diff options
author | steve <steve> | 2011-04-23 20:05:17 +0000 |
---|---|---|
committer | steve <steve> | 2011-04-23 20:05:17 +0000 |
commit | 3fad487c9c289bdcdd30bf3338545ce8d20c7878 (patch) | |
tree | df5a61dd1785c18639ed1cbe2a739f03c984ed06 /CHANGES | |
parent | 0a5ea60bf7b25ae30a980670a6284bcd02e00f23 (diff) | |
download | openssl-3fad487c9c289bdcdd30bf3338545ce8d20c7878.tar.gz |
Always return multiple of block length bytes from default DRBG seed
callback.
Handle case where no multiple of the block size is in the interval
[min_len, max_len].
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -4,6 +4,14 @@ Changes between 1.0.1 and 1.1.0 [xx XXX xxxx] + *) Minor change to DRBG entropy callback semantics. In some cases + there is no mutiple of the block length between min_len and + max_len. Allow the callback to return more than max_len bytes + of entropy but discard any extra: it is the callback's responsibility + to ensure that the extra data discarded does not impact the + requested amount of entropy. + [Steve Henson] + *) Add PRNG security strength checks to RSA, DSA and ECDSA using information in FIPS186-3, SP800-57 and SP800-131A. [Steve Henson] |