Hi,
If we check the DRBG specifications -
http://csrc.nist.gov/groups/STM/cavp/documents/drbg/DRBGVS.pdf
For cases with prediction resistance enabled, each trial consists of the
following functions called in sequence:
(1) instantiate drbg
(2) generate ReturnedBitsLen random bits, do not print
(3) generate ReturnedBitsLen random bits, print out
(4) uninstantiate
Also in fips_drbgvs.c
if (gen == 2)
{
OutputValue("ReturnedBits", randout, randoutlen,
out, 0);
FIPS_drbg_free(dctx);
dctx = NULL;
gen = 0;
}
What is reason to call the FIPS_drbg_generate twice?
Why do we need to call generate function twice?
thanks,
Bala
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
