crypto/bn/bn_lcl.h for further details. It should be noted that for
the moment of this writing the code was tested only on Alpha. If
compiled with DEC C the C implementation exhibits 12% performance
improvement over the crypto/bn/asm/alpha.s (on EV56 box running
AlphaLinux). GNU C is (unfortunately) 8% behind the assembler
implementation. But it's OpenVMS Alpha users who *may* benefit most
as 'apps/openssl speed rsa' exhibits 6 (six) times performance
improvement over the original VMS bignum implementation. Where "*may*"
means "as soon as code is enabled though #define SIXTY_FOUR_BIT and
crypto/bn/asm/vms.mar is skipped."

primes (negligible for larger ones).

Submitted by: Martin Kraemer <martin.kraemer@mch.sni.de>

(including another problem in the s3_srvr.c state machine).

New function BN_pseudo_rand().
Use BN_prime_checks_size(BN_num_bits(w)) rounds of Miller-Rabin when
generating DSA primes (why not use BN_is_prime()?)

word-based algorithm we are using?)

Clean up bn_mont.c.

Tidy up CRYPTO_EX_DATA structures.

  because otherwise BN_rand will fail unless DEVRANDOM works,
  which causes the programs to dump core because they
  don't check the return value of BN_rand (and if they
  did, we still couldn't test anything).

- add comment to some files that appear not to be used at all.

returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.

Primes p where (p-1)/2 is prime too are called "safe", not "strong".

(created by bn_prime.pl, which now prints the copyright/license
note as found in bn_prime.h)

(bug reports keep coming in because that was still missing in 0.9.4)

problem was that one of the replacement routines had not been working since
SSLeay releases.  For now the offending routine has been replaced with
non-optimised assembler.  Even so, this now gives around 95% performance
improvement for 1024 bit RSA signs.

Submitted by: Lennart Bång, Bodo Möller