diff options
| author | miod <> | 2014-07-12 21:08:53 +0000 |
|---|---|---|
| committer | miod <> | 2014-07-12 21:08:53 +0000 |
| commit | c4c9f20d7b3d7f13656525bd09a2594ecb763d3c (patch) | |
| tree | 80119ffb5e296ca0a51831a267e083d2e7640715 /src/lib | |
| parent | 401d209b7bfa5cc946bfdcd2f24287ec1f34f117 (diff) | |
| download | openbsd-c4c9f20d7b3d7f13656525bd09a2594ecb763d3c.tar.gz openbsd-c4c9f20d7b3d7f13656525bd09a2594ecb763d3c.tar.bz2 openbsd-c4c9f20d7b3d7f13656525bd09a2594ecb763d3c.zip | |
Remove this sentence:
``The probability that a randomly generated key is weak is -1/2^52,
so it is not really worth checking for them.''
This kind of naively optimistic attitude is not compatible with security.
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/doc/DES_set_key.pod | 5 | ||||
| -rw-r--r-- | src/lib/libssl/src/doc/crypto/DES_set_key.pod | 5 |
2 files changed, 4 insertions, 6 deletions
diff --git a/src/lib/libcrypto/doc/DES_set_key.pod b/src/lib/libcrypto/doc/DES_set_key.pod index d6a35eacd4..d1bd43c592 100644 --- a/src/lib/libcrypto/doc/DES_set_key.pod +++ b/src/lib/libcrypto/doc/DES_set_key.pod | |||
| @@ -114,7 +114,7 @@ consists of 8 bytes with odd parity. The least significant bit in | |||
| 114 | each byte is the parity bit. The key schedule is an expanded form of | 114 | each byte is the parity bit. The key schedule is an expanded form of |
| 115 | the key; it is used to speed the encryption process. | 115 | the key; it is used to speed the encryption process. |
| 116 | 116 | ||
| 117 | DES_random_key() generates a random key. | 117 | DES_random_key() generates a random key in odd parity. |
| 118 | 118 | ||
| 119 | Before a DES key can be used, it must be converted into the | 119 | Before a DES key can be used, it must be converted into the |
| 120 | architecture dependent I<DES_key_schedule> via the | 120 | architecture dependent I<DES_key_schedule> via the |
| @@ -134,8 +134,7 @@ depend on a global variable. | |||
| 134 | DES_set_odd_parity() sets the parity of the passed I<key> to odd. | 134 | DES_set_odd_parity() sets the parity of the passed I<key> to odd. |
| 135 | 135 | ||
| 136 | DES_is_weak_key() returns 1 is the passed key is a weak key, 0 if it | 136 | DES_is_weak_key() returns 1 is the passed key is a weak key, 0 if it |
| 137 | is ok. The probability that a randomly generated key is weak is | 137 | is ok. |
| 138 | 1/2^52, so it is not really worth checking for them. | ||
| 139 | 138 | ||
| 140 | The following routines mostly operate on an input and output stream of | 139 | The following routines mostly operate on an input and output stream of |
| 141 | I<DES_cblock>s. | 140 | I<DES_cblock>s. |
diff --git a/src/lib/libssl/src/doc/crypto/DES_set_key.pod b/src/lib/libssl/src/doc/crypto/DES_set_key.pod index d6a35eacd4..d1bd43c592 100644 --- a/src/lib/libssl/src/doc/crypto/DES_set_key.pod +++ b/src/lib/libssl/src/doc/crypto/DES_set_key.pod | |||
| @@ -114,7 +114,7 @@ consists of 8 bytes with odd parity. The least significant bit in | |||
| 114 | each byte is the parity bit. The key schedule is an expanded form of | 114 | each byte is the parity bit. The key schedule is an expanded form of |
| 115 | the key; it is used to speed the encryption process. | 115 | the key; it is used to speed the encryption process. |
| 116 | 116 | ||
| 117 | DES_random_key() generates a random key. | 117 | DES_random_key() generates a random key in odd parity. |
| 118 | 118 | ||
| 119 | Before a DES key can be used, it must be converted into the | 119 | Before a DES key can be used, it must be converted into the |
| 120 | architecture dependent I<DES_key_schedule> via the | 120 | architecture dependent I<DES_key_schedule> via the |
| @@ -134,8 +134,7 @@ depend on a global variable. | |||
| 134 | DES_set_odd_parity() sets the parity of the passed I<key> to odd. | 134 | DES_set_odd_parity() sets the parity of the passed I<key> to odd. |
| 135 | 135 | ||
| 136 | DES_is_weak_key() returns 1 is the passed key is a weak key, 0 if it | 136 | DES_is_weak_key() returns 1 is the passed key is a weak key, 0 if it |
| 137 | is ok. The probability that a randomly generated key is weak is | 137 | is ok. |
| 138 | 1/2^52, so it is not really worth checking for them. | ||
| 139 | 138 | ||
| 140 | The following routines mostly operate on an input and output stream of | 139 | The following routines mostly operate on an input and output stream of |
| 141 | I<DES_cblock>s. | 140 | I<DES_cblock>s. |