projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Document X509_verify_ex() and X509_REQ_verify_ex()
[openssl.git]
/
doc
/
man3
/
RAND_DRBG_reseed.pod
diff --git
a/doc/man3/RAND_DRBG_reseed.pod
b/doc/man3/RAND_DRBG_reseed.pod
index ca08a39bb5dd5894454005361d9a9af76fba5c23..b73f35fb66f73f457f39bdd6e1e3371364b6b3e8 100644
(file)
--- a/
doc/man3/RAND_DRBG_reseed.pod
+++ b/
doc/man3/RAND_DRBG_reseed.pod
@@
-13,7
+13,8
@@
RAND_DRBG_set_reseed_defaults
#include <openssl/rand_drbg.h>
int RAND_DRBG_reseed(RAND_DRBG *drbg,
#include <openssl/rand_drbg.h>
int RAND_DRBG_reseed(RAND_DRBG *drbg,
- const unsigned char *adin, size_t adinlen);
+ const unsigned char *adin, size_t adinlen,
+ int prediction_resistance);
int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg,
unsigned int interval);
int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg,
unsigned int interval);
@@
-37,6
+38,10
@@
and mixing in the specified additional data provided in the buffer B<adin>
of length B<adinlen>.
The additional data can be omitted by setting B<adin> to NULL and B<adinlen>
to 0.
of length B<adinlen>.
The additional data can be omitted by setting B<adin> to NULL and B<adinlen>
to 0.
+An immediate reseeding can be requested by setting the
+B<prediction_resistance> flag to 1.
+Requesting prediction resistance is a relative expensive operation.
+See NOTES section for more details.
RAND_DRBG_set_reseed_interval()
sets the reseed interval of the B<drbg>, which is the maximum allowed number
RAND_DRBG_set_reseed_interval()
sets the reseed interval of the B<drbg>, which is the maximum allowed number
@@
-88,10
+93,6
@@
To ensure that they are applied to the global and thread-local DRBG instances
RAND_DRBG_set_reseed_defaults() before creating any thread and before calling any
cryptographic routines that obtain random data directly or indirectly.
RAND_DRBG_set_reseed_defaults() before creating any thread and before calling any
cryptographic routines that obtain random data directly or indirectly.
-=head1 HISTORY
-
-The RAND_DRBG functions were added in OpenSSL 1.1.1.
-
=head1 SEE ALSO
L<RAND_DRBG_generate(3)>,
=head1 SEE ALSO
L<RAND_DRBG_generate(3)>,
@@
-99,9
+100,15
@@
L<RAND_DRBG_bytes(3)>,
L<RAND_DRBG_set_callbacks(3)>.
L<RAND_DRBG(7)>
L<RAND_DRBG_set_callbacks(3)>.
L<RAND_DRBG(7)>
+=head1 HISTORY
+
+The RAND_DRBG functions were added in OpenSSL 1.1.1.
+
+Prediction resistance is supported from OpenSSL 3.0.
+
=head1 COPYRIGHT
=head1 COPYRIGHT
-Copyright 2017-201
8
The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-201
9
The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy