openssl/doc/man7/EVP_KDF-HMAC-DRBG.pod

=pod

=head1 NAME

EVP_KDF-HMAC-DRBG
- The HMAC DRBG DETERMINISTIC EVP_KDF implementation

=head1 DESCRIPTION

Support for a deterministic HMAC DRBG using the B<EVP_KDF> API. This is similar
to L<EVP_RAND-HMAC-DRBG(7)>, but uses fixed values for its entropy and nonce
values. This is used to generate deterministic nonce value required by ECDSA
and DSA (as defined in RFC 6979).

=head2 Identity

"HMAC-DRBG-KDF" is the name for this implementation; it can be used
with the EVP_KDF_fetch() function.

=head2 Supported parameters

The supported parameters are:

=over 4

=item "digest" (B<OSSL_DRBG_PARAM_DIGEST>) <UTF8 string>

=item "properties" (B<OSSL_DRBG_PARAM_PROPERTIES>) <UTF8 string>

These parameters work as described in L<EVP_KDF(3)/PARAMETERS>.

=item "entropy" (B<OSSL_KDF_PARAM_HMACDRBG_ENTROPY>) <octet string>

Sets the entropy bytes supplied to the HMAC-DRBG.

=item "nonce" (B<OSSL_KDF_PARAM_HMACDRBG_NONCE>) <octet string>

Sets the nonce bytes supplied to the HMAC-DRBG.

=back

=head1 NOTES

A context for KDF HMAC DRBG can be obtained by calling:

 EVP_KDF *kdf = EVP_KDF_fetch(NULL, "HMAC-DRBG-KDF", NULL);
 EVP_KDF_CTX *kdf_ctx = EVP_KDF_CTX_new(kdf, NULL);

=head1 CONFORMING TO

RFC 6979

=head1 SEE ALSO

L<EVP_KDF(3)>,
L<EVP_KDF(3)/PARAMETERS>

=head1 HISTORY

The EVP_KDF-HMAC-DRBG functionality was added in OpenSSL 3.2.

=head1 COPYRIGHT

Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Implement deterministic ECDSA sign (RFC6979) This PR is based off the contributions in PR #9223 by Jemmy1228. It has been modified and reworked to: (1) Work with providers (2) Support ECDSA and DSA (3) Add a KDF HMAC_DRBG implementation that shares code with the RAND HMAC_DRBG. A nonce_type is passed around inside the Signing API's, in order to support any future deterministic algorithms. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18809) 2022-07-15 19:22:01 +08:00			`=pod`

			`=head1 NAME`

			`EVP_KDF-HMAC-DRBG`
			`- The HMAC DRBG DETERMINISTIC EVP_KDF implementation`

			`=head1 DESCRIPTION`

Typos fixing Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20109) 2021-02-21 06:39:30 +08:00			`Support for a deterministic HMAC DRBG using the B<EVP_KDF> API. This is similar`
Implement deterministic ECDSA sign (RFC6979) This PR is based off the contributions in PR #9223 by Jemmy1228. It has been modified and reworked to: (1) Work with providers (2) Support ECDSA and DSA (3) Add a KDF HMAC_DRBG implementation that shares code with the RAND HMAC_DRBG. A nonce_type is passed around inside the Signing API's, in order to support any future deterministic algorithms. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18809) 2022-07-15 19:22:01 +08:00			`to L<EVP_RAND-HMAC-DRBG(7)>, but uses fixed values for its entropy and nonce`
			`values. This is used to generate deterministic nonce value required by ECDSA`
			`and DSA (as defined in RFC 6979).`

			`=head2 Identity`

			`"HMAC-DRBG-KDF" is the name for this implementation; it can be used`
			`with the EVP_KDF_fetch() function.`

			`=head2 Supported parameters`

			`The supported parameters are:`

			`=over 4`

			`=item "digest" (B<OSSL_DRBG_PARAM_DIGEST>) <UTF8 string>`

			`=item "properties" (B<OSSL_DRBG_PARAM_PROPERTIES>) <UTF8 string>`

			`These parameters work as described in L<EVP_KDF(3)/PARAMETERS>.`

			`=item "entropy" (B<OSSL_KDF_PARAM_HMACDRBG_ENTROPY>) <octet string>`

			`Sets the entropy bytes supplied to the HMAC-DRBG.`

			`=item "nonce" (B<OSSL_KDF_PARAM_HMACDRBG_NONCE>) <octet string>`

			`Sets the nonce bytes supplied to the HMAC-DRBG.`

			`=back`

			`=head1 NOTES`

			`A context for KDF HMAC DRBG can be obtained by calling:`

			`EVP_KDF *kdf = EVP_KDF_fetch(NULL, "HMAC-DRBG-KDF", NULL);`
			`EVP_KDF_CTX *kdf_ctx = EVP_KDF_CTX_new(kdf, NULL);`

			`=head1 CONFORMING TO`

			`RFC 6979`

			`=head1 SEE ALSO`

			`L<EVP_KDF(3)>,`
			`L<EVP_KDF(3)/PARAMETERS>`

			`=head1 HISTORY`

			`The EVP_KDF-HMAC-DRBG functionality was added in OpenSSL 3.2.`

			`=head1 COPYRIGHT`

Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes 2023-09-07 16:59:15 +08:00			`Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.`
Implement deterministic ECDSA sign (RFC6979) This PR is based off the contributions in PR #9223 by Jemmy1228. It has been modified and reworked to: (1) Work with providers (2) Support ECDSA and DSA (3) Add a KDF HMAC_DRBG implementation that shares code with the RAND HMAC_DRBG. A nonce_type is passed around inside the Signing API's, in order to support any future deterministic algorithms. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18809) 2022-07-15 19:22:01 +08:00
			`Licensed under the Apache License 2.0 (the "License"). You may not use`
			`this file except in compliance with the License. You can obtain a copy`
			`in the file LICENSE in the source distribution or at`
			`L<https://www.openssl.org/source/license.html>.`

			`=cut`