Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
BN_SET_FLAGS(3)		 BSD Library Functions Manual	       BN_SET_FLAGS(3)

NAME
     BN_set_flags, BN_get_flags	-- enable and inspect flags on BIGNUM objects

SYNOPSIS
     #include <openssl/bn.h>

     void
     BN_set_flags(BIGNUM *b, int flags);

     int
     BN_get_flags(const	BIGNUM *b, int flags);

DESCRIPTION
     BN_set_flags() enables the	given flags on b.  The flags argument can con-
     tain zero or more of the following	constants OR'ed	together:

     BN_FLG_CONSTTIME
	     If	this flag is set on the	divident a in BN_div(3), on the	expo-
	     nent p in BN_mod_exp(3), or on the	divisor	a or the modulus n in
	     BN_mod_inverse(3),	these functions	prefer algorithms with an exe-
	     cution time independent of	the respective numbers,	to avoid ex-
	     posing sensitive information to timing attacks.

	     If	this flag is set on the	exponent p in BN_exp(3)	or if the mod-
	     ulus m is even for	BN_mod_exp(3), an error	occurs.

	     Various functions automatically set this flag on sensitive	data.
	     For example, the default implementations of DH_generate_key(3),
	     DSA_generate_key(3), and RSA_generate_key_ex(3) set it on the
	     generated private key.

     BN_FLG_MALLOCED
	     If	this flag is set, BN_free(3) and BN_clear_free(3) will not
	     only clear	and free the components	of b, but also b itself.  This
	     flag is set internally by BN_new(3).  Setting it manually on an
	     existing BIGNUM object is usually a bad idea and can cause	calls
	     to	free(3)	with bogus arguments.

     BN_FLG_STATIC_DATA
	     If	this flag is set, BN_clear_free(3) will	neither	clear nor free
	     the memory	used for storing the number.  Consequently, setting it
	     manually on an existing BIGNUM object is usually a	terrible idea
	     that can cause both disclosure of secret data and memory leaks.
	     This flag is automatically	set on the constant BIGNUM objects re-
	     turned by BN_value_one(3) and by the functions documented in
	     BN_get0_nist_prime_521(3).

     BN_get_flags() interpretes	flags as a bitmask and returns those of	the
     given flags that are set in b, OR'ed together, or 0 if none of the	given
     flags is set.  The	flags argument has the same syntax as for
     BN_set_flags().

     These functions are currently implemented as macros, but they are likely
     to	become real functions in the future when the BIGNUM data type will be
     made opaque.

RETURN VALUES
     BN_get_flags() returns zero or more of the	above constants, OR'ed to-
     gether.

SEE ALSO
     BN_mod_exp(3), BN_mod_inverse(3), BN_new(3), BN_with_flags(3)

CAVEATS
     No	public interface exists	to clear a flag	once it	is set.	 So think
     twice before using	BN_set_flags().

BSD			       January 30, 2017				   BSD

NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | SEE ALSO | CAVEATS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=BN_set_flags&sektion=3&manpath=FreeBSD+12.0-RELEASE+and+Ports>

home | help