From 03b9393e15990f0e557e477e945cb5f334574696 Mon Sep 17 00:00:00 2001
From: Bernd Edlinger
Date: Wed, 10 Jul 2019 21:33:48 +0200
Subject: [PATCH] Update documentation of BN_generate_prime_ex
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/9309)
---
doc/man3/BN_generate_prime.pod | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/doc/man3/BN_generate_prime.pod b/doc/man3/BN_generate_prime.pod
index 5de646d916..6a3376b1fd 100644
--- a/doc/man3/BN_generate_prime.pod
+++ b/doc/man3/BN_generate_prime.pod
@@ -58,6 +58,8 @@ BN_generate_prime_ex2() generates a pseudo-random prime number of
at least bit length B using the BN_CTX provided in B. The value of
B must not be NULL.
The returned number is probably prime with a negligible error.
+If B is B the returned prime number will have exact bit
+length B with the top most two bits set.
If B is not B, it will be used to store the number.
@@ -94,7 +96,9 @@ If B is not B, the prime will fulfill the condition p % B
generator.
If B is true, it will be a safe prime (i.e. a prime p so
-that (p-1)/2 is also prime).
+that (p-1)/2 is also prime). If B is true, and B == B
+the condition will be p % B == 3.
+It is recommended that B is a multiple of 4.
The random generator must be seeded prior to calling BN_generate_prime_ex().
If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
@@ -218,7 +222,7 @@ and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.
=head1 COPYRIGHT
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
--
2.17.1