GH367: Fix dsa keygen for too-short seed

[openssl.git] / doc / crypto / DSA_generate_parameters.pod

diff --git a/doc/crypto/DSA_generate_parameters.pod b/doc/crypto/DSA_generate_parameters.pod
index be7c924ff8f971eefa18499b275b8df00971a81c..ae30824d5d2dcbab8ccd099e8c99fc688aa9ec97 100644 (file)
--- a/doc/crypto/DSA_generate_parameters.pod
+++ b/doc/crypto/DSA_generate_parameters.pod
@@ -17,13 +17,12 @@ DSA_generate_parameters - generate DSA parameters
 DSA_generate_parameters() generates primes p and q and a generator g
 for use in the DSA.
 
-B<bits> is the length of the prime to be generated; the DSS allows a
-maximum of 1024 bits.
+B<bits> is the length of the prime p to be generated.
+For lengths under 2048 bits, the length of q is 160 bits; for lengths
+at least 2048, it is set to 256 bits.
 
-If B<seed> is B<NULL> or B<seed_len> E<lt> 20, the primes will be
-generated at random. Otherwise, the seed is used to generate
-them. If the given seed does not yield a prime q, a new random
-seed is chosen and placed at B<seed>.
+If B<seed> is NULL, the primes will be generated at random.
+If B<seed_len> is less than the length of q, an error is returned.
 
 DSA_generate_parameters() places the iteration count in
 *B<counter_ret> and a counter used for finding a generator in