Document DSA and SHA.

New function BN_pseudo_rand().
Use BN_prime_checks_size(BN_num_bits(w)) rounds of Miller-Rabin when
generating DSA primes (why not use BN_is_prime()?)

1 files changed, 10 insertions, 2 deletions

diff --git a/doc/crypto/BN_rand.pod b/doc/crypto/BN_rand.pod
index 0f692684d2..47991b1abc 100644
--- a/doc/crypto/BN_rand.pod
+++ b/doc/crypto/BN_rand.pod
@@ -2,7 +2,7 @@
 
 =head1 NAME
 
-BN_rand - Generate pseudo-random number
+BN_rand, BN_rand_pseudo - Generate pseudo-random number
 
 =head1 SYNOPSIS
 
@@ -10,6 +10,8 @@ BN_rand - Generate pseudo-random number
 
  int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
 
+ int BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom);
+
 =head1 DESCRIPTION
 
 BN_rand() generates a cryptographically strong pseudo-random number of
@@ -18,11 +20,16 @@ two most significant bits of the number will be set to 1, so that the
 product of two such random numbers will always have 2*B<bits> length.
 If B<bottom> is true, the number will be odd.
 
+BN_pseudo_rand() does the same, but pseudo-random numbers generated by
+this function are not necessarily unpredictable. They can be used for
+non-cryptographic purposes and for certain purposes in cryptographic
+protocols, but usually not for key generation etc.
+
 The PRNG must be seeded prior to calling BN_rand().
 
 =head1 RETURN VALUES
 
-BN_rand() returns 1 on success, 0 on error.
+BN_rand() and BN_pseudo_rand() return 1 on success, 0 on error.
 The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
 
 =head1 SEE ALSO
@@ -33,5 +40,6 @@ L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)>
 =head1 HISTORY
 
 BN_rand() is available in all versions of SSLeay and OpenSSL.
+BN_pseudo_rand() was added in OpenSSL 0.9.5.
 
 =cut