[openssl] OpenSSL_1_1_1-stable update

Dr. Paul Dale pauli at openssl.org
Fri Apr 5 08:41:17 UTC 2019

The branch OpenSSL_1_1_1-stable has been updated
       via  c15ef410e1898224736813b8b8e50caf7e5eadba (commit)
      from  0cbfcc39042bb1ff16d4500979d34fcdae3ec602 (commit)

- Log -----------------------------------------------------------------
commit c15ef410e1898224736813b8b8e50caf7e5eadba
Author: Pauli <paul.dale at oracle.com>
Date:   Fri Apr 5 14:43:18 2019 +1000

    Add the prediction_resistance flag to the documentation.
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    (Merged from https://github.com/openssl/openssl/pull/8678)


Summary of changes:
 doc/man3/RAND_DRBG_reseed.pod | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/doc/man3/RAND_DRBG_reseed.pod b/doc/man3/RAND_DRBG_reseed.pod
index da3a40b..a0a4e56 100644
--- a/doc/man3/RAND_DRBG_reseed.pod
+++ b/doc/man3/RAND_DRBG_reseed.pod
@@ -13,7 +13,8 @@ RAND_DRBG_set_reseed_defaults
  #include <openssl/rand_drbg.h>
  int RAND_DRBG_reseed(RAND_DRBG *drbg,
-                      const unsigned char *adin, size_t adinlen);
+                      const unsigned char *adin, size_t adinlen,
+                      int prediction_resistance);
  int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg,
                                    unsigned int interval);
@@ -37,6 +38,10 @@ and mixing in the specified additional data provided in the buffer B<adin>
 of length B<adinlen>.
 The additional data can be omitted by setting B<adin> to NULL and B<adinlen>
 to 0.
+An immediate reseeding from a live entropy source can be requested by setting
+the B<prediction_resistance> flag to 1.
+This feature is not implemented yet, so reseeding with prediction resistance
+requested will always fail.
 sets the reseed interval of the B<drbg>, which is the maximum allowed number

More information about the openssl-commits mailing list