PKCS#1 signatures don't use randomness.

Add a note about the padding functions.

PKCS#1 signatures don't use randomness.
Add a note about the padding functions.
036c8d7e · Ulf Möller · 6a3fff5e · 036c8d7e · 036c8d7e · 036c8d7e
3 changed file
--- a/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
+++ b/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
@@ -46,9 +46,10 @@ padding
 =head1 DESCRIPTION

 The RSA_padding_xxx_xxx() functions are called from the RSA encrypt,
-decrypt, sign and verify functions.
+decrypt, sign and verify functions. Normally they should not be called
+from application programs.

-They can also be called directly to implement padding for other
+However, they can also be called directly to implement padding for other
 asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and
 RSA_padding_check_PKCS1_OAEP() may be used in an application combined
 with B<RSA_NO_PADDING> in order to implement OAEP with an encoding
@@ -72,7 +73,7 @@ PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)

 =item PKCS1_OAEP

-PKCS #1 EME-OAEP
+PKCS #1 v2.0 EME-OAEP

 =item SSLv23


--- a/doc/crypto/RSA_private_encrypt.pod
+++ b/doc/crypto/RSA_private_encrypt.pod
@@ -42,9 +42,6 @@ Signing user data directly with RSA is insecure.

 =back

-The random number generator must be seeded prior to calling
-RSA_private_encrypt().
-
 RSA_public_decrypt() recovers the message digest from the B<flen>
 bytes long signature at B<from> using the signer's public key
 B<rsa>. B<to> must point to a memory section large enough to hold the
@@ -62,7 +59,7 @@ obtained by ERR_get_error(3).

 =head1 SEE ALSO

-err(3), rand(3), rsa(3), RSA_sign(3), RSA_verify(3)
+err(3), rsa(3), RSA_sign(3), RSA_verify(3)

 =head1 HISTORY


--- a/doc/crypto/RSA_sign.pod
+++ b/doc/crypto/RSA_sign.pod
@@ -27,8 +27,6 @@ B<NID_md5>; see L<objects> for details. If B<type> is B<NID_md5_sha1>,
 an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding
 and no algorithm identifier) is created.

-The random number generator must be seeded prior to calling RSA_sign().
-
 RSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
 matches a given message digest B<m> of size B<m_len>. B<type> denotes
 the message digest algorithm that was used to generate the signature.
@@ -52,7 +50,7 @@ SSL, PKCS #1 v2.0

 =head1 SEE ALSO

-err(3), objects(3), rand(3), rsa(3), RSA_private_encrypt(3),
+err(3), objects(3), rsa(3), RSA_private_encrypt(3),
 RSA_public_decrypt(3)

 =head1 HISTORY