]>
Commit | Line | Data |
---|---|---|
a73d990e DMSP |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
37ca204b MC |
5 | OPENSSL_CTX_get0_master_drbg, |
6 | OPENSSL_CTX_get0_public_drbg, | |
7 | OPENSSL_CTX_get0_private_drbg, | |
a73d990e DMSP |
8 | RAND_DRBG_get0_master, |
9 | RAND_DRBG_get0_public, | |
10 | RAND_DRBG_get0_private | |
11 | - get access to the global RAND_DRBG instances | |
12 | ||
13 | =head1 SYNOPSIS | |
14 | ||
15 | #include <openssl/rand_drbg.h> | |
16 | ||
37ca204b MC |
17 | RAND_DRBG *OPENSSL_CTX_get0_master_drbg(OPENSSL_CTX *ctx); |
18 | RAND_DRBG *OPENSSL_CTX_get0_public_drbg(OPENSSL_CTX *ctx); | |
19 | RAND_DRBG *OPENSSL_CTX_get0_private_drbg(OPENSSL_CTX *ctx); | |
a73d990e DMSP |
20 | RAND_DRBG *RAND_DRBG_get0_master(void); |
21 | RAND_DRBG *RAND_DRBG_get0_public(void); | |
22 | RAND_DRBG *RAND_DRBG_get0_private(void); | |
23 | ||
24 | ||
25 | =head1 DESCRIPTION | |
26 | ||
27 | The default RAND API implementation (RAND_OpenSSL()) utilizes three | |
28 | shared DRBG instances which are accessed via the RAND API: | |
29 | ||
37ca204b | 30 | The I<public> and I<private> DRBG are thread-local instances, which are used |
a73d990e | 31 | by RAND_bytes() and RAND_priv_bytes(), respectively. |
37ca204b | 32 | The I<master> DRBG is a global instance, which is not intended to be used |
a73d990e DMSP |
33 | directly, but is used internally to reseed the other two instances. |
34 | ||
35 | These functions here provide access to the shared DRBG instances. | |
36 | ||
37 | =head1 RETURN VALUES | |
38 | ||
37ca204b MC |
39 | OPENSSL_CTX_get0_master_drbg() returns a pointer to the I<master> DRBG instance |
40 | for the given OPENSSL_CTX B<ctx>. | |
a73d990e | 41 | |
37ca204b MC |
42 | OPENSSL_CTX_get0_public_drbg() returns a pointer to the I<public> DRBG instance |
43 | for the given OPENSSL_CTX B<ctx>. | |
a73d990e | 44 | |
37ca204b MC |
45 | OPENSSL_CTX_get0_private_drbg() returns a pointer to the I<private> DRBG instance |
46 | for the given OPENSSL_CTX B<ctx>. | |
a73d990e | 47 | |
37ca204b MC |
48 | In all the above cases the B<ctx> parameter can |
49 | be NULL in which case the default OPENSSL_CTX is used. RAND_DRBG_get0_master(), | |
50 | RAND_DRBG_get0_public() and RAND_DRBG_get0_private() are the same as | |
51 | OPENSSL_CTX_get0_master_drbg(), OPENSSL_CTX_get0_public_drbg() and | |
52 | OPENSSL_CTX_get0_private_drbg() respectively except that the default OPENSSL_CTX | |
53 | is always used. | |
a73d990e DMSP |
54 | |
55 | =head1 NOTES | |
56 | ||
37ca204b MC |
57 | It is not thread-safe to access the I<master> DRBG instance. |
58 | The I<public> and I<private> DRBG instance can be accessed safely, because | |
a73d990e DMSP |
59 | they are thread-local. Note however, that changes to these two instances |
60 | apply only to the current thread. | |
61 | ||
62 | For that reason it is recommended not to change the settings of these | |
63 | three instances directly. | |
64 | Instead, an application should change the default settings for new DRBG instances | |
65 | at initialization time, before creating additional threads. | |
66 | ||
67 | During initialization, it is possible to change the reseed interval | |
68 | and reseed time interval. | |
69 | It is also possible to exchange the reseeding callbacks entirely. | |
70 | ||
a73d990e DMSP |
71 | =head1 SEE ALSO |
72 | ||
73 | L<RAND_DRBG_set_callbacks(3)>, | |
74 | L<RAND_DRBG_set_reseed_defaults(3)>, | |
75 | L<RAND_DRBG_set_reseed_interval(3)>, | |
76 | L<RAND_DRBG_set_reseed_time_interval(3)>, | |
77 | L<RAND_DRBG_set_callbacks(3)>, | |
78 | L<RAND_DRBG_generate(3)>, | |
79 | L<RAND_DRBG(7)> | |
80 | ||
b5c4bbbe JL |
81 | =head1 HISTORY |
82 | ||
37ca204b MC |
83 | The OPENSSL_CTX_get0_master_drbg(), OPENSSL_CTX_get0_public_drbg() and |
84 | OPENSSL_CTX_get0_private_drbg() functions were added in OpenSSL 3.0. | |
85 | ||
86 | All other RAND_DRBG functions were added in OpenSSL 1.1.1. | |
b5c4bbbe | 87 | |
a73d990e DMSP |
88 | =head1 COPYRIGHT |
89 | ||
b5c4bbbe | 90 | Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved. |
a73d990e | 91 | |
4746f25a | 92 | Licensed under the Apache License 2.0 (the "License"). You may not use |
a73d990e DMSP |
93 | this file except in compliance with the License. You can obtain a copy |
94 | in the file LICENSE in the source distribution or at | |
95 | L<https://www.openssl.org/source/license.html>. | |
96 | ||
97 | =cut |