From 42ef36c6813822962aff009ee1ca5eaf04d6c5c7 Mon Sep 17 00:00:00 2001
From: miod <>
Date: Fri, 11 Jul 2014 16:18:14 +0000
Subject: Huge documentation update for libcrypto and libssl, mostly from Matt
 Caswell, Jeff Trawick, Jean-Paul Calderone, Michal Bozon, Jeffrey Walton and
 Rich Salz, via OpenSSL trunk (with some parts not applying to us, such as
 SSLv2 support, at least partially removed).

---
 src/lib/libcrypto/doc/RSA_generate_key.pod | 37 +++++++++++++++++++-----------
 1 file changed, 24 insertions(+), 13 deletions(-)

(limited to 'src/lib/libcrypto/doc/RSA_generate_key.pod')
diff --git a/src/lib/libcrypto/doc/RSA_generate_key.pod b/src/lib/libcrypto/doc/RSA_generate_key.pod
index 867390884b..00026f04df 100644
--- a/src/lib/libcrypto/doc/RSA_generate_key.pod
+++ b/src/lib/libcrypto/doc/RSA_generate_key.pod
@@ -2,27 +2,32 @@
 
 =head1 NAME
 
-RSA_generate_key - generate RSA key pair
+RSA_generate_key_ex, RSA_generate_key - generate RSA key pair
 
 =head1 SYNOPSIS
 
  #include <openssl/rsa.h>
 
+ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+Deprecated:
+
  RSA *RSA_generate_key(int num, unsigned long e,
     void (*callback)(int,int,void *), void *cb_arg);
 
 =head1 DESCRIPTION
 
-RSA_generate_key() generates a key pair and returns it in a newly
-allocated B<RSA> structure.
+RSA_generate_key_ex() generates a key pair and stores it in the B<RSA>
+structure provided in B<rsa>.
 
-The modulus size will be B<num> bits, and the public exponent will be
+The modulus size will be of length B<bits>, and the public exponent will be
 B<e>. Key sizes with B<num> E<lt> 1024 should be considered insecure.
 The exponent is an odd number, typically 3, 17 or 65537.
 
 A callback function may be used to provide feedback about the
-progress of the key generation. If B<callback> is not B<NULL>, it
-will be called as follows:
+progress of the key generation. If B<cb> is not B<NULL>, it
+will be called as follows using the BN_GENCB_call() function
+described on the L<BN_generate_prime(3)|BN_generate_prime(3)> page:
 
 =over 4
 
@@ -34,32 +39,38 @@ described in L<BN_generate_prime(3)|BN_generate_prime(3)>.
 =item *
 
 When the n-th randomly generated prime is rejected as not
-suitable for the key, B<callback(2, n, cb_arg)> is called.
+suitable for the key, B<BN_GENCB_call(cb, 2, n)> is called.
 
 =item *
 
 When a random p has been found with p-1 relatively prime to B<e>,
-it is called as B<callback(3, 0, cb_arg)>.
+it is called as B<BN_GENCB_call(cb, 3, 0)>.
 
 =back
 
-The process is then repeated for prime q with B<callback(3, 1, cb_arg)>.
+The process is then repeated for prime q with B<BN_GENCB_call(cb, 3, 1)>.
+
+RSA_generate_key is deprecated (new applications should use
+RSA_generate_key_ex instead). RSA_generate_key works in the same was as
+RSA_generate_key_ex except it uses "old style" call backs. See
+L<BN_generate_prime(3)|BN_generate_prime(3)> for further details.
 
 =head1 RETURN VALUE
 
-If key generation fails, RSA_generate_key() returns B<NULL>; the
-error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+If key generation fails, RSA_generate_key() returns B<NULL>.
+
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
 
 =head1 BUGS
 
-B<callback(2, x, cb_arg)> is used with two different meanings.
+B<BN_GENCB_call(cb, 2, x)> is used with two different meanings.
 
 RSA_generate_key() goes into an infinite loop for illegal input values.
 
 =head1 SEE ALSO
 
 L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_free(3)|RSA_free(3)>
+L<RSA_free(3)|RSA_free(3)>, L<BN_generate_prime(3)|BN_generate_prime(3)>
 
 =head1 HISTORY
 
-- 
cgit v1.2.3-55-g6feb

