1 files changed, 0 insertions, 396 deletions
diff --git a/secure/lib/libcrypto/man/man7/RAND_DRBG.7 b/secure/lib/libcrypto/man/man7/RAND_DRBG.7
deleted file mode 100644
index 816c53ac3cff..000000000000
--- a/secure/lib/libcrypto/man/man7/RAND_DRBG.7
+++ /dev/null
@@ -1,396 +0,0 @@
-.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.40)
-.\"
-.\" Standard preamble:
-.\" ========================================================================
-.de Sp \" Vertical space (when we can't use .PP)
-.if t .sp .5v
-.if n .sp
-..
-.de Vb \" Begin verbatim text
-.ft CW
-.nf
-.ne \\$1
-..
-.de Ve \" End verbatim text
-.ft R
-.fi
-..
-.\" Set up some character translations and predefined strings.  \*(-- will
-.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote.  \*(C+ will
-.\" give a nicer C++.  Capital omega is used to do unbreakable dashes and
-.\" therefore won't be available.  \*(C` and \*(C' expand to `' in nroff,
-.\" nothing in troff, for use with C<>.
-.tr \(*W-
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
-.ie n \{\
-.    ds -- \(*W-
-.    ds PI pi
-.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
-.    ds L" ""
-.    ds R" ""
-.    ds C` ""
-.    ds C' ""
-'br\}
-.el\{\
-.    ds -- \|\(em\|
-.    ds PI \(*p
-.    ds L" ``
-.    ds R" ''
-.    ds C`
-.    ds C'
-'br\}
-.\"
-.\" Escape single quotes in literal strings from groff's Unicode transform.
-.ie \n(.g .ds Aq \(aq
-.el       .ds Aq '
-.\"
-.\" If the F register is >0, we'll generate index entries on stderr for
-.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
-.\" entries marked with X<> in POD.  Of course, you'll have to process the
-.\" output yourself in some meaningful fashion.
-.\"
-.\" Avoid warning from groff about undefined register 'F'.
-.de IX
-..
-.nr rF 0
-.if \n(.g .if rF .nr rF 1
-.if (\n(rF:(\n(.g==0)) \{\
-.    if \nF \{\
-.        de IX
-.        tm Index:\\$1\t\\n%\t"\\$2"
-..
-.        if !\nF==2 \{\
-.            nr % 0
-.            nr F 2
-.        \}
-.    \}
-.\}
-.rr rF
-.\"
-.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
-.\" Fear.  Run.  Save yourself.  No user-serviceable parts.
-.    \" fudge factors for nroff and troff
-.if n \{\
-.    ds #H 0
-.    ds #V .8m
-.    ds #F .3m
-.    ds #[ \f1
-.    ds #] \fP
-.\}
-.if t \{\
-.    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-.    ds #V .6m
-.    ds #F 0
-.    ds #[ \&
-.    ds #] \&
-.\}
-.    \" simple accents for nroff and troff
-.if n \{\
-.    ds ' \&
-.    ds ` \&
-.    ds ^ \&
-.    ds , \&
-.    ds ~ ~
-.    ds /
-.\}
-.if t \{\
-.    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-.    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-.    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-.    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-.    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-.    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-.\}
-.    \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-.    \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-.    \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-.    ds : e
-.    ds 8 ss
-.    ds o a
-.    ds d- d\h'-1'\(ga
-.    ds D- D\h'-1'\(hy
-.    ds th \o'bp'
-.    ds Th \o'LP'
-.    ds ae ae
-.    ds Ae AE
-.\}
-.rm #[ #] #H #V #F C
-.\" ========================================================================
-.\"
-.IX Title "RAND_DRBG 7"
-.TH RAND_DRBG 7 "2022-07-05" "1.1.1q" "OpenSSL"
-.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
-.\" way too many mistakes in technical documents.
-.if n .ad l
-.nh
-.SH "NAME"
-RAND_DRBG \- the deterministic random bit generator
-.SH "SYNOPSIS"
-.IX Header "SYNOPSIS"
-.Vb 1
-\& #include <openssl/rand_drbg.h>
-.Ve
-.SH "DESCRIPTION"
-.IX Header "DESCRIPTION"
-The default OpenSSL \s-1RAND\s0 method is based on the \s-1RAND_DRBG\s0 class,
-which implements a deterministic random bit generator (\s-1DRBG\s0).
-A \s-1DRBG\s0 is a certain type of cryptographically-secure pseudo-random
-number generator (\s-1CSPRNG\s0), which is described in
-[\s-1NIST SP 800\-90A\s0 Rev. 1].
-.PP
-While the \s-1RAND API\s0 is the 'frontend' which is intended to be used by
-application developers for obtaining random bytes, the \s-1RAND_DRBG API\s0
-serves as the 'backend', connecting the former with the operating
-systems's entropy sources and providing access to the \s-1DRBG\s0's
-configuration parameters.
-.SS "Disclaimer"
-.IX Subsection "Disclaimer"
-Unless you have very specific requirements for your random generator,
-it is in general not necessary to utilize the \s-1RAND_DRBG API\s0 directly.
-The usual way to obtain random bytes is to use \fBRAND_bytes\fR\|(3) or
-\&\fBRAND_priv_bytes\fR\|(3), see also \s-1\fBRAND\s0\fR\|(7).
-.SS "Typical Use Cases"
-.IX Subsection "Typical Use Cases"
-Typical examples for such special use cases are the following:
-.IP "\(bu" 2
-You want to use your own private \s-1DRBG\s0 instances.
-Multiple \s-1DRBG\s0 instances which are accessed only by a single thread provide
-additional security (because their internal states are independent) and
-better scalability in multithreaded applications (because they don't need
-to be locked).
-.IP "\(bu" 2
-You need to integrate a previously unsupported entropy source.
-.IP "\(bu" 2
-You need to change the default settings of the standard OpenSSL \s-1RAND\s0
-implementation to meet specific requirements.
-.SH "CHAINING"
-.IX Header "CHAINING"
-A \s-1DRBG\s0 instance can be used as the entropy source of another \s-1DRBG\s0 instance,
-provided it has itself access to a valid entropy source.
-The \s-1DRBG\s0 instance which acts as entropy source is called the \fIparent\fR \s-1DRBG,\s0
-the other instance the \fIchild\fR \s-1DRBG.\s0
-.PP
-This is called chaining. A chained \s-1DRBG\s0 instance is created by passing
-a pointer to the parent \s-1DRBG\s0 as argument to the \fBRAND_DRBG_new()\fR call.
-It is possible to create chains of more than two \s-1DRBG\s0 in a row.
-.SH "THE THREE SHARED DRBG INSTANCES"
-.IX Header "THE THREE SHARED DRBG INSTANCES"
-Currently, there are three shared \s-1DRBG\s0 instances,
-the <master>, <public>, and <private> \s-1DRBG.\s0
-While the <master> \s-1DRBG\s0 is a single global instance, the <public> and <private>
-\&\s-1DRBG\s0 are created per thread and accessed through thread-local storage.
-.PP
-By default, the functions \fBRAND_bytes\fR\|(3) and \fBRAND_priv_bytes\fR\|(3) use
-the thread-local <public> and <private> \s-1DRBG\s0 instance, respectively.
-.SS "The <master> \s-1DRBG\s0 instance"
-.IX Subsection "The <master> DRBG instance"
-The <master> \s-1DRBG\s0 is not used directly by the application, only for reseeding
-the two other two \s-1DRBG\s0 instances. It reseeds itself by obtaining randomness
-either from os entropy sources or by consuming randomness which was added
-previously by \fBRAND_add\fR\|(3).
-.SS "The <public> \s-1DRBG\s0 instance"
-.IX Subsection "The <public> DRBG instance"
-This instance is used per default by \fBRAND_bytes\fR\|(3).
-.SS "The <private> \s-1DRBG\s0 instance"
-.IX Subsection "The <private> DRBG instance"
-This instance is used per default by \fBRAND_priv_bytes\fR\|(3)
-.SH "LOCKING"
-.IX Header "LOCKING"
-The <master> \s-1DRBG\s0 is intended to be accessed concurrently for reseeding
-by its child \s-1DRBG\s0 instances. The necessary locking is done internally.
-It is \fInot\fR thread-safe to access the <master> \s-1DRBG\s0 directly via the
-\&\s-1RAND_DRBG\s0 interface.
-The <public> and <private> \s-1DRBG\s0 are thread-local, i.e. there is an
-instance of each per thread. So they can safely be accessed without
-locking via the \s-1RAND_DRBG\s0 interface.
-.PP
-Pointers to these \s-1DRBG\s0 instances can be obtained using
-\&\fBRAND_DRBG_get0_master()\fR,
-\&\fBRAND_DRBG_get0_public()\fR, and
-\&\fBRAND_DRBG_get0_private()\fR, respectively.
-Note that it is not allowed to store a pointer to one of the thread-local
-\&\s-1DRBG\s0 instances in a variable or other memory location where it will be
-accessed and used by multiple threads.
-.PP
-All other \s-1DRBG\s0 instances created by an application don't support locking,
-because they are intended to be used by a single thread.
