diff options
author | Bodo Möller <bodo@openssl.org> | 2001-02-08 12:14:51 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2001-02-08 12:14:51 +0000 |
commit | 35ed8cb8b6655606c2be31d44be942f6724ba405 (patch) | |
tree | 23cb17587c9eba1277d885d28d70e39e6a319af0 /doc | |
parent | 7edc5ed90a55ecaf94ded491c99cfe930da9ba2a (diff) | |
download | openssl-35ed8cb8b6655606c2be31d44be942f6724ba405.tar.gz |
Integrate my implementation of a countermeasure against
Bleichenbacher's DSA attack. With this implementation, the expected
number of iterations never exceeds 2.
New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/crypto/BN_rand.pod | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/doc/crypto/BN_rand.pod b/doc/crypto/BN_rand.pod index dc93949246..e4c94e3d12 100644 --- a/doc/crypto/BN_rand.pod +++ b/doc/crypto/BN_rand.pod @@ -12,7 +12,7 @@ BN_rand, BN_pseudo_rand - generate pseudo-random number int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom); - int BN_rand_range(BIGNUM *rnd, BIGNUM *min, BIGNUM *max); + int BN_rand_range(BIGNUM *rnd, BIGNUM *min, BIGNUM *range); =head1 DESCRIPTION @@ -28,8 +28,8 @@ non-cryptographic purposes and for certain purposes in cryptographic protocols, but usually not for key generation etc. BN_rand_range() generates a cryptographically strong pseudo-random -number B<rnd> in the range B<min> E<lt>= B<rnd> E<lt> B<max>. B<min> -may be NULL, in that case 0 E<lt>= B<rnd> E<lt> B<max>. +number B<rnd> in the range B<min> E<lt>= B<rnd> E<lt> B<min> + B<range>. +B<min> may be NULL, in that case 0 E<lt>= B<rnd> E<lt> B<range>. The PRNG must be seeded prior to calling BN_rand() or BN_rand_range(). |