diff options
author | Pauli <paul.dale@oracle.com> | 2020-05-25 14:45:49 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-06-24 20:07:46 +1000 |
commit | dc4e74ef6c10a13d8a8947c71e9ee70a0abe642e (patch) | |
tree | 71874ab26e07fa58dac4240ff772b9eb84fa9571 /doc/man7/EVP_RAND-HASH-DRBG.pod | |
parent | 6154f9a7cad7805a551343ed2111231aa2e00681 (diff) |
evp_rand: documentation
EVP_RAND, the RNGs and provider-rand.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Diffstat (limited to 'doc/man7/EVP_RAND-HASH-DRBG.pod')
-rw-r--r-- | doc/man7/EVP_RAND-HASH-DRBG.pod | 100 |
1 files changed, 100 insertions, 0 deletions
diff --git a/doc/man7/EVP_RAND-HASH-DRBG.pod b/doc/man7/EVP_RAND-HASH-DRBG.pod new file mode 100644 index 0000000000..879384993e --- /dev/null +++ b/doc/man7/EVP_RAND-HASH-DRBG.pod @@ -0,0 +1,100 @@ +=pod + +=head1 NAME + +EVP_RAND-HASH-DRBG - The HASH DRBG EVP_RAND implementation + +=head1 DESCRIPTION + +Support for the hash deterministic random bit generator through the +B<EVP_RAND> API. + +=head2 Identity + +"HASH-DRBG" is the name for this implementation; it can be used with the +EVP_RAND_fetch() function. + +=head2 Supported parameters + +The supported parameters are: + +=over 4 + +=item "state" (B<OSSL_RAND_PARAM_STATE>) <integer> + +=item "strength" (B<OSSL_RAND_PARAM_STRENGTH>) <unsigned integer> + +=item "reseed_requests" (B<OSSL_DRBG_PARAM_RESEED_REQUESTS>) <unsigned integer> + +=item "reseed_time_interval" (B<OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL>) <integer> + +=item "max_request" (B<OSSL_DRBG_PARAM_MAX_REQUEST>) <unsigned integer> + +=item "min_entropylen" (B<OSSL_DRBG_PARAM_MIN_ENTROPYLEN>) <unsigned integer> + +=item "max_entropylen" (B<OSSL_DRBG_PARAM_MAX_ENTROPYLEN>) <unsigned integer> + +=item "min_noncelen" (B<OSSL_DRBG_PARAM_MIN_NONCELEN>) <unsigned integer> + +=item "max_noncelen" (B<OSSL_DRBG_PARAM_MAX_NONCELEN>) <unsigned integer> + +=item "max_perslen" (B<OSSL_DRBG_PARAM_MAX_PERSLEN>) <unsigned integer> + +=item "max_adinlen" (B<OSSL_DRBG_PARAM_MAX_ADINLEN>) <unsigned integer> + +=item "reseed_counter" (B<OSSL_DRBG_PARAM_RESEED_CTR>) <unsigned integer> + +=item "properties" (B<OSSL_DRBG_PARAM_PROPERTIES>) <UTF8 string> + +=item "digest" (B<OSSL_DRBG_PARAM_DIGEST>) <UTF8 string> + +These parameters work as described in L<EVP_RAND(3)/PARAMETERS>. + +=back + +=head1 NOTES + +A context for HASH DRBG can be obtained by calling: + + EVP_RAND *rand = EVP_RAND_fetch(NULL, "HASH-DRBG", NULL); + EVP_RAND_CTX *rctx = EVP_RAND_CTX_new(rand); + +=head1 EXAMPLES + + EVP_RAND *rand; + EVP_RAND_CTX *rctx; + unsigned char bytes[100]; + OSSL_PARAM params[2], *p = params; + unsigned int strength = 128; + + rand = EVP_RAND_fetch(NULL, "HASH-DRBG", NULL); + rctx = EVP_RAND_CTX_new(rand, NULL); + EVP_RAND_free(rand); + + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_DIGEST, SN_sha512, 0); + *p = OSSL_PARAM_construct_end(); + EVP_RAND_set_ctx_params(rctx, params); + + EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0); + + EVP_RAND_CTX_free(rctx); + +=head1 CONFORMING TO + +NIST SP 800-90A and SP 800-90B + +=head1 SEE ALSO + +L<EVP_RAND(3)>, +L<EVP_RAND(3)/PARAMETERS> + +=head1 COPYRIGHT + +Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L<https://www.openssl.org/source/license.html>. + +=cut |