From: Dr. Matthias St. Pierre Date: Sun, 12 May 2019 07:01:55 +0000 (+1000) Subject: Ignore entropy from RAND_add()/RAND_seed() in FIPS mode [fixup] X-Git-Tag: openssl-3.0.0-alpha1~2071 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=ffa9bff8a2024bc8e6322be2cbff7d17fb8d828d;p=oweals%2Fopenssl.git Ignore entropy from RAND_add()/RAND_seed() in FIPS mode [fixup] Small correction to RAND_DRBG(7) (amends 3a50a8a91ad1) Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8909) --- diff --git a/doc/man7/RAND_DRBG.pod b/doc/man7/RAND_DRBG.pod index 621f6ded5a..c51b8cb238 100644 --- a/doc/man7/RAND_DRBG.pod +++ b/doc/man7/RAND_DRBG.pod @@ -265,9 +265,9 @@ from the trusted entropy sources. =back NOTE: Manual reseeding is *not allowed* in FIPS mode, because -NIST SP-800-90A mandates that entropy *shall not* be provided by the -consuming application, neither for instantiation, nor for reseeding. -[NIST SP 800-90Ar1, Sections 9.1 and 9.2]. For that reason the B +[NIST SP-800-90Ar1] mandates that entropy *shall not* be provided by +the consuming application for instantiation (Section 9.1) or +reseeding (Section 9.2). For that reason, the B argument is ignored and the random bytes provided by the L and L calls are treated as additional data.