EVP_