3a50a8a91a
The functions RAND_add() and RAND_seed() provide a legacy API which enables the application to seed the CSPRNG. But NIST SP-800-90A clearly mandates that entropy *shall not* be provided by the consuming application, neither for instantiation, nor for reseeding. The provided random data will be mixed into the DRBG state as additional data only, and no entropy will accounted for it. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8722) |
||
---|---|---|
.. | ||
build.info | ||
drbg_ctr.c | ||
drbg_hash.c | ||
drbg_hmac.c | ||
drbg_lib.c | ||
rand_crng_test.c | ||
rand_egd.c | ||
rand_err.c | ||
rand_lcl.h | ||
rand_lib.c | ||
rand_unix.c | ||
rand_vms.c | ||
rand_vxworks.c | ||
rand_win.c | ||
randfile.c |