-Instead of accessing a single \s-1DRBG\s0 instance concurrently from different
-threads, it is recommended to instantiate a separate \s-1DRBG\s0 instance per
-thread. Using the <master> \s-1DRBG\s0 as entropy source for multiple \s-1DRBG\s0
-instances on different threads is thread-safe, because the \s-1DRBG\s0 instance
-will lock the <master> \s-1DRBG\s0 automatically for obtaining random input.
-.SH "THE OVERALL PICTURE"
-.IX Header "THE OVERALL PICTURE"
-The following picture gives an overview over how the \s-1DRBG\s0 instances work
-together and are being used.
-.PP
-.Vb 10
-\&               +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
-\&               | os entropy sources |
-\&               +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
-\&                        |
-\&                        v           +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
-\&      RAND_add() ==> <master>     <\-| shared DRBG (with locking)  |
-\&                      /   \e         +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
-\&                     /     \e              +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
-\&              <public>     <private>   <\- | per\-thread DRBG instances |
-\&                 |             |          +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
-\&                 v             v
-\&               RAND_bytes()   RAND_priv_bytes()
-\&                    |               ^
-\&                    |               |
-\&    +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+      +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
-\&    | general purpose  |      | used for secrets like session keys |
-\&    | random generator |      | and private keys for certificates  |
-\&    +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+      +\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
-.Ve
-.PP
-The usual way to obtain random bytes is to call RAND_bytes(...) or
-RAND_priv_bytes(...). These calls are roughly equivalent to calling
-RAND_DRBG_bytes(<public>, ...) and RAND_DRBG_bytes(<private>, ...),
-respectively. The method \fBRAND_DRBG_bytes\fR\|(3) is a convenience method
-wrapping the \fBRAND_DRBG_generate\fR\|(3) function, which serves the actual
-request for random data.
-.SH "RESEEDING"
-.IX Header "RESEEDING"
-A \s-1DRBG\s0 instance seeds itself automatically, pulling random input from
-its entropy source. The entropy source can be either a trusted operating
-system entropy source, or another \s-1DRBG\s0 with access to such a source.
-.PP
-Automatic reseeding occurs after a predefined number of generate requests.
-The selection of the trusted entropy sources is configured at build
-time using the \-\-with\-rand\-seed option. The following sections explain
-the reseeding process in more detail.
-.SS "Automatic Reseeding"
-.IX Subsection "Automatic Reseeding"
-Before satisfying a generate request (\fBRAND_DRBG_generate\fR\|(3)), the \s-1DRBG\s0
-reseeds itself automatically, if one of the following conditions holds:
-.PP
-\&\- the \s-1DRBG\s0 was not instantiated (=seeded) yet or has been uninstantiated.
-.PP
-\&\- the number of generate requests since the last reseeding exceeds a
-certain threshold, the so called \fIreseed_interval\fR.
-This behaviour can be disabled by setting the \fIreseed_interval\fR to 0.
-.PP
-\&\- the time elapsed since the last reseeding exceeds a certain time
-interval, the so called \fIreseed_time_interval\fR.
-This can be disabled by setting the \fIreseed_time_interval\fR to 0.
-.PP
-\&\- the \s-1DRBG\s0 is in an error state.
-.PP
-\&\fBNote\fR: An error state is entered if the entropy source fails while
-the \s-1DRBG\s0 is seeding or reseeding.
-The last case ensures that the \s-1DRBG\s0 automatically recovers
-from the error as soon as the entropy source is available again.
-.SS "Manual Reseeding"
-.IX Subsection "Manual Reseeding"
-In addition to automatic reseeding, the caller can request an immediate
-reseeding of the \s-1DRBG\s0 with fresh entropy by setting the
-\&\fIprediction resistance\fR parameter to 1 when calling \fBRAND_DRBG_generate\fR\|(3).
-.PP
-The document [\s-1NIST SP 800\-90C\s0] describes prediction resistance requests
-in detail and imposes strict conditions on the entropy sources that are
-approved for providing prediction resistance.
-Since the default \s-1DRBG\s0 implementation does not have access to such an approved
-entropy source, a request for prediction resistance will currently always fail.
-In other words, prediction resistance is currently not supported yet by the \s-1DRBG.\s0
-.PP
-For the three shared DRBGs (and only for these) there is another way to
-reseed them manually:
-If \fBRAND_add\fR\|(3) is called with a positive \fIrandomness\fR argument
-(or \fBRAND_seed\fR\|(3)), then this will immediately reseed the <master> \s-1DRBG.\s0
-The <public> and <private> \s-1DRBG\s0 will detect this on their next generate
-call and reseed, pulling randomness from <master>.
