1=pod 2 3=head1 NAME 4 5EVP_RAND-HMAC-DRBG - The HMAC DRBG EVP_RAND implementation 6 7=head1 DESCRIPTION 8 9Support for the HMAC deterministic random bit generator through the 10B<EVP_RAND> API. 11 12=head2 Identity 13 14"HMAC-DRBG" is the name for this implementation; it can be used with the 15EVP_RAND_fetch() function. 16 17=head2 Supported parameters 18 19The supported parameters are: 20 21=over 4 22 23=item "state" (B<OSSL_RAND_PARAM_STATE>) <integer> 24 25=item "strength" (B<OSSL_RAND_PARAM_STRENGTH>) <unsigned integer> 26 27=item "max_request" (B<OSSL_RAND_PARAM_MAX_REQUEST>) <unsigned integer> 28 29=item "reseed_requests" (B<OSSL_DRBG_PARAM_RESEED_REQUESTS>) <unsigned integer> 30 31=item "reseed_time_interval" (B<OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL>) <integer> 32 33=item "min_entropylen" (B<OSSL_DRBG_PARAM_MIN_ENTROPYLEN>) <unsigned integer> 34 35=item "max_entropylen" (B<OSSL_DRBG_PARAM_MAX_ENTROPYLEN>) <unsigned integer> 36 37=item "min_noncelen" (B<OSSL_DRBG_PARAM_MIN_NONCELEN>) <unsigned integer> 38 39=item "max_noncelen" (B<OSSL_DRBG_PARAM_MAX_NONCELEN>) <unsigned integer> 40 41=item "max_perslen" (B<OSSL_DRBG_PARAM_MAX_PERSLEN>) <unsigned integer> 42 43=item "max_adinlen" (B<OSSL_DRBG_PARAM_MAX_ADINLEN>) <unsigned integer> 44 45=item "reseed_counter" (B<OSSL_DRBG_PARAM_RESEED_COUNTER>) <unsigned integer> 46 47=item "properties" (B<OSSL_DRBG_PARAM_PROPERTIES>) <UTF8 string> 48 49=item "mac" (B<OSSL_DRBG_PARAM_MAC>) <UTF8 string> 50 51=item "digest" (B<OSSL_DRBG_PARAM_DIGEST>) <UTF8 string> 52 53These parameters work as described in L<EVP_RAND(3)/PARAMETERS>. 54 55=back 56 57=head1 NOTES 58 59A context for HMAC DRBG can be obtained by calling: 60 61 EVP_RAND *rand = EVP_RAND_fetch(NULL, "HMAC-DRBG", NULL); 62 EVP_RAND_CTX *rctx = EVP_RAND_CTX_new(rand); 63 64=head1 EXAMPLES 65 66 EVP_RAND *rand; 67 EVP_RAND_CTX *rctx; 68 unsigned char bytes[100]; 69 OSSL_PARAM params[3], *p = params; 70 unsigned int strength = 128; 71 72 rand = EVP_RAND_fetch(NULL, "HMAC-DRBG", NULL); 73 rctx = EVP_RAND_CTX_new(rand, NULL); 74 EVP_RAND_free(rand); 75 76 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_MAC, SN_hmac, 0); 77 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_DIGEST, SN_sha256, 0); 78 *p = OSSL_PARAM_construct_end(); 79 EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params); 80 81 EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0); 82 83 EVP_RAND_CTX_free(rctx); 84 85=head1 CONFORMING TO 86 87NIST SP 800-90A and SP 800-90B 88 89=head1 SEE ALSO 90 91L<EVP_RAND(3)>, 92L<EVP_RAND(3)/PARAMETERS> 93 94=head1 COPYRIGHT 95 96Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. 97 98Licensed under the Apache License 2.0 (the "License"). You may not use 99this file except in compliance with the License. You can obtain a copy 100in the file LICENSE in the source distribution or at 101L<https://www.openssl.org/source/license.html>. 102 103=cut 104
