X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=doc%2Fcrypto%2FBN_rand.pod;h=81f93c2eb3a4e5d64420678dee435bcd51dd27e5;hp=f0f3b4571ee83ca9cc6ef0d11a5007b96d6126f9;hb=c264592d690b0957e6ad2d25cd3c842383a5538e;hpb=dd8dec69b825c9fdafc26a200961702d850496b5

diff --git a/doc/crypto/BN_rand.pod b/doc/crypto/BN_rand.pod
index f0f3b4571e..81f93c2eb3 100644
--- a/doc/crypto/BN_rand.pod
+++ b/doc/crypto/BN_rand.pod
@@ -2,7 +2,7 @@
 
 =head1 NAME
 
-BN_rand - Generate pseudo-random number
+BN_rand, BN_pseudo_rand - generate pseudo-random number
 
 =head1 SYNOPSIS
 
@@ -10,27 +10,49 @@ BN_rand - Generate pseudo-random number
 
  int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
 
+ int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);
+
 =head1 DESCRIPTION
 
 BN_rand() generates a cryptographically strong pseudo-random number of
-B<bits> bits in length and stores it in B<rnd>. If B<top> is true, the
-two most significant bits of the number will be set to 1, so that the
-product of two such random numbers will always have 2*B<bits> length.
-If B<bottom> is true, the number will be odd.
+B<bits> bits in length and stores it in B<rnd>. If B<top> is -1, the
+most significant bit of the random number can be zero. If B<top> is 0,
+it is set to 1, and if B<top> is 1, the two most significant bits of
+the number will be set to 1, so that the product of two such random
+numbers will always have 2*B<bits> length.  If B<bottom> is true, the
+number will be odd.
+
+BN_pseudo_rand() does the same, but pseudo-random numbers generated by
+this function are not necessarily unpredictable. They can be used for
+non-cryptographic purposes and for certain purposes in cryptographic
+protocols, but usually not for key generation etc.
+
+BN_rand_range() generates a cryptographically strong pseudo-random
+number B<rnd> in the range 0 <lt>= B<rnd> E<lt> B<range>.
+BN_pseudo_rand_range() does the same, but is based on BN_pseudo_rand(),
+and hence numbers generated by it are not necessarily unpredictable.
 
-The PRNG must be seeded prior to calling BN_rand().
+The PRNG must be seeded prior to calling BN_rand() or BN_rand_range().
 
 =head1 RETURN VALUES
 
-BN_rand() returns 1 on success, 0 on error.
-The error codes can be obtained by ERR_get_error(3).
+The functions return 1 on success, 0 on error.
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-bn(3), err(3), rand(3), RAND_add(), RAND_bytes()
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
+L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)>
 
 =head1 HISTORY
 
 BN_rand() is available in all versions of SSLeay and OpenSSL.
+BN_pseudo_rand() was added in OpenSSL 0.9.5. The B<top> == -1 case
+and the function BN_rand_range() were added in OpenSSL 0.9.6a.
+BN_pseudo_rand_range() was added in OpenSSL 0.9.6c.
 
 =cut