-.PP
-The last feature has been added to support the common practice used with
-previous OpenSSL versions to call \fBRAND_add()\fR before calling \fBRAND_bytes()\fR.
-.SS "Entropy Input vs. Additional Data"
-.IX Subsection "Entropy Input vs. Additional Data"
-The \s-1DRBG\s0 distinguishes two different types of random input: \fIentropy\fR,
-which comes from a trusted source, and \fIadditional input\fR',
-which can optionally be added by the user and is considered untrusted.
-It is possible to add \fIadditional input\fR not only during reseeding,
-but also for every generate request.
-This is in fact done automatically by \fBRAND_DRBG_bytes\fR\|(3).
-.SS "Configuring the Random Seed Source"
-.IX Subsection "Configuring the Random Seed Source"
-In most cases OpenSSL will automatically choose a suitable seed source
-for automatically seeding and reseeding its <master> \s-1DRBG.\s0 In some cases
-however, it will be necessary to explicitly specify a seed source during
-configuration, using the \-\-with\-rand\-seed option. For more information,
-see the \s-1INSTALL\s0 instructions. There are also operating systems where no
-seed source is available and automatic reseeding is disabled by default.
-.PP
-The following two sections describe the reseeding process of the master
-\&\s-1DRBG,\s0 depending on whether automatic reseeding is available or not.
-.SS "Reseeding the master \s-1DRBG\s0 with automatic seeding enabled"
-.IX Subsection "Reseeding the master DRBG with automatic seeding enabled"
-Calling \fBRAND_poll()\fR or \fBRAND_add()\fR is not necessary, because the \s-1DRBG\s0
-pulls the necessary entropy from its source automatically.
-However, both calls are permitted, and do reseed the \s-1RNG.\s0
-.PP
-\&\fBRAND_add()\fR can be used to add both kinds of random input, depending on the
-value of the \fBrandomness\fR argument:
-.IP "randomness == 0:" 4
-.IX Item "randomness == 0:"
-The random bytes are mixed as additional input into the current state of
-the \s-1DRBG.\s0
-Mixing in additional input is not considered a full reseeding, hence the
-reseed counter is not reset.
-.IP "randomness > 0:" 4
-.IX Item "randomness > 0:"
-The random bytes are used as entropy input for a full reseeding
-(resp. reinstantiation) if the \s-1DRBG\s0 is instantiated
-(resp. uninstantiated or in an error state).
-The number of random bits required for reseeding is determined by the
-security strength of the \s-1DRBG.\s0 Currently it defaults to 256 bits (32 bytes).
-It is possible to provide less randomness than required.
-In this case the missing randomness will be obtained by pulling random input
-from the trusted entropy sources.
-.SS "Reseeding the master \s-1DRBG\s0 with automatic seeding disabled"
-.IX Subsection "Reseeding the master DRBG with automatic seeding disabled"
-Calling \fBRAND_poll()\fR will always fail.
-.PP
-\&\fBRAND_add()\fR needs to be called for initial seeding and periodic reseeding.
-At least 48 bytes (384 bits) of randomness have to be provided, otherwise
-the (re\-)seeding of the \s-1DRBG\s0 will fail. This corresponds to one and a half
-times the security strength of the \s-1DRBG.\s0 The extra half is used for the
-nonce during instantiation.
-.PP
-More precisely, the number of bytes needed for seeding depend on the
-\&\fIsecurity strength\fR of the \s-1DRBG,\s0 which is set to 256 by default.
-.SH "SEE ALSO"
-.IX Header "SEE ALSO"
-\&\fBRAND_DRBG_bytes\fR\|(3),
-\&\fBRAND_DRBG_generate\fR\|(3),
-\&\fBRAND_DRBG_reseed\fR\|(3),
-\&\fBRAND_DRBG_get0_master\fR\|(3),
-\&\fBRAND_DRBG_get0_public\fR\|(3),
-\&\fBRAND_DRBG_get0_private\fR\|(3),
-\&\fBRAND_DRBG_set_reseed_interval\fR\|(3),
-\&\fBRAND_DRBG_set_reseed_time_interval\fR\|(3),
-\&\fBRAND_DRBG_set_reseed_defaults\fR\|(3),
-\&\s-1\fBRAND\s0\fR\|(7),
-.SH "COPYRIGHT"
-.IX Header "COPYRIGHT"
-Copyright 2017\-2018 The OpenSSL Project Authors. All Rights Reserved.
-.PP
-Licensed under the OpenSSL license (the \*(L"License\*(R").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file \s-1LICENSE\s0 in the source distribution or at
-<https://www.openssl.org/source/license.html>.