From: Bernd Edlinger Date: Wed, 10 Jul 2019 19:33:48 +0000 (+0200) Subject: Update documentation of BN_generate_prime_ex X-Git-Tag: OpenSSL_1_1_1f~9 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=186b50d24e6603460b987a15b4c15782b836a9a8;p=oweals%2Fopenssl.git Update documentation of BN_generate_prime_ex Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/9387) --- diff --git a/doc/man3/BN_generate_prime.pod b/doc/man3/BN_generate_prime.pod index 31fbc1ffa1..d26e0a99c8 100644 --- a/doc/man3/BN_generate_prime.pod +++ b/doc/man3/BN_generate_prime.pod @@ -52,7 +52,9 @@ Deprecated: BN_generate_prime_ex() generates a pseudo-random prime number of at least bit length B. The returned number is probably prime -with a negligible error. +with a negligible error. If B is B the returned prime +number will have exact bit length B with the top most two +bits set. If B is not B, it will be used to store the number. @@ -89,7 +91,9 @@ If B is not B, the prime will fulfill the condition p % B generator. If B is true, it will be a safe prime (i.e. a prime p so -that (p-1)/2 is also prime). +that (p-1)/2 is also prime). If B is true, and B == B +the condition will be p % B == 3. +It is recommended that B is a multiple of 4. The random generator must be seeded prior to calling BN_generate_prime_ex(). If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to