DragonFly On-Line Manual Pages
BN_SET_FLAGS(3) DragonFly Library Functions Manual BN_SET_FLAGS(3)
NAME
BN_set_flags, BN_get_flags -- enable and inspect flags on BIGNUM objects
SYNOPSIS
#include <openssl/bn.h>
void
BN_set_flags(BIGNUM *b, int flags);
int
BN_get_flags(const BIGNUM *b, int flags);
DESCRIPTION
BN_set_flags() enables the given flags on b. The flags argument can con-
tain zero or more of the following constants OR'ed together:
BN_FLG_CONSTTIME
If this flag is set on the divident a or the divisor d in
BN_div(3), on the exponent p in BN_mod_exp(3), or on the divisor
a or the modulus n in BN_mod_inverse(3), these functions select
algorithms with an execution time independent of the respective
numbers, to avoid exposing sensitive information to timing side-
channel attacks.
This flag is off by default for BIGNUM objects created with
BN_new(3).
BN_FLG_MALLOCED
If this flag is set, BN_free(3) and BN_clear_free(3) will not
only clear and free the components of b, but also b itself. This
flag is set internally by BN_new(3). Setting it manually on an
existing BIGNUM object is usually a bad idea and can cause calls
to free(3) with bogus arguments.
BN_FLG_STATIC_DATA
If this flag is set, BN_clear_free(3) will neither clear nor free
the memory used for storing the number. Consequently, setting it
manually on an existing BIGNUM object is usually a terrible idea
that can cause both disclosure of secret data and memory leaks.
This flag is automatically set on the constant BIGNUM objects
returned by BN_value_one(3) and by the functions documented in
BN_get0_nist_prime_521(3).
BN_get_flags() interpretes flags as a bitmask and returns those of the
given flags that are set in b, OR'ed together, or 0 if none of the given
flags is set. The flags argument has the same syntax as for
BN_set_flags().
These functions are currently implemented as macros, but they are likely
to become real functions in the future when the BIGNUM data type will be
made opaque.
RETURN VALUES
BN_get_flags() returns zero or more of the above constants, OR'ed
together.
SEE ALSO
BN_mod_exp(3), BN_mod_inverse(3), BN_new(3), BN_with_flags(3)
HISTORY
BN_set_flags() and BN_get_flags() first appeared in SSLeay 0.9.1 and have
been available since OpenBSD 2.6.
CAVEATS
No public interface exists to clear a flag once it is set. So think
twice before using BN_set_flags().
BUGS
Even if the BN_FLG_CONSTTIME flag is set on a or b, BN_gcd() neither
fails nor operates in constant time, potentially allowing timing side-
channel attacks.
Even if the BN_FLG_CONSTTIME flag is set on p, if the modulus m is even,
BN_mod_exp(3) does not operate in constant time, potentially allowing
timing side-channel attacks.
If BN_FLG_CONSTTIME is set on p, BN_exp() fails instead of operating in
constant time.
DragonFly 5.5 April 29, 2018 DragonFly 5.5