summaryrefslogtreecommitdiffstats
path: root/doc/man7
diff options
context:
space:
mode:
authorPauli <pauli@openssl.org>2023-03-16 04:21:25 +0100
committerPauli <pauli@openssl.org>2023-03-29 00:25:19 +0200
commite14fc22c90ce5a9e6d66d8658fc6bb37f95019da (patch)
tree813b61a41d378d0845539c5d223f516b04318313 /doc/man7
parentDRBG: restrict the digests that can be used with HMAC and Hash DRBGs. (diff)
downloadopenssl-e14fc22c90ce5a9e6d66d8658fc6bb37f95019da.tar.xz
openssl-e14fc22c90ce5a9e6d66d8658fc6bb37f95019da.zip
doc: note the restriction on digests used by DRBGs in FIPS mode.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/20521)
Diffstat (limited to 'doc/man7')
-rw-r--r--doc/man7/EVP_RAND-HASH-DRBG.pod28
-rw-r--r--doc/man7/EVP_RAND-HMAC-DRBG.pod28
2 files changed, 54 insertions, 2 deletions
diff --git a/doc/man7/EVP_RAND-HASH-DRBG.pod b/doc/man7/EVP_RAND-HASH-DRBG.pod
index 3361f7d8a5..97a3ecc684 100644
--- a/doc/man7/EVP_RAND-HASH-DRBG.pod
+++ b/doc/man7/EVP_RAND-HASH-DRBG.pod
@@ -54,6 +54,24 @@ These parameters work as described in L<EVP_RAND(3)/PARAMETERS>.
=head1 NOTES
+When the FIPS provider is installed using the B<-no_drbg_truncated_digests>
+option to fipsinstall, only these digests are permitted (as per
+L<FIPS 140-3 IG D.R|https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>):
+
+=over 4
+
+=item SHA-1
+
+=item SHA2-256
+
+=item SHA2-512
+
+=item SHA3-256
+
+=item SHA3-512
+
+=back
+
A context for HASH DRBG can be obtained by calling:
EVP_RAND *rand = EVP_RAND_fetch(NULL, "HASH-DRBG", NULL);
@@ -86,7 +104,15 @@ NIST SP 800-90A and SP 800-90B
=head1 SEE ALSO
L<EVP_RAND(3)>,
-L<EVP_RAND(3)/PARAMETERS>
+L<EVP_RAND(3)/PARAMETERS>,
+L<openssl-fipsinstall(1)>
+
+=head1 HISTORY
+
+OpenSSL 3.1.1 introduced the B<-no_drbg_truncated_digests> option to
+fipsinstall which restricts the permitted digests when using the FIPS
+provider in a complaint manner. For details refer to
+L<FIPS 140-3 IG D.R|https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>.
=head1 COPYRIGHT
diff --git a/doc/man7/EVP_RAND-HMAC-DRBG.pod b/doc/man7/EVP_RAND-HMAC-DRBG.pod
index ae3a51dbd7..5b188404f9 100644
--- a/doc/man7/EVP_RAND-HMAC-DRBG.pod
+++ b/doc/man7/EVP_RAND-HMAC-DRBG.pod
@@ -56,6 +56,23 @@ These parameters work as described in L<EVP_RAND(3)/PARAMETERS>.
=head1 NOTES
+When using the FIPS provider, only these digests are permitted (as per
+L<FIPS 140-3 IG D.R|https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>):
+
+=over 4
+
+=item SHA-1
+
+=item SHA2-256
+
+=item SHA2-512
+
+=item SHA3-256
+
+=item SHA3-512
+
+=back
+
A context for HMAC DRBG can be obtained by calling:
EVP_RAND *rand = EVP_RAND_fetch(NULL, "HMAC-DRBG", NULL);
@@ -89,7 +106,16 @@ NIST SP 800-90A and SP 800-90B
=head1 SEE ALSO
L<EVP_RAND(3)>,
-L<EVP_RAND(3)/PARAMETERS>
+L<EVP_RAND(3)/PARAMETERS>,
+L<openssl-fipsinstall(1)>
+
+
+=head1 HISTORY
+
+OpenSSL 3.1.1 introduced the B<-no_drbg_truncated_digests> option to
+fipsinstall which restricts the permitted digests when using the FIPS
+provider in a complaint manner. For details refer to
+L<FIPS 140-3 IG D.R|https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>).
=head1 COPYRIGHT