diff options
author | Miod Vallat <miod@cvs.openbsd.org> | 2014-07-09 17:36:59 +0000 |
---|---|---|
committer | Miod Vallat <miod@cvs.openbsd.org> | 2014-07-09 17:36:59 +0000 |
commit | 47e5bc95b140462d642af4aeec768154e1bdd5c5 (patch) | |
tree | f80ec12f2a67a99da8aef5176c53fbc82de08ad8 /lib/libssl | |
parent | caa5235235f2d6649e18ea5aa2971db9663734d0 (diff) |
Remove mention that the PRNG needs to be seeded before invoking some
functions.
Diffstat (limited to 'lib/libssl')
-rw-r--r-- | lib/libssl/src/doc/crypto/BN_generate_prime.pod | 1 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/BN_rand.pod | 2 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/DES_set_key.pod | 4 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/DH_generate_parameters.pod | 3 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/DSA_generate_key.pod | 2 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/DSA_sign.pod | 3 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod | 3 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod | 3 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/EVP_SealInit.pod | 3 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/EVP_SignInit.pod | 4 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/RSA_blinding_on.pod | 3 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/RSA_generate_key.pod | 3 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/RSA_padding_add_PKCS1_type_1.pod | 3 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/RSA_public_encrypt.pod | 2 | ||||
-rw-r--r-- | lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod | 3 |
15 files changed, 4 insertions, 38 deletions
diff --git a/lib/libssl/src/doc/crypto/BN_generate_prime.pod b/lib/libssl/src/doc/crypto/BN_generate_prime.pod index 04fc80df9c7..2c5e6fae0f6 100644 --- a/lib/libssl/src/doc/crypto/BN_generate_prime.pod +++ b/lib/libssl/src/doc/crypto/BN_generate_prime.pod @@ -55,7 +55,6 @@ generator. If B<safe> is true, it will be a safe prime (i.e. a prime p so that (p-1)/2 is also prime). -The PRNG must be seeded prior to calling BN_generate_prime(). The prime number generation has a negligible error probability. BN_is_prime() and BN_is_prime_fasttest() test if the number B<a> is diff --git a/lib/libssl/src/doc/crypto/BN_rand.pod b/lib/libssl/src/doc/crypto/BN_rand.pod index 81f93c2eb3a..70f435b2030 100644 --- a/lib/libssl/src/doc/crypto/BN_rand.pod +++ b/lib/libssl/src/doc/crypto/BN_rand.pod @@ -36,8 +36,6 @@ number B<rnd> in the range 0 <lt>= B<rnd> E<lt> B<range>. BN_pseudo_rand_range() does the same, but is based on BN_pseudo_rand(), and hence numbers generated by it are not necessarily unpredictable. -The PRNG must be seeded prior to calling BN_rand() or BN_rand_range(). - =head1 RETURN VALUES The functions return 1 on success, 0 on error. diff --git a/lib/libssl/src/doc/crypto/DES_set_key.pod b/lib/libssl/src/doc/crypto/DES_set_key.pod index b49545877ac..75638a149a8 100644 --- a/lib/libssl/src/doc/crypto/DES_set_key.pod +++ b/lib/libssl/src/doc/crypto/DES_set_key.pod @@ -114,9 +114,7 @@ consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process. -DES_random_key() generates a random key. The PRNG must be seeded -prior to using this function (see L<rand(3)|rand(3)>). If the PRNG -could not generate a secure key, 0 is returned. +DES_random_key() generates a random key. Before a DES key can be used, it must be converted into the architecture dependent I<DES_key_schedule> via the diff --git a/lib/libssl/src/doc/crypto/DH_generate_parameters.pod b/lib/libssl/src/doc/crypto/DH_generate_parameters.pod index d19e0217ee7..3832c25315a 100644 --- a/lib/libssl/src/doc/crypto/DH_generate_parameters.pod +++ b/lib/libssl/src/doc/crypto/DH_generate_parameters.pod @@ -17,8 +17,7 @@ DH_generate_parameters, DH_check - generate and check Diffie-Hellman parameters DH_generate_parameters() generates Diffie-Hellman parameters that can be shared among a group of users, and returns them in a newly -allocated B<DH> structure. The pseudo-random number generator must be -seeded prior to calling DH_generate_parameters(). +allocated B<DH> structure. B<prime_len> is the length in bits of the safe prime to be generated. B<generator> is a small number E<gt> 1, typically 2 or 5. diff --git a/lib/libssl/src/doc/crypto/DSA_generate_key.pod b/lib/libssl/src/doc/crypto/DSA_generate_key.pod index af83ccfaa16..069a05767cb 100644 --- a/lib/libssl/src/doc/crypto/DSA_generate_key.pod +++ b/lib/libssl/src/doc/crypto/DSA_generate_key.pod @@ -15,8 +15,6 @@ DSA_generate_key - generate DSA key pair DSA_generate_key() expects B<a> to contain DSA parameters. It generates a new key pair and stores it in B<a-E<gt>pub_key> and B<a-E<gt>priv_key>. -The PRNG must be seeded prior to calling DSA_generate_key(). - =head1 RETURN VALUE DSA_generate_key() returns 1 on success, 0 otherwise. diff --git a/lib/libssl/src/doc/crypto/DSA_sign.pod b/lib/libssl/src/doc/crypto/DSA_sign.pod index 97389e8ec88..4e78a713901 100644 --- a/lib/libssl/src/doc/crypto/DSA_sign.pod +++ b/lib/libssl/src/doc/crypto/DSA_sign.pod @@ -38,9 +38,6 @@ B<dsa> is the signer's public key. The B<type> parameter is ignored. -The PRNG must be seeded before DSA_sign() (or DSA_sign_setup()) -is called. - =head1 RETURN VALUES DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error. diff --git a/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod b/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod index 7aec6daeccd..e70b88a4a9a 100644 --- a/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod +++ b/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod @@ -56,9 +56,6 @@ and public key algorithms. This meant that "clone" digests such as EVP_dss1() needed to be used to sign using SHA1 and DSA. This is no longer necessary and the use of clone digest is now discouraged. -For some key types and parameters the random number generator must be seeded -or the operation will fail. - The call to EVP_DigestSignFinal() internally finalizes a copy of the digest context. This means that calls to EVP_DigestSignUpdate() and EVP_DigestSignFinal() can be called later to digest and sign additional data. diff --git a/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod b/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod index 60666bfddc3..9eebb15d223 100644 --- a/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod +++ b/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod @@ -56,9 +56,6 @@ and public key algorithms. This meant that "clone" digests such as EVP_dss1() needed to be used to sign using SHA1 and DSA. This is no longer necessary and the use of clone digest is now discouraged. -For some key types and parameters the random number generator must be seeded -or the operation will fail. - The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest context. This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can be called later to digest and verify additional data. diff --git a/lib/libssl/src/doc/crypto/EVP_SealInit.pod b/lib/libssl/src/doc/crypto/EVP_SealInit.pod index 172f210c64f..ff73a04fd96 100644 --- a/lib/libssl/src/doc/crypto/EVP_SealInit.pod +++ b/lib/libssl/src/doc/crypto/EVP_SealInit.pod @@ -55,9 +55,6 @@ failure. =head1 NOTES -Because a random secret key is generated the random number generator -must be seeded before calling EVP_SealInit(). - The public key must be RSA because it is the only OpenSSL public key algorithm that supports key transport. diff --git a/lib/libssl/src/doc/crypto/EVP_SignInit.pod b/lib/libssl/src/doc/crypto/EVP_SignInit.pod index 682724b1577..6ea6df655e4 100644 --- a/lib/libssl/src/doc/crypto/EVP_SignInit.pod +++ b/lib/libssl/src/doc/crypto/EVP_SignInit.pod @@ -60,10 +60,6 @@ digest algorithm must be used with the correct public key type. A list of algorithms and associated public key algorithms appears in L<EVP_DigestInit(3)|EVP_DigestInit(3)>. -When signing with DSA private keys the random number generator must be seeded -or the operation will fail. The random number generator does not need to be -seeded for RSA signatures. - The call to EVP_SignFinal() internally finalizes a copy of the digest context. This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called later to digest and sign additional data. diff --git a/lib/libssl/src/doc/crypto/RSA_blinding_on.pod b/lib/libssl/src/doc/crypto/RSA_blinding_on.pod index e6af8d4355b..33990207f79 100644 --- a/lib/libssl/src/doc/crypto/RSA_blinding_on.pod +++ b/lib/libssl/src/doc/crypto/RSA_blinding_on.pod @@ -21,8 +21,7 @@ must be used to protect the RSA operation from that attack. RSA_blinding_on() turns blinding on for key B<rsa> and generates a random blinding factor. B<ctx> is B<NULL> or a pre-allocated and -initialized B<BN_CTX>. The random number generator must be seeded -prior to calling RSA_blinding_on(). +initialized B<BN_CTX>. RSA_blinding_off() turns blinding off and frees the memory used for the blinding factor. diff --git a/lib/libssl/src/doc/crypto/RSA_generate_key.pod b/lib/libssl/src/doc/crypto/RSA_generate_key.pod index 52dbb14a537..867390884b4 100644 --- a/lib/libssl/src/doc/crypto/RSA_generate_key.pod +++ b/lib/libssl/src/doc/crypto/RSA_generate_key.pod @@ -14,8 +14,7 @@ RSA_generate_key - generate RSA key pair =head1 DESCRIPTION RSA_generate_key() generates a key pair and returns it in a newly -allocated B<RSA> structure. The pseudo-random number generator must -be seeded prior to calling RSA_generate_key(). +allocated B<RSA> structure. The modulus size will be B<num> bits, and the public exponent will be B<e>. Key sizes with B<num> E<lt> 1024 should be considered insecure. diff --git a/lib/libssl/src/doc/crypto/RSA_padding_add_PKCS1_type_1.pod b/lib/libssl/src/doc/crypto/RSA_padding_add_PKCS1_type_1.pod index b8f678fe729..1c90b2b44d2 100644 --- a/lib/libssl/src/doc/crypto/RSA_padding_add_PKCS1_type_1.pod +++ b/lib/libssl/src/doc/crypto/RSA_padding_add_PKCS1_type_1.pod @@ -85,9 +85,6 @@ simply copy the data =back -The random number generator must be seeded prior to calling -RSA_padding_add_xxx(). - RSA_padding_check_xxx() verifies that the B<fl> bytes at B<f> contain a valid encoding for a B<rsa_len> byte RSA key in the respective encoding method and stores the recovered data of at most B<tlen> bytes diff --git a/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod b/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod index ab0fe3b2cd1..4bbee53f09b 100644 --- a/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod +++ b/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod @@ -49,8 +49,6 @@ Encrypting user data directly with RSA is insecure. B<flen> must be less than RSA_size(B<rsa>) - 11 for the PKCS #1 v1.5 based padding modes, less than RSA_size(B<rsa>) - 41 for RSA_PKCS1_OAEP_PADDING and exactly RSA_size(B<rsa>) for RSA_NO_PADDING. -The random number generator must be seeded prior to calling -RSA_public_encrypt(). RSA_private_decrypt() decrypts the B<flen> bytes at B<from> using the private key B<rsa> and stores the plaintext in B<to>. B<to> must point diff --git a/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod b/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod index 315a9af9e88..664b46174bd 100644 --- a/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod +++ b/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod @@ -26,9 +26,6 @@ memory. B<dummy> is ignored. -The random number generator must be seeded prior to calling -RSA_sign_ASN1_OCTET_STRING(). - RSA_verify_ASN1_OCTET_STRING() verifies that the signature B<sigbuf> of size B<siglen> is the DER representation of a given octet string B<m> of size B<m_len>. B<dummy> is ignored. B<rsa> is the signer's |