From b7a050572725231e1d31fa2284db308ecf55d63d Mon Sep 17 00:00:00 2001 From: miod Date: Sat, 12 Jul 2014 21:08:53 +0000 Subject: [PATCH] Remove this sentence: ``The probability that a randomly generated key is weak is -1/2^52, so it is not really worth checking for them.'' This kind of naively optimistic attitude is not compatible with security. --- lib/libcrypto/doc/DES_set_key.pod | 5 ++--- lib/libssl/src/doc/crypto/DES_set_key.pod | 5 ++--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/lib/libcrypto/doc/DES_set_key.pod b/lib/libcrypto/doc/DES_set_key.pod index d6a35eacd44..d1bd43c5927 100644 --- a/lib/libcrypto/doc/DES_set_key.pod +++ b/lib/libcrypto/doc/DES_set_key.pod @@ -114,7 +114,7 @@ consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process. -DES_random_key() generates a random key. +DES_random_key() generates a random key in odd parity. Before a DES key can be used, it must be converted into the architecture dependent I via the @@ -134,8 +134,7 @@ depend on a global variable. DES_set_odd_parity() sets the parity of the passed I to odd. DES_is_weak_key() returns 1 is the passed key is a weak key, 0 if it -is ok. The probability that a randomly generated key is weak is -1/2^52, so it is not really worth checking for them. +is ok. The following routines mostly operate on an input and output stream of Is. diff --git a/lib/libssl/src/doc/crypto/DES_set_key.pod b/lib/libssl/src/doc/crypto/DES_set_key.pod index d6a35eacd44..d1bd43c5927 100644 --- a/lib/libssl/src/doc/crypto/DES_set_key.pod +++ b/lib/libssl/src/doc/crypto/DES_set_key.pod @@ -114,7 +114,7 @@ consists of 8 bytes with odd parity. The least significant bit in each byte is the parity bit. The key schedule is an expanded form of the key; it is used to speed the encryption process. -DES_random_key() generates a random key. +DES_random_key() generates a random key in odd parity. Before a DES key can be used, it must be converted into the architecture dependent I via the @@ -134,8 +134,7 @@ depend on a global variable. DES_set_odd_parity() sets the parity of the passed I to odd. DES_is_weak_key() returns 1 is the passed key is a weak key, 0 if it -is ok. The probability that a randomly generated key is weak is -1/2^52, so it is not really worth checking for them. +is ok. The following routines mostly operate on an input and output stream of Is. -- 2.20.1