diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-04-23 20:05:19 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-04-23 20:05:19 +0000 |
commit | e0d1a2f80a020bd019b017c52e0d724248731788 (patch) | |
tree | 8a68772a04b5115a51788f6a13f45388c48f62f1 /CHANGES | |
parent | cac4fb58e02d8cf799d75212179f56c69e652ec7 (diff) |
Always return multiple of block length bytes from default DRBG seed
callback.
Handle case where no multiple of the block size is in the interval
[min_len, max_len].
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -4,6 +4,14 @@ Changes between 1.0.1 and 1.1.0 [xx XXX xxxx] + *) Minor change to DRBG entropy callback semantics. In some cases + there is no mutiple of the block length between min_len and + max_len. Allow the callback to return more than max_len bytes + of entropy but discard any extra: it is the callback's responsibility + to ensure that the extra data discarded does not impact the + requested amount of entropy. + [Steve Henson] + *) Add PRNG security strength checks to RSA, DSA and ECDSA using information in FIPS186-3, SP800-57 and SP800-131A. [Steve Henson] |