diff options
| author | Miod Vallat <miod@cvs.openbsd.org> | 2014-07-12 21:08:54 +0000 |
|---|---|---|
| committer | Miod Vallat <miod@cvs.openbsd.org> | 2014-07-12 21:08:54 +0000 |
| commit | 87d0030b4390fc11c03e99d66abe312363e749bd (patch) | |
| tree | 61db24b1382d2a35287f99a14f45e1219c284549 /lib | |
| parent | f1971430bcda69a1883d47c26fcdba1485efc478 (diff) | |
Remove this sentence:
``The probability that a randomly generated key is weak is -1/2^52,
so it is not really worth checking for them.''
This kind of naively optimistic attitude is not compatible with security.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libssl/src/doc/crypto/DES_set_key.pod | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/lib/libssl/src/doc/crypto/DES_set_key.pod b/lib/libssl/src/doc/crypto/DES_set_key.pod index d6a35eacd44..d1bd43c5927 100644 --- a/lib/libssl/src/doc/crypto/DES_set_key.pod +++ b/lib/libssl/src/doc/crypto/DES_set_key.pod @@ -114,7 +114,7 @@ consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process. -DES_random_key() generates a random key. +DES_random_key() generates a random key in odd parity. Before a DES key can be used, it must be converted into the architecture dependent I<DES_key_schedule> via the @@ -134,8 +134,7 @@ depend on a global variable. DES_set_odd_parity() sets the parity of the passed I<key> to odd. DES_is_weak_key() returns 1 is the passed key is a weak key, 0 if it -is ok. The probability that a randomly generated key is weak is -1/2^52, so it is not really worth checking for them. +is ok. The following routines mostly operate on an input and output stream of I<DES_cblock>s. |