciprocal - -=head1 SYNOPSIS - - #include - - BN_RECP_CTX *BN_RECP_CTX_new(void); - void BN_RECP_CTX_init(BN_RECP_CTX *recp); - void BN_RECP_CTX_free(BN_RECP_CTX *recp); - - int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx); - - int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *a, BN_RECP_CTX *recp, - BN_CTX *ctx); - - int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b, - BN_RECP_CTX *recp, BN_CTX *ctx); - -=head1 DESCRIPTION - -BN_mod_mul_reciprocal() can be used to perform an efficient -L operation when the operation will be performed -repeatedly with the same modulus. It computes B=(B*B)%B -using B=1/B, which is set as described below. B is a -previously allocated B used for temporary variables. - -BN_RECP_CTX_new() allocates and initializes a B structure. -BN_RECP_CTX_init() initializes an existing uninitialized B. - -BN_RECP_CTX_free() frees the components of the B, and, if it -was created by BN_RECP_CTX_new(), also the structure itself. - -BN_RECP_CTX_set() stores B in B and sets it up for computing -1/B and shifting it left by BN_num_bits(B)+1 to make it an -integer. The result and the number of bits it was shifted left will -later be stored in B. - -BN_div_recp() divides B by B using B. It places the quotient -in B and the remainder in B. - -The B structure is defined as follows: - - typedef struct bn_recp_ctx_st - { - BIGNUM N; /* the divisor */ - BIGNUM Nr; /* the reciprocal */ - int num_bits; - int shift; - int flags; - } BN_RECP_CTX; - -It cannot be shared between threads. - -=head1 RETURN VALUES - -BN_RECP_CTX_new() returns the newly allocated B, and NULL -on error. - -BN_RECP_CTX_init() and BN_RECP_CTX_free() have no return values. - -For the other functions, 1 is returned for success, 0 on error. -The error codes can be obtained by L. - -=head1 SEE ALSO - -L, L, L, -L - -=head1 HISTORY - -B was added in SSLeay 0.9.0. Before that, the function -BN_reciprocal() was used instead, and the BN_mod_mul_reciprocal() -arguments were different. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_new.pod b/src/lib/libssl/src/doc/crypto/BN_new.pod deleted file mode 100644 index ab7a105e3a..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_new.pod +++ /dev/null @@ -1,53 +0,0 @@ -=pod - -=head1 NAME - -BN_new, BN_init, BN_clear, BN_free, BN_clear_free - allocate and free BIGNUMs - -=head1 SYNOPSIS - - #include - - BIGNUM *BN_new(void); - - void BN_init(BIGNUM *); - - void BN_clear(BIGNUM *a); - - void BN_free(BIGNUM *a); - - void BN_clear_free(BIGNUM *a); - -=head1 DESCRIPTION - -BN_new() allocates and initializes a B structure. BN_init() -initializes an existing uninitialized B. - -BN_clear() is used to destroy sensitive data such as keys when they -are no longer needed. It erases the memory used by B and sets it -to the value 0. - -BN_free() frees the components of the B, and if it was created -by BN_new(), also the structure itself. BN_clear_free() additionally -overwrites the data before the memory is returned to the system. - -=head1 RETURN VALUES - -BN_new() returns a pointer to the B. If the allocation fails, -it returns B and sets an error code that can be obtained -by L. - -BN_init(), BN_clear(), BN_free() and BN_clear_free() have no return -values. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -BN_new(), BN_clear(), BN_free() and BN_clear_free() are available in -all versions on SSLeay and OpenSSL. BN_init() was added in SSLeay -0.9.1b. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_num_bytes.pod b/src/lib/libssl/src/doc/crypto/BN_num_bytes.pod deleted file mode 100644 index a6a2e3f819..