1EVP_RAND-HASH-DRBG(7ossl) OpenSSL EVP_RAND-HASH-DRBG(7ossl)
2
3
4
6 EVP_RAND-HASH-DRBG - The HASH DRBG EVP_RAND implementation
7
9 Support for the hash deterministic random bit generator through the
10 EVP_RAND API.
11
12 Identity
13 "HASH-DRBG" is the name for this implementation; it can be used with
14 the EVP_RAND_fetch() function.
15
16 Supported parameters
17 The supported parameters are:
18
19 "state" (OSSL_RAND_PARAM_STATE) <integer>
20 "strength" (OSSL_RAND_PARAM_STRENGTH) <unsigned integer>
21 "max_request" (OSSL_RAND_PARAM_MAX_REQUEST) <unsigned integer>
22 "reseed_requests" (OSSL_DRBG_PARAM_RESEED_REQUESTS) <unsigned integer>
23 "reseed_time_interval" (OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL) <integer>
24 "min_entropylen" (OSSL_DRBG_PARAM_MIN_ENTROPYLEN) <unsigned integer>
25 "max_entropylen" (OSSL_DRBG_PARAM_MAX_ENTROPYLEN) <unsigned integer>
26 "min_noncelen" (OSSL_DRBG_PARAM_MIN_NONCELEN) <unsigned integer>
27 "max_noncelen" (OSSL_DRBG_PARAM_MAX_NONCELEN) <unsigned integer>
28 "max_perslen" (OSSL_DRBG_PARAM_MAX_PERSLEN) <unsigned integer>
29 "max_adinlen" (OSSL_DRBG_PARAM_MAX_ADINLEN) <unsigned integer>
30 "reseed_counter" (OSSL_DRBG_PARAM_RESEED_COUNTER) <unsigned integer>
31 "properties" (OSSL_DRBG_PARAM_PROPERTIES) <UTF8 string>
32 "digest" (OSSL_DRBG_PARAM_DIGEST) <UTF8 string>
33 These parameters work as described in "PARAMETERS" in EVP_RAND(3).
34
36 When the FIPS provider is installed using the
37 -no_drbg_truncated_digests option to fipsinstall, only these digests
38 are permitted (as per FIPS 140-3 IG D.R
39 <https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-
40 validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>):
41
42 SHA-1
43 SHA2-256
44 SHA2-512
45 SHA3-256
46 SHA3-512
47
48 A context for HASH DRBG can be obtained by calling:
49
50 EVP_RAND *rand = EVP_RAND_fetch(NULL, "HASH-DRBG", NULL);
51 EVP_RAND_CTX *rctx = EVP_RAND_CTX_new(rand);
52
54 EVP_RAND *rand;
55 EVP_RAND_CTX *rctx;
56 unsigned char bytes[100];
57 OSSL_PARAM params[2], *p = params;
58 unsigned int strength = 128;
59
60 rand = EVP_RAND_fetch(NULL, "HASH-DRBG", NULL);
61 rctx = EVP_RAND_CTX_new(rand, NULL);
62 EVP_RAND_free(rand);
63
64 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_DIGEST, SN_sha512, 0);
65 *p = OSSL_PARAM_construct_end();
66 EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params);
67
68 EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0);
69
70 EVP_RAND_CTX_free(rctx);
71
73 NIST SP 800-90A and SP 800-90B
74
76 EVP_RAND(3), "PARAMETERS" in EVP_RAND(3), openssl-fipsinstall(1)
77
79 OpenSSL 3.1.1 introduced the -no_drbg_truncated_digests option to
80 fipsinstall which restricts the permitted digests when using the FIPS
81 provider in a complaint manner. For details refer to FIPS 140-3 IG D.R
82 <https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-
83 validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf>.
84
86 Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
87
88 Licensed under the Apache License 2.0 (the "License"). You may not use
89 this file except in compliance with the License. You can obtain a copy
90 in the file LICENSE in the source distribution or at
91 <https://www.openssl.org/source/license.html>.
92
93
94
953.1.1 2023-08-31 EVP_RAND-HASH-DRBG(7ossl)