From: Ulf Möller Date: Wed, 12 Jan 2000 20:47:46 +0000 (+0000) Subject: PKCS#1 signatures don't use randomness. X-Git-Tag: OpenSSL_0_9_5beta1~290 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=036c8d7e7b68f0db9a6322599c6a5095a98670d1;p=openssl PKCS#1 signatures don't use randomness. Add a note about the padding functions. --- diff --git a/doc/crypto/RSA_padding_add_PKCS1_type_1.pod b/doc/crypto/RSA_padding_add_PKCS1_type_1.pod index 564ac02091..f5a453f8f0 100644 --- a/doc/crypto/RSA_padding_add_PKCS1_type_1.pod +++ b/doc/crypto/RSA_padding_add_PKCS1_type_1.pod @@ -46,9 +46,10 @@ padding =head1 DESCRIPTION The RSA_padding_xxx_xxx() functions are called from the RSA encrypt, -decrypt, sign and verify functions. +decrypt, sign and verify functions. Normally they should not be called +from application programs. -They can also be called directly to implement padding for other +However, they can also be called directly to implement padding for other asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() may be used in an application combined with B in order to implement OAEP with an encoding @@ -72,7 +73,7 @@ PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2) =item PKCS1_OAEP -PKCS #1 EME-OAEP +PKCS #1 v2.0 EME-OAEP =item SSLv23 diff --git a/doc/crypto/RSA_private_encrypt.pod b/doc/crypto/RSA_private_encrypt.pod index 59ab49d41f..92253815e5 100644 --- a/doc/crypto/RSA_private_encrypt.pod +++ b/doc/crypto/RSA_private_encrypt.pod @@ -42,9 +42,6 @@ Signing user data directly with RSA is insecure. =back -The random number generator must be seeded prior to calling -RSA_private_encrypt(). - RSA_public_decrypt() recovers the message digest from the B bytes long signature at B using the signer's public key B. B must point to a memory section large enough to hold the @@ -62,7 +59,7 @@ obtained by ERR_get_error(3). =head1 SEE ALSO -err(3), rand(3), rsa(3), RSA_sign(3), RSA_verify(3) +err(3), rsa(3), RSA_sign(3), RSA_verify(3) =head1 HISTORY diff --git a/doc/crypto/RSA_sign.pod b/doc/crypto/RSA_sign.pod index 81771ba574..509656096d 100644 --- a/doc/crypto/RSA_sign.pod +++ b/doc/crypto/RSA_sign.pod @@ -27,8 +27,6 @@ B; see L for details. If B is B, an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding and no algorithm identifier) is created. -The random number generator must be seeded prior to calling RSA_sign(). - RSA_verify() verifies that the signature B of size B matches a given message digest B of size B. B denotes the message digest algorithm that was used to generate the signature. @@ -52,7 +50,7 @@ SSL, PKCS #1 v2.0 =head1 SEE ALSO -err(3), objects(3), rand(3), rsa(3), RSA_private_encrypt(3), +err(3), objects(3), rsa(3), RSA_private_encrypt(3), RSA_public_decrypt(3) =head1 HISTORY