diff options
author | Ismo Puustinen <ismo.puustinen@intel.com> | 2015-08-07 22:14:47 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2015-08-28 11:22:34 -0400 |
commit | 1d7df236dcb4f7c95707110753e5e77b19b9a0aa (patch) | |
tree | 59c2b09e0a99518d70a358b4bfc21d102c02fda8 /doc | |
parent | a7cb67f4f2457724fbfbc39377f55c26f3aafa80 (diff) |
GH367: Fix dsa keygen for too-short seed
If the seed value for dsa key generation is too short (< qsize),
return an error. Also update the documentation.
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit f00a10b89734e84fe80f98ad9e2e77b557c701ae)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/crypto/DSA_generate_parameters.pod | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/doc/crypto/DSA_generate_parameters.pod b/doc/crypto/DSA_generate_parameters.pod index 16a67f22b0..7db1522d63 100644 --- a/doc/crypto/DSA_generate_parameters.pod +++ b/doc/crypto/DSA_generate_parameters.pod @@ -23,13 +23,12 @@ Deprecated: DSA_generate_parameters_ex() generates primes p and q and a generator g for use in the DSA and stores the result in B<dsa>. -B<bits> is the length of the prime to be generated; the DSS allows a -maximum of 1024 bits. +B<bits> is the length of the prime p to be generated. +For lengths under 2048 bits, the length of q is 160 bits; for lengths +at least 2048, it is set to 256 bits. -If B<seed> is B<NULL> or B<seed_len> E<lt> 20, the primes will be -generated at random. Otherwise, the seed is used to generate -them. If the given seed does not yield a prime q, a new random -seed is chosen and placed at B<seed>. +If B<seed> is NULL, the primes will be generated at random. +If B<seed_len> is less than the length of q, an error is returned. DSA_generate_parameters_ex() places the iteration count in *B<counter_ret> and a counter used for finding a generator in |