1 .\" $OpenBSD: BN_set_flags.3,v 1.3 2018/04/29 15:58:21 schwarze Exp $
3 .\" Copyright (c) 2017 Ingo Schwarze <schwarze@openbsd.org>
5 .\" Permission to use, copy, modify, and distribute this software for any
6 .\" purpose with or without fee is hereby granted, provided that the above
7 .\" copyright notice and this permission notice appear in all copies.
9 .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 .Dd $Mdocdate: April 29 2018 $
23 .Nd enable and inspect flags on BIGNUM objects
44 argument can contain zero or more of the following constants OR'ed
47 .It Dv BN_FLG_CONSTTIME
48 If this flag is set on the divident
63 .Xr BN_mod_inverse 3 ,
64 these functions select algorithms with an execution time independent
65 of the respective numbers, to avoid exposing sensitive information
66 to timing side-channel attacks.
68 This flag is off by default for
72 .It Dv BN_FLG_MALLOCED
77 will not only clear and free the components of
82 This flag is set internally by
84 Setting it manually on an existing
86 object is usually a bad idea and can cause calls to
89 .It Dv BN_FLG_STATIC_DATA
92 will neither clear nor free the memory used for storing the number.
93 Consequently, setting it manually on an existing
95 object is usually a terrible idea that can cause both disclosure
96 of secret data and memory leaks.
97 This flag is automatically set on the constant
101 and by the functions documented in
102 .Xr BN_get0_nist_prime_521 3 .
108 as a bitmask and returns those of the given flags that are set in
110 OR'ed together, or 0 if none of the given
115 argument has the same syntax as for
118 These functions are currently implemented as macros, but they are
119 likely to become real functions in the future when the
121 data type will be made opaque.
124 returns zero or more of the above constants, OR'ed together.
127 .Xr BN_mod_inverse 3 ,
134 first appeared in SSLeay 0.9.1 and have been available since
137 No public interface exists to clear a flag once it is set.
138 So think twice before using
148 neither fails nor operates in constant time, potentially allowing
149 timing side-channel attacks.
159 does not operate in constant time, potentially allowing
160 timing side-channel attacks.
167 fails instead of operating in constant time.