summaryrefslogtreecommitdiffstats
path: root/doc/man3/DSA_generate_key.pod
diff options
context:
space:
mode:
authorDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>2019-06-27 10:12:08 +0200
committerDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>2019-06-27 14:39:07 +0200
commit262c00882a2fd7cf16672bf467a86f75b4098a7c (patch)
tree8145f67128e8db9c6a5d39f1da0017e8899231fb /doc/man3/DSA_generate_key.pod
parent0588be2e01c244c41b0215689f411a6223063fd7 (diff)
man: clarify the 'random number generator must be seeded' requirement
The manual pages require for some API functions that the 'random number generator must be seeded' before calling the function. Initially, this was meant literally, i.e. the OpenSSL CSPRNG had to be seeded manually before calling these functions. Since version 1.1.1, the CSPRNG is seeded automatically on first use, so it's not the responsibility of the programmer anymore. Still, he needs to be aware that the seeding might fail. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9257)
Diffstat (limited to 'doc/man3/DSA_generate_key.pod')
-rw-r--r--doc/man3/DSA_generate_key.pod4
1 files changed, 3 insertions, 1 deletions
diff --git a/doc/man3/DSA_generate_key.pod b/doc/man3/DSA_generate_key.pod
index 6dc2f79ac4..079c2fef18 100644
--- a/doc/man3/DSA_generate_key.pod
+++ b/doc/man3/DSA_generate_key.pod
@@ -15,7 +15,9 @@ DSA_generate_key - generate DSA key pair
DSA_generate_key() expects B<a> to contain DSA parameters. It generates
a new key pair and stores it in B<a-E<gt>pub_key> and B<a-E<gt>priv_key>.
-The PRNG must be seeded prior to calling DSA_generate_key().
+The random generator must be seeded prior to calling DSA_generate_key().
+If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
+external circumstances (see L<RAND(7)>), the operation will fail.
=head1 RETURN VALUES