changeset:   70370:178d367c9733
user:        Victor Stinner <victor.stinner@haypocalc.com>
date:        Wed May 25 11:27:40 2011 +0200
files:       Doc/library/ssl.rst
description:
Issue #12049: Document errors cases of ssl.RAND_bytes() and
ssl.RAND_pseudo_bytes().  Add also links to RAND_status and RAND_add.


diff -r 96a82c973224 -r 178d367c9733 Doc/library/ssl.rst
--- a/Doc/library/ssl.rst	Wed May 25 11:15:16 2011 +0200
+++ b/Doc/library/ssl.rst	Wed May 25 11:27:40 2011 +0200
@@ -164,10 +164,14 @@
 
 .. function:: RAND_bytes(num)
 
-   Returns *num* cryptographically strong pseudo-random bytes.
+   Returns *num* cryptographically strong pseudo-random bytes. Raises an
+   :class:`SSLError` if the PRNG has not been seeded with enough data or if the
+   operation is not supported by the current RAND method. :func:`RAND_status`
+   can be used to check the status of the PRNG and :func:`RAND_add` can be used
+   to seed the PRNG.
 
    Read the Wikipedia article, `Cryptographically secure pseudorandom number
-   generator
+   generator (CSPRNG)
    <http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator>`_,
    to get the requirements of a cryptographically generator.
 
@@ -177,7 +181,8 @@
 
    Returns (bytes, is_cryptographic): bytes are *num* pseudo-random bytes,
    is_cryptographic is True if the bytes generated are cryptographically
-   strong.
+   strong. Raises an :class:`SSLError` if the operation is not supported by the
+   current RAND method.
 
    Generated pseudo-random byte sequences will be unique if they are of
    sufficient length, but are not necessarily unpredictable. They can be used