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_num_bytes.pod +++ /dev/null @@ -1,57 +0,0 @@ -=pod - -=head1 NAME - -BN_num_bits, BN_num_bytes, BN_num_bits_word - get BIGNUM size - -=head1 SYNOPSIS - - #include - - int BN_num_bytes(const BIGNUM *a); - - int BN_num_bits(const BIGNUM *a); - - int BN_num_bits_word(BN_ULONG w); - -=head1 DESCRIPTION - -BN_num_bytes() returns the size of a B in bytes. - -BN_num_bits_word() returns the number of significant bits in a word. -If we take 0x00000432 as an example, it returns 11, not 16, not 32. -Basically, except for a zero, it returns I. - -BN_num_bits() returns the number of significant bits in a B, -following the same principle as BN_num_bits_word(). - -BN_num_bytes() is a macro. - -=head1 RETURN VALUES - -The size. - -=head1 NOTES - -Some have tried using BN_num_bits() on individual numbers in RSA keys, -DH keys and DSA keys, and found that they don't always come up with -the number of bits they expected (something like 512, 1024, 2048, -...). This is because generating a number with some specific number -of bits doesn't always set the highest bits, thereby making the number -of I bits a little lower. If you want to know the "key -size" of such a key, either use functions like RSA_size(), DH_size() -and DSA_size(), or use BN_num_bytes() and multiply with 8 (although -there's no real guarantee that will match the "key size", just a lot -more probability). - -=head1 SEE ALSO - -L, L, L, -L - -=head1 HISTORY - -BN_num_bytes(), BN_num_bits() and BN_num_bits_word() are available in -all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_rand.pod b/src/lib/libssl/src/doc/crypto/BN_rand.pod deleted file mode 100644 index 856f310077..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_rand.pod +++ /dev/null @@ -1,56 +0,0 @@ -=pod - -=head1 NAME - -BN_rand, BN_pseudo_rand, BN_rand_range, BN_pseudo_rand_range - generate pseudo-random number - -=head1 SYNOPSIS - - #include - - int BN_rand(BIGNUM *rnd, int bits, int top, int bottom); - - int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom); - - int BN_rand_range(BIGNUM *rnd, BIGNUM *range); - - int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range); - -=head1 DESCRIPTION - -BN_rand() generates a cryptographically strong pseudo-random number of -B bits in length and stores it in B. If B is -1, the -most significant bit of the random number can be zero. If B is 0, -it is set to 1, and if B is 1, the two most significant bits of -the number will be set to 1, so that the product of two such random -numbers will always have 2*B length. If B is true, the -number will be odd. - -BN_pseudo_rand() does the same, but pseudo-random numbers generated by -this function are not necessarily unpredictable. They can be used for -non-cryptographic purposes and for certain purposes in cryptographic -protocols, but usually not for key generation etc. - -BN_rand_range() generates a cryptographically strong pseudo-random -number B in the range 0 E= B E B. -BN_pseudo_rand_range() does the same, but is based on BN_pseudo_rand(), -and hence numbers generated by it are not necessarily unpredictable. - -=head1 RETURN VALUES - -The functions return 1 on success, 0 on error. -The error codes can be obtained by L. - -=head1 SEE ALSO - -L, L, L, -L, L - -=head1 HISTORY - -BN_rand() is available in all versions of SSLeay and OpenSSL. -BN_pseudo_rand() was added in OpenSSL 0.9.5. The B == -1 case -and the function BN_rand_range() were added in OpenSSL 0.9.6a. -BN_pseudo_rand_range() was added in OpenSSL 0.9.6c. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_set_bit.pod b/src/lib/libssl/src/doc/crypto/BN_set_bit.pod deleted file mode 100644 index b7c47b9b01..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_set_bit.pod +++ /dev/null @@ -1,66 +0,0 @@ -=pod - -=head1 NAME - -BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift, -BN_lshift1, BN_rshift, BN_rshift1 - bit operations on BIGNUMs - -=head1 SYNOPSIS - - #include - - int BN_set_bit(BIGNUM *a, int n); - int BN_clear_bit(BIGNUM *a, int n); - - int BN_is_bit_set(const BIGNUM *a, int n); - - int BN_mask_bits(BIGNUM *a, int n); - - int BN_lshift(BIGNUM *r, const BIGNUM *a, int n); - int BN_lshift1(BIGNUM *r, BIGNUM *a); - - int BN_rshift(BIGNUM *r, BIGNUM *a, int n); - int BN_rshift1(BIGNUM *r, BIGNUM *a); - -=head1 DESCRIPTION - -BN_set_bit() sets bit B in B to 1 (CEn)>). The -number is expanded if necessary. - -BN_clear_bit() sets bit B in B to 0 (CEn)>). An -error occurs if B is shorter than B bits. - -BN_is_bit_set() tests if bit B in B is set. - -BN_mask_bits() truncates B to an B bit number -(CEn)>). An error occurs if B already is -shorter than B bits. - -BN_lshift() shifts B left by B bits and places the result in -B (C). BN_lshift1() shifts B left by one and places -the result in B (C). - -BN_rshift() shifts B right by B bits and places the result in -B (C). BN_rshift1() shifts B right by one and places -the result in B (C). - -For the shift functions, B and B may be the same variable. - -=head1 RETURN VALUES - -BN_is_bit_set() returns 1 if the bit is set, 0 otherwise. - -All other functions return 1 for success, 0 on error. The error codes -can be obtained by L. - -=head1 SEE ALSO - -L, L, L - -=head1 HISTORY - -BN_set_bit(), BN_clear_bit(), BN_is_bit_set(), BN_mask_bits(), -BN_lshift(), BN_lshift1(), BN_rshift(), and BN_rshift1() are available -in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_swap.pod b/src/lib/libssl/src/doc/crypto/BN_swap.pod deleted file mode 100644 index 14097ca357..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_swap.pod +++ /dev/null @@ -1,25 +0,0 @@ -=pod - -=head1 NAME - -BN_swap - exchange BIGNUMs - -=head1 SYNOPSIS - - #include - - void BN_swap(BIGNUM *a, BIGNUM *b); - -=head1 DESCRIPTION - -BN_swap() exchanges the values of I and I. - -=head1 SEE ALSO - -L - -=head1 HISTORY - -BN_swap was added in OpenSSL 0.9.7. - -=cut diff --git a/src/lib/libssl/src/doc/crypto/BN_zero.pod b/src/lib/libssl/src/doc/crypto/BN_zero.pod deleted file mode 100644 index b555ec3988..0000000000 --- a/src/lib/libssl/src/doc/crypto/BN_zero.pod +++ /dev/null @@ -1,59 +0,0 @@ -=pod - -=head1 NAME - -BN_zero, BN_one, BN_value_one, BN_set_word, BN_get_word - BIGNUM assignment -operations - -=head1 SYNOPSIS - - #include - - int BN_zero(BIGNUM *a); - int BN_one(BIGNUM *a); - - const BIGNUM *BN_value_one(void); - - int BN_set_word(BIGNUM *a, unsigned long w); - unsigned long BN_get_word(BIGNUM *a); - -=head1 DESCRIPTION - -BN_zero(), BN_one() and BN_set_word() set B to the values 0, 1 and -B respectively. BN_zero() and BN_one() are macros. - -BN_value_one() returns a B constant of value 1. This constant -is useful for use in comparisons and assignment. - -BN_get_word() returns B, if it can be represented as an unsigned -long. - -=head1 RETURN VALUES - -BN_get_word() returns the value B, and 0xffffffffL if B cannot -be represented as an unsigned long. - -BN_zero(), BN_one() and BN_set_word() return 1 on success, 0 otherwise. -BN_value_one() returns the constant. - -=head1 BUGS - -Someone might change the constant. - -If a B is equal to 0xffffffffL it can be represented as an -unsigned long but this value is also returned on error. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -BN_zero(), BN_one() and BN_set_word() are available in all versions of -SSLeay and OpenSSL. BN_value_one() and BN_get_word() were added in -SSLeay 0.8. - -BN_value_one() was changed to return a true const BIGNUM * in OpenSSL -0.9.7. - -=cut -- cgit v1.2.3-55-g6feb