]>
Commit | Line | Data |
---|---|---|
60b52453 UM |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
b0700d2c | 5 | RAND_set_rand_method, RAND_get_rand_method, RAND_OpenSSL - select RAND method |
60b52453 UM |
6 | |
7 | =head1 SYNOPSIS | |
8 | ||
9 | #include <openssl/rand.h> | |
10 | ||
5bf73873 | 11 | void RAND_set_rand_method(const RAND_METHOD *meth); |
60b52453 | 12 | |
5bf73873 | 13 | const RAND_METHOD *RAND_get_rand_method(void); |
60b52453 | 14 | |
b0700d2c | 15 | RAND_METHOD *RAND_OpenSSL(void); |
60b52453 UM |
16 | |
17 | =head1 DESCRIPTION | |
18 | ||
5bf73873 GT |
19 | A B<RAND_METHOD> specifies the functions that OpenSSL uses for random number |
20 | generation. By modifying the method, alternative implementations such as | |
21 | hardware RNGs may be used. IMPORTANT: See the NOTES section for important | |
22 | information about how these RAND API functions are affected by the use of | |
23 | B<ENGINE> API calls. | |
60b52453 | 24 | |
5bf73873 | 25 | Initially, the default RAND_METHOD is the OpenSSL internal implementation, as |
b0700d2c | 26 | returned by RAND_OpenSSL(). |
5bf73873 GT |
27 | |
28 | RAND_set_default_method() makes B<meth> the method for PRNG use. B<NB>: This is | |
29 | true only whilst no ENGINE has been set as a default for RAND, so this function | |
30 | is no longer recommended. | |
31 | ||
32 | RAND_get_default_method() returns a pointer to the current RAND_METHOD. | |
b6a338cb | 33 | However, the meaningfulness of this result is dependent on whether the ENGINE |
5bf73873 | 34 | API is being used, so this function is no longer recommended. |
60b52453 | 35 | |
e93f9a32 | 36 | =head1 THE RAND_METHOD STRUCTURE |
60b52453 UM |
37 | |
38 | typedef struct rand_meth_st | |
39 | { | |
40 | void (*seed)(const void *buf, int num); | |
41 | int (*bytes)(unsigned char *buf, int num); | |
42 | void (*cleanup)(void); | |
43 | void (*add)(const void *buf, int num, int entropy); | |
44 | int (*pseudorand)(unsigned char *buf, int num); | |
7f112099 | 45 | int (*status)(void); |
60b52453 UM |
46 | } RAND_METHOD; |
47 | ||
48 | The components point to the implementation of RAND_seed(), | |
7f112099 UM |
49 | RAND_bytes(), RAND_cleanup(), RAND_add(), RAND_pseudo_rand() |
50 | and RAND_status(). | |
60b52453 UM |
51 | Each component may be NULL if the function is not implemented. |
52 | ||
53 | =head1 RETURN VALUES | |
54 | ||
55 | RAND_set_rand_method() returns no value. RAND_get_rand_method() and | |
b0700d2c | 56 | RAND_OpenSSL() return pointers to the respective methods. |
60b52453 | 57 | |
5bf73873 GT |
58 | =head1 NOTES |
59 | ||
a528d4f0 | 60 | RAND_METHOD implementations are grouped together with other |
5bf73873 GT |
61 | algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B<ENGINE> modules. If a |
62 | default ENGINE is specified for RAND functionality using an ENGINE API function, | |
63 | that will override any RAND defaults set using the RAND API (ie. | |
64 | RAND_set_rand_method()). For this reason, the ENGINE API is the recommended way | |
65 | to control default implementations for use in RAND and other cryptographic | |
66 | algorithms. | |
67 | ||
60b52453 UM |
68 | =head1 SEE ALSO |
69 | ||
9b86974e | 70 | L<rand(3)>, L<engine(3)> |
60b52453 | 71 | |
60b52453 | 72 | =cut |