Use BN_RAND_* instead of mysterious values in the documentation of

BN_rand_range()

From OpenSSL 1.1.1l

ok beck jsing

diff --git a/lib/libcrypto/man/BN_rand.3 b/lib/libcrypto/man/BN_rand.3
index 4679712..c508738 100644 (file)
--- a/lib/libcrypto/man/BN_rand.3
+++ b/lib/libcrypto/man/BN_rand.3
@@ -1,4 +1,4 @@
-.\"    $OpenBSD: BN_rand.3,v 1.16 2019/06/10 14:58:48 schwarze Exp $
+.\"    $OpenBSD: BN_rand.3,v 1.17 2021/09/10 14:37:14 tb Exp $
 .\" full merge up to: OpenSSL 05ea606a May 20 20:52:46 2016 -0400
 .\" selective merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
 .\"
@@ -50,7 +50,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: June 10 2019 $
+.Dd $Mdocdate: September 10 2021 $
 .Dt BN_RAND 3
 .Os
 .Sh NAME
@@ -81,18 +81,29 @@ in length and stores it in
 .Fa rnd .
 If
 .Fa top
-is -1, the most significant bit of the random number can be zero.
+is
+.Dv BN_RAND_TOP_ANY ,
+the most significant bit of the random number can be zero.
 If
 .Fa top
-is 0, it is set to 1, and if
+is
+.Dv BN_RAND_TOP_ONE ,
+the most significant bit is set to 1, and if
 .Fa top
-is 1, the two most significant bits of the number will be set to 1, so
+is
+.Dv BN_RAND_TOP_TWO ,
+the two most significant bits of the number will be set to 1, so
 that the product of two such random numbers will always have
 .Pf 2* Fa bits
 length.
 If
 .Fa bottom
-is true, the number will be odd.
+is
+.Dv BN_RAND_BOTTOM_ODD ,
+the number will be odd;
+if it is
+.Dv BN_RAND_BOTTOM_ANY ,
+it can be odd or even.
 The value of
 .Fa bits
 must be zero or greater.
@@ -100,7 +111,8 @@ If
 .Fa bits
 is +1 then
 .Fa top
-cannot also be 1.
+cannot be
+.Dv BN_RAND_TOP_TWO .
 .Pp
 .Fn BN_rand_range
 generates a cryptographically strong pseudo-random number