diff options
| author | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2017-11-24 14:59:58 +0100 |
|---|---|---|
| committer | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2017-12-17 23:12:10 +0100 |
| commit | a93ba405b0327db9106f8f224112a2b64fb264e7 (patch) | |
| tree | d7185e4703fa29127c97315150cc0e3b18a5c8f3 /util | |
| parent | 56d362881eb9173d74f89aa8c4c4b42bc3397a17 (diff) | |
Add master DRBG for reseeding
A third shared DRBG is added, the so called master DRBG. Its sole purpose
is to reseed the two other shared DRBGs, the public and the private DRBG.
The randomness for the master DRBG is either pulled from the os entropy
sources, or added by the application using the RAND_add() call.
The master DRBG reseeds itself automatically after a given number of generate
requests, but can also be reseeded using RAND_seed() or RAND_add().
A reseeding of the master DRBG is automatically propagated to the public
and private DRBG. This construction fixes the problem, that up to now
the randomness provided by RAND_add() was added only to the public and
not to the private DRBG.
Signed-off-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/4402)
Diffstat (limited to 'util')
| -rw-r--r-- | util/libcrypto.num | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/util/libcrypto.num b/util/libcrypto.num index 10ffa2c3d5..7bfa6015d0 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4371,7 +4371,7 @@ SCRYPT_PARAMS_it 4314 1_1_1 EXIST:EXPORT_VAR_AS_FUNCTION: CRYPTO_secure_clear_free 4315 1_1_0g EXIST::FUNCTION: EVP_PKEY_meth_get0 4316 1_1_1 EXIST::FUNCTION: EVP_PKEY_meth_get_count 4317 1_1_1 EXIST::FUNCTION: -RAND_DRBG_get0_global 4319 1_1_1 EXIST::FUNCTION: +RAND_DRBG_get0_public 4319 1_1_1 EXIST::FUNCTION: RAND_priv_bytes 4320 1_1_1 EXIST::FUNCTION: BN_priv_rand 4321 1_1_1 EXIST::FUNCTION: BN_priv_rand_range 4322 1_1_1 EXIST::FUNCTION: @@ -4381,7 +4381,7 @@ ASN1_TIME_compare 4325 1_1_1 EXIST::FUNCTION: EVP_PKEY_CTX_ctrl_uint64 4326 1_1_1 EXIST::FUNCTION: EVP_DigestFinalXOF 4327 1_1_1 EXIST::FUNCTION: ERR_clear_last_mark 4328 1_1_1 EXIST::FUNCTION: -RAND_DRBG_get0_priv_global 4329 1_1_1 EXIST::FUNCTION: +RAND_DRBG_get0_private 4329 1_1_1 EXIST::FUNCTION: EVP_aria_192_ccm 4330 1_1_1 EXIST::FUNCTION:ARIA EVP_aria_256_gcm 4331 1_1_1 EXIST::FUNCTION:ARIA EVP_aria_256_ccm 4332 1_1_1 EXIST::FUNCTION:ARIA @@ -4446,3 +4446,4 @@ RSA_set0_multi_prime_params 4390 1_1_1 EXIST::FUNCTION:RSA RSA_get_version 4391 1_1_1 EXIST::FUNCTION:RSA RSA_meth_get_multi_prime_keygen 4392 1_1_1 EXIST::FUNCTION:RSA RSA_meth_set_multi_prime_keygen 4393 1_1_1 EXIST::FUNCTION:RSA +RAND_DRBG_get0_master 4394 1_1_1 EXIST::FUNCTION: |