From: slontis <shane.lontis@oracle.com>
Date: Wed, 22 Feb 2023 23:09:57 +0000 (+1000)
Subject: Document the list of RAND algorithms in the default and fips providers.
X-Git-Tag: openssl-3.2.0-alpha1~1224
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7066c57dce88994778daa10ba2c81490fc5cf0c7;p=thirdparty%2Fopenssl.git

Document the list of RAND algorithms in the default and fips providers.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20361)
---

diff --git a/doc/man7/OSSL_PROVIDER-FIPS.pod b/doc/man7/OSSL_PROVIDER-FIPS.pod
index 23d53736ab3..9396b5e4318 100644
--- a/doc/man7/OSSL_PROVIDER-FIPS.pod
+++ b/doc/man7/OSSL_PROVIDER-FIPS.pod
@@ -170,6 +170,22 @@ The OpenSSL FIPS provider supports these operations and algorithms:
 
 =back
 
+=head2 Random Number Generation
+
+=over 4
+
+=item CTR-DRBG, see L<EVP_RAND-CTR-DRBG(7)>
+
+=item HASH-DRBG, see L<EVP_RAND-HASH-DRBG(7)>
+
+=item HMAC-DRBG, see L<EVP_RAND-HMAC-DRBG(7)>
+
+=item TEST-RAND, see L<EVP_RAND-TEST-RAND(7)>
+
+TEST-RAND is an unapproved algorithm.
+
+=back
+
 =head1 SELF TESTING
 
 One of the requirements for the FIPS module is self testing. An optional callback
diff --git a/doc/man7/OSSL_PROVIDER-default.pod b/doc/man7/OSSL_PROVIDER-default.pod
index acb7bbb89aa..5ac87ee6cc4 100644
--- a/doc/man7/OSSL_PROVIDER-default.pod
+++ b/doc/man7/OSSL_PROVIDER-default.pod
@@ -227,6 +227,22 @@ The OpenSSL default provider supports these operations and algorithms:
 
 =back
 
+=head2 Random Number Generation
+
+=over 4
+
+=item CTR-DRBG, see L<EVP_RAND-CTR-DRBG(7)>
+
+=item HASH-DRBG, see L<EVP_RAND-HASH-DRBG(7)>
+
+=item HMAC-DRBG, see L<EVP_RAND-HMAC-DRBG(7)>
+
+=item SEED-SRC,  see L<EVP_RAND-SEED-SRC(7)>
+
+=item TEST-RAND, see L<EVP_RAND-TEST-RAND(7)>
+
+=back
+
 =head2 Asymmetric Key Encoder
 
 The default provider also includes all of the encoding algorithms