]>
Commit | Line | Data |
---|---|---|
a73d990e DMSP |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | RAND_DRBG_get0_master, | |
6 | RAND_DRBG_get0_public, | |
7 | RAND_DRBG_get0_private | |
8 | - get access to the global RAND_DRBG instances | |
9 | ||
10 | =head1 SYNOPSIS | |
11 | ||
12 | #include <openssl/rand_drbg.h> | |
13 | ||
14 | RAND_DRBG *RAND_DRBG_get0_master(void); | |
15 | RAND_DRBG *RAND_DRBG_get0_public(void); | |
16 | RAND_DRBG *RAND_DRBG_get0_private(void); | |
17 | ||
18 | ||
19 | =head1 DESCRIPTION | |
20 | ||
21 | The default RAND API implementation (RAND_OpenSSL()) utilizes three | |
22 | shared DRBG instances which are accessed via the RAND API: | |
23 | ||
24 | The <public> and <private> DRBG are thread-local instances, which are used | |
25 | by RAND_bytes() and RAND_priv_bytes(), respectively. | |
26 | The <master> DRBG is a global instance, which is not intended to be used | |
27 | directly, but is used internally to reseed the other two instances. | |
28 | ||
29 | These functions here provide access to the shared DRBG instances. | |
30 | ||
31 | =head1 RETURN VALUES | |
32 | ||
33 | RAND_DRBG_get0_master() returns a pointer to the <master> DRBG instance. | |
34 | ||
35 | RAND_DRBG_get0_public() returns a pointer to the <public> DRBG instance. | |
36 | ||
37 | RAND_DRBG_get0_private() returns a pointer to the <private> DRBG instance. | |
38 | ||
39 | ||
40 | =head1 NOTES | |
41 | ||
42 | It is not thread-safe to access the <master> DRBG instance. | |
43 | The <public> and <private> DRBG instance can be accessed safely, because | |
44 | they are thread-local. Note however, that changes to these two instances | |
45 | apply only to the current thread. | |
46 | ||
47 | For that reason it is recommended not to change the settings of these | |
48 | three instances directly. | |
49 | Instead, an application should change the default settings for new DRBG instances | |
50 | at initialization time, before creating additional threads. | |
51 | ||
52 | During initialization, it is possible to change the reseed interval | |
53 | and reseed time interval. | |
54 | It is also possible to exchange the reseeding callbacks entirely. | |
55 | ||
56 | ||
57 | =head1 HISTORY | |
58 | ||
59 | The RAND_DRBG functions were added in OpenSSL 1.1.1. | |
60 | ||
61 | =head1 SEE ALSO | |
62 | ||
63 | L<RAND_DRBG_set_callbacks(3)>, | |
64 | L<RAND_DRBG_set_reseed_defaults(3)>, | |
65 | L<RAND_DRBG_set_reseed_interval(3)>, | |
66 | L<RAND_DRBG_set_reseed_time_interval(3)>, | |
67 | L<RAND_DRBG_set_callbacks(3)>, | |
68 | L<RAND_DRBG_generate(3)>, | |
69 | L<RAND_DRBG(7)> | |
70 | ||
71 | =head1 COPYRIGHT | |
72 | ||
73 | Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. | |
74 | ||
4746f25a | 75 | Licensed under the Apache License 2.0 (the "License"). You may not use |
a73d990e DMSP |
76 | this file except in compliance with the License. You can obtain a copy |
77 | in the file LICENSE in the source distribution or at | |
78 | L<https://www.openssl.org/source/license.html>. | |
79 | ||
80 | =cut |