Sortix
current nightly

Sortix 1.1dev nightly manual

This manual documents Sortix 1.1dev nightly, a development build that has not been officially released. You can instead view this document in the latest official manual.

BN_ADD(3) Library Functions Manual BN_ADD(3)

BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add, BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd
arithmetic operations on BIGNUMs

#include <openssl/bn.h>
int
BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
int
BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
int
BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
int
BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
int
BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d, BN_CTX *ctx);
int
BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
int
BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
int
BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
int
BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
int
BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
int
BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
int
BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
int
BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx);
int
BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);

BN_add() adds a and b and places the result in r (r=a+b). r may be the same BIGNUM as a or b.
BN_sub() subtracts b from a and places the result in r (r=a-b). r may be the same BIGNUM as a or b.
BN_mul() multiplies a and b and places the result in r (r=a*b). r may be the same BIGNUM as a or b. For multiplication by powers of 2, use BN_lshift(3).
BN_sqr() takes the square of a and places the result in r (r=a^2). r and a may be the same BIGNUM. This function is faster than BN_mul(r, a, a).
BN_div() divides a by d and places the result in dv and the remainder in rem (dv=a/d, rem=a%d). If the flag BN_FLG_CONSTTIME is set on a or d, it operates in constant time. Either of dv and rem may be NULL, in which case the respective value is not returned. The result is rounded towards zero; thus if a is negative, the remainder will be zero or negative. For division by powers of 2, use BN_rshift(3).
BN_mod() corresponds to BN_div() with dv set to NULL. It is implemented as a macro.
BN_nnmod() reduces a modulo m and places the non-negative remainder in r.
BN_mod_add() adds a to b modulo m and places the non-negative result in r.
BN_mod_sub() subtracts b from a modulo m and places the non-negative result in r.
BN_mod_mul() multiplies a by b and finds the non-negative remainder respective to modulus m (r=(a*b)%m). r may be the same BIGNUM as a or b. For more efficient algorithms for repeated computations using the same modulus, see BN_mod_mul_montgomery(3) and BN_mod_mul_reciprocal(3).
BN_mod_sqr() takes the square of a modulo m and places the result in r.
BN_exp() raises a to the p-th power and places the result in r (r=a^p). This function is faster than repeated applications of BN_mul().
BN_mod_exp() computes a to the p-th power modulo m (r=(a^p)%m). If the flag BN_FLG_CONSTTIME is set on p, it operates in constant time. This function uses less time and space than BN_exp().
BN_gcd() computes the greatest common divisor of a and b and places the result in r. r may be the same BIGNUM as a or b.
For all functions, ctx is a previously allocated BN_CTX used for temporary variables; see BN_CTX_new(3).
Unless noted otherwise, the result BIGNUM must be different from the arguments.

For all functions, 1 is returned for success, 0 on error. The return value should always be checked, for example:
if (!BN_add(r,a,b)) goto err;
The error codes can be obtained by ERR_get_error(3).

BN_add_word(3), BN_CTX_new(3), BN_new(3), BN_set_bit(3), BN_set_flags(3), BN_set_negative(3)

BN_add(), BN_sub(), BN_mul(), BN_sqr(), BN_div(), BN_mod(), BN_mod_mul(), BN_mod_exp(), and BN_gcd() first appeared in SSLeay 0.5.1. BN_exp() first appeared in SSLeay 0.9.0. All these functions have been available since OpenBSD 2.4.
The ctx argument to BN_mul() was added in SSLeay 0.9.1 and OpenBSD 2.6.
BN_nnmod(), BN_mod_add(), BN_mod_sub(), and BN_mod_sqr() first appeared in OpenSSL 0.9.7 and have been available since OpenBSD 3.2.

Even if the BN_FLG_CONSTTIME flag is set on a or b, BN_gcd() neither fails nor operates in constant time, potentially allowing timing side-channel attacks.
Even if the BN_FLG_CONSTTIME flag is set on p, if the modulus m is even, BN_mod_exp() does not operate in constant time, potentially allowing timing side-channel attacks.
If BN_FLG_CONSTTIME is set on p, BN_exp() fails instead of operating in constant time.
April 29, 2018 Debian
Copyright 2011-2022 Jonas 'Sortie' Termansen and contributors.
Sortix is free software under the ISC license. 		#sortix on irc.sortix.org
@sortix_org