1 files changed, 25 insertions, 14 deletions

diff --git a/openssl/doc/crypto/RSA_generate_key.pod b/openssl/doc/crypto/RSA_generate_key.pod
index 52dbb14a5..881391a04 100644
--- a/openssl/doc/crypto/RSA_generate_key.pod
+++ b/openssl/doc/crypto/RSA_generate_key.pod
@@ -2,28 +2,33 @@
 
 =head1 NAME
 
-RSA_generate_key - generate RSA key pair
+RSA_generate_key_ex, RSA_generate_key - generate RSA key pair
 
 =head1 SYNOPSIS
 
  #include <openssl/rsa.h>
 
+ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+Deprecated:
+
  RSA *RSA_generate_key(int num, unsigned long e,
     void (*callback)(int,int,void *), void *cb_arg);
 
 =head1 DESCRIPTION
 
-RSA_generate_key() generates a key pair and returns it in a newly
-allocated B<RSA> structure. The pseudo-random number generator must
-be seeded prior to calling RSA_generate_key().
+RSA_generate_key_ex() generates a key pair and stores it in the B<RSA>
+structure provided in B<rsa>. The pseudo-random number generator must
+be seeded prior to calling RSA_generate_key_ex().
 
-The modulus size will be B<num> bits, and the public exponent will be
+The modulus size will be of length B<bits>, and the public exponent will be
 B<e>. Key sizes with B<num> E<lt> 1024 should be considered insecure.
 The exponent is an odd number, typically 3, 17 or 65537.
 
 A callback function may be used to provide feedback about the
-progress of the key generation. If B<callback> is not B<NULL>, it
-will be called as follows:
+progress of the key generation. If B<cb> is not B<NULL>, it
+will be called as follows using the BN_GENCB_call() function
+described on the L<BN_generate_prime(3)|BN_generate_prime(3)> page.
 
 =over 4
 
@@ -35,32 +40,38 @@ described in L<BN_generate_prime(3)|BN_generate_prime(3)>.
 =item *
 
 When the n-th randomly generated prime is rejected as not
-suitable for the key, B<callback(2, n, cb_arg)> is called.
+suitable for the key, B<BN_GENCB_call(cb, 2, n)> is called.
 
 =item *
 
 When a random p has been found with p-1 relatively prime to B<e>,
-it is called as B<callback(3, 0, cb_arg)>.
+it is called as B<BN_GENCB_call(cb, 3, 0)>.
 
 =back
 
-The process is then repeated for prime q with B<callback(3, 1, cb_arg)>.
+The process is then repeated for prime q with B<BN_GENCB_call(cb, 3, 1)>.
+
+RSA_generate_key is deprecated (new applications should use
+RSA_generate_key_ex instead). RSA_generate_key works in the same was as
+RSA_generate_key_ex except it uses "old style" call backs. See
+L<BN_generate_prime(3)|BN_generate_prime(3)> for further details.
 
 =head1 RETURN VALUE
 
-If key generation fails, RSA_generate_key() returns B<NULL>; the
-error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+If key generation fails, RSA_generate_key() returns B<NULL>.
+
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
 
 =head1 BUGS
 
-B<callback(2, x, cb_arg)> is used with two different meanings.
+B<BN_GENCB_call(cb, 2, x)> is used with two different meanings.
 
 RSA_generate_key() goes into an infinite loop for illegal input values.
 
 =head1 SEE ALSO
 
 L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_free(3)|RSA_free(3)>
+L<RSA_free(3)|RSA_free(3)>, L<BN_generate_prime(3)|BN_generate_prime(3)>
 
 =head1 HISTORY