path: root/doc/man3/EVP_SignInit.pod
diff options
authorJung-uk Kim <jkim@FreeBSD.org>2019-09-10 17:40:53 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2019-09-10 17:40:53 +0000
commitfbc3ad1ae1976eb5f2bac351260f2c5ee255c27f (patch)
tree47b0480872069bf4f86022494c02f03c8064090d /doc/man3/EVP_SignInit.pod
parent55cff0339bb965074f300ecedc3f153ffb3e0fd3 (diff)
Import OpenSSL 1.1.1d.vendor/openssl/1.1.1d
Notes: svn path=/vendor-crypto/openssl/dist/; revision=352163 svn path=/vendor-crypto/openssl/1.1.1d/; revision=352164; tag=vendor/openssl/1.1.1d
Diffstat (limited to 'doc/man3/EVP_SignInit.pod')
1 files changed, 5 insertions, 4 deletions
diff --git a/doc/man3/EVP_SignInit.pod b/doc/man3/EVP_SignInit.pod
index 86fec82fb007..c26b7f7d5d22 100644
--- a/doc/man3/EVP_SignInit.pod
+++ b/doc/man3/EVP_SignInit.pod
@@ -66,9 +66,10 @@ The B<EVP> interface to digital signatures should almost always be used in
preference to the low level interfaces. This is because the code then becomes
transparent to the algorithm used and much more flexible.
-When signing with DSA private keys the random number generator must be seeded
-or the operation will fail. The random number generator does not need to be
-seeded for RSA signatures.
+When signing with DSA private keys the random number generator must be seeded.
+If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
+external circumstances (see L<RAND(7)>), the operation will fail.
+This requirement does not hold for RSA signatures.
The call to EVP_SignFinal() internally finalizes a copy of the digest context.
This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called
@@ -102,7 +103,7 @@ L<SHA1(3)>, L<dgst(1)>
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy