wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Ignore entropy from RAND_add()/RAND_seed() in FIPS mode [fixup]

Browse source 
Small correction to RAND_DRBG(7) (amends 3a50a8a91a)

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8909)
This commit is contained in:
Dr. Matthias St. Pierre 2019-05-12 17:01:55 +10:00 committed by Pauli
parent 3a50a8a91a
commit ffa9bff8a2
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
doc/man7/RAND_DRBG.pod
View file

@ -265,9 +265,9 @@ from the trusted entropy sources.
=back
NOTE: Manual reseeding is *not allowed* in FIPS mode, because
NIST SP-800-90A mandates that entropy *shall not* be provided by the
consuming application, neither for instantiation, nor for reseeding.
[NIST SP 800-90Ar1, Sections 9.1 and 9.2]. For that reason the B<randomness>
[NIST SP-800-90Ar1] mandates that entropy *shall not* be provided by
the consuming application for instantiation (Section 9.1) or
reseeding (Section 9.2). For that reason, the B<randomness>
argument is ignored and the random bytes provided by the L<RAND_add(3)> and
L<RAND_seed(3)> calls are treated as additional data.