diff options
| author | Pauli <pauli@openssl.org> | 2023-03-16 14:21:25 +1100 |
|---|---|---|
| committer | Pauli <pauli@openssl.org> | 2023-03-29 09:25:19 +1100 |
| commit | e14fc22c90ce5a9e6d66d8658fc6bb37f95019da (patch) | |
| tree | 813b61a41d378d0845539c5d223f516b04318313 /doc/man7 | |
| parent | f553c0f0dd24f037f31d971a99a1ffe7a11f64e6 (diff) | |
doc: note the restriction on digests used by DRBGs in FIPS mode.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20521)
Diffstat (limited to 'doc/man7')
| -rw-r--r-- | doc/man7/EVP_RAND-HASH-DRBG.pod | 28 | ||||
| -rw-r--r-- | doc/man7/EVP_RAND-HMAC-DRBG.pod | 28 |
2 files changed, 54 insertions, 2 deletions
diff --git a/doc/man7/EVP_RAND-HASH-DRBG.pod b/doc/man7/EVP_RAND-HASH-DRBG.pod index 3361f7d8a5..97a3ecc684 100644 --- a/doc/man7/EVP_RAND-HASH-DRBG.pod +++ b/doc/man7/EVP_RAND-HASH-DRBG.pod @@ -54,6 +54,24 @@ These parameters work as described in L<EVP_RAND(3)/PARAMETERS>. =head1 NOTES +When the FIPS provider is installed using the B<-no_drbg_truncated_digests> +option to fipsinstall, only these digests are permitted (as per +L<FIPS 140-3 IG D.R|https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>): + +=over 4 + +=item SHA-1 + +=item SHA2-256 + +=item SHA2-512 + +=item SHA3-256 + +=item SHA3-512 + +=back + A context for HASH DRBG can be obtained by calling: EVP_RAND *rand = EVP_RAND_fetch(NULL, "HASH-DRBG", NULL); @@ -86,7 +104,15 @@ NIST SP 800-90A and SP 800-90B =head1 SEE ALSO L<EVP_RAND(3)>, -L<EVP_RAND(3)/PARAMETERS> +L<EVP_RAND(3)/PARAMETERS>, +L<openssl-fipsinstall(1)> + +=head1 HISTORY + +OpenSSL 3.1.1 introduced the B<-no_drbg_truncated_digests> option to +fipsinstall which restricts the permitted digests when using the FIPS +provider in a complaint manner. For details refer to +L<FIPS 140-3 IG D.R|https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>. =head1 COPYRIGHT diff --git a/doc/man7/EVP_RAND-HMAC-DRBG.pod b/doc/man7/EVP_RAND-HMAC-DRBG.pod index ae3a51dbd7..5b188404f9 100644 --- a/doc/man7/EVP_RAND-HMAC-DRBG.pod +++ b/doc/man7/EVP_RAND-HMAC-DRBG.pod @@ -56,6 +56,23 @@ These parameters work as described in L<EVP_RAND(3)/PARAMETERS>. =head1 NOTES +When using the FIPS provider, only these digests are permitted (as per +L<FIPS 140-3 IG D.R|https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>): + +=over 4 + +=item SHA-1 + +=item SHA2-256 + +=item SHA2-512 + +=item SHA3-256 + +=item SHA3-512 + +=back + A context for HMAC DRBG can be obtained by calling: EVP_RAND *rand = EVP_RAND_fetch(NULL, "HMAC-DRBG", NULL); @@ -89,7 +106,16 @@ NIST SP 800-90A and SP 800-90B =head1 SEE ALSO L<EVP_RAND(3)>, -L<EVP_RAND(3)/PARAMETERS> +L<EVP_RAND(3)/PARAMETERS>, +L<openssl-fipsinstall(1)> + + +=head1 HISTORY + +OpenSSL 3.1.1 introduced the B<-no_drbg_truncated_digests> option to +fipsinstall which restricts the permitted digests when using the FIPS +provider in a complaint manner. For details refer to +L<FIPS 140-3 IG D.R|https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>). =head1 COPYRIGHT |