CTR, HASH and HMAC DRBGs in provider

[openssl.git] / doc / man3 / RAND_DRBG_set_callbacks.pod

diff --git a/doc/man3/RAND_DRBG_set_callbacks.pod b/doc/man3/RAND_DRBG_set_callbacks.pod
index d00397da626a7621431179075c7e6687db770cb9..0ae3028a5aa2ac9770abb5b1a655ba908496d423 100644 (file)
--- a/doc/man3/RAND_DRBG_set_callbacks.pod
+++ b/doc/man3/RAND_DRBG_set_callbacks.pod
@@ -127,11 +127,12 @@ entropy from a live entropy source (section 5.5.2 of [NIST SP 800-90C]).
 It is up to the user to ensure that a live entropy source is configured
 and is being used.
 
-The derivation function is disabled during initialization by calling the
-RAND_DRBG_set() function with the RAND_DRBG_FLAG_CTR_NO_DF flag.
-For more information on the derivation function and when it can be omitted,
-see [NIST SP 800-90A Rev. 1]. Roughly speaking it can be omitted if the random
-source has "full entropy", i.e., contains 8 bits of entropy per byte.
+The derivation function is disabled by calling the RAND_DRBG_new_ex()
+function with the RAND_DRBG_FLAG_CTR_NO_DF flag.  For more information on
+the derivation function and when it can be omitted, see [NIST SP 800-90A
+Rev. 1]. Roughly speaking it can be omitted if the random source has "full
+entropy", i.e., contains 8 bits of entropy per byte. In a FIPS context,
+the derivation function can never be omitted.
 
 Even if a nonce is required, the B<get_nonce>() and B<cleanup_nonce>()
 callbacks can be omitted by setting them to NULL.