=head1 NAME
-BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call,
-BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg,
-BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test
-for primality
+BN_generate_prime_ex2, BN_generate_prime_ex, BN_is_prime_ex,
+BN_is_prime_fasttest_ex, BN_GENCB_call, BN_GENCB_new, BN_GENCB_free,
+BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg, BN_generate_prime,
+BN_is_prime, BN_is_prime_fasttest - generate primes and test for primality
=head1 SYNOPSIS
#include <openssl/bn.h>
+ int BN_generate_prime_ex2(BIGNUM *ret, int bits, int safe,
+ const BIGNUM *add, const BIGNUM *rem, BN_GENCB *cb,
+ BN_CTX *ctx);
+
int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
const BIGNUM *rem, BN_GENCB *cb);
=head1 DESCRIPTION
-BN_generate_prime_ex() generates a pseudo-random prime number of
-at least bit length B<bits>. The returned number is probably prime
-with a negligible error.
+BN_generate_prime_ex2() generates a pseudo-random prime number of
+at least bit length B<bits> using the BN_CTX provided in B<ctx>. The value of
+B<ctx> must not be NULL.
+The returned number is probably prime with a negligible error.
If B<ret> is not B<NULL>, it will be used to store the number.
The random generator must be seeded prior to calling BN_generate_prime_ex().
If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
external circumstances (see L<RAND(7)>), the operation will fail.
+The random number generator configured for the OPENSSL_CTX associated with
+B<ctx> will be used.
+
+BN_generate_prime_ex() is the same as BN_generate_prime_ex2() except that no
+B<ctx> parameter is passed.
+In this case the random number generator associated with the default OPENSSL_CTX
+will be used.
BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number B<p> is
prime. The following tests are performed until one of them shows that