man: clarify the 'random number generator must be seeded' requirement
authorDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Thu, 27 Jun 2019 08:12:08 +0000 (10:12 +0200)
committerDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Thu, 27 Jun 2019 12:39:07 +0000 (14:39 +0200)
commit262c00882a2fd7cf16672bf467a86f75b4098a7c
tree8145f67128e8db9c6a5d39f1da0017e8899231fb
parent0588be2e01c244c41b0215689f411a6223063fd7
man: clarify the 'random number generator must be seeded' requirement

The manual pages require for some API functions that the 'random number
generator must be seeded' before calling the function.  Initially, this
was meant literally, i.e. the OpenSSL CSPRNG had to be seeded manually
before calling these functions.

Since version 1.1.1, the CSPRNG is seeded automatically on first use,
so it's not the responsibility of the programmer anymore.  Still, he
needs to be aware that the seeding might fail.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9257)
13 files changed:
doc/man3/BN_generate_prime.pod
doc/man3/DES_random_key.pod
doc/man3/DSA_generate_key.pod
doc/man3/DSA_sign.pod
doc/man3/EVP_DigestSignInit.pod
doc/man3/EVP_DigestVerifyInit.pod
doc/man3/EVP_SealInit.pod
doc/man3/EVP_SignInit.pod
doc/man3/RSA_blinding_on.pod
doc/man3/RSA_generate_key.pod
doc/man3/RSA_padding_add_PKCS1_type_1.pod
doc/man3/RSA_sign_ASN1_OCTET_STRING.pod
doc/man7/RAND.pod