zzy/openssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

doc: add note about fips jitter option

Browse Source 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25498)
This commit is contained in:
Pauli 2024-10-02 12:29:41 +10:00
parent 4bdbd830ac
commit 47ebeb1c10
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
doc/man7/EVP_RAND-JITTER.pod
View File

@ -46,6 +46,15 @@ A context for the seed source can be obtained by calling:
The B<enable-jitter> option was added in OpenSSL 3.4.
By specifying the B<enable-fips-jitter> configuration option, the FIPS
provider will use an internal jitter source for its entropy. Enabling
this option will cause the FIPS provider to operate in a non-compliant
mode unless an entropy assessment
L<ESV|https://csrc.nist.gov/Projects/cryptographic-module-validation-program/entropy-validations>
and validation through the
L<CMVP|https://csrc.nist.gov/projects/cryptographic-module-validation-program>
are additionally conducted. This option was added in OpenSSL 3.5.
=head1 EXAMPLES
EVP_RAND *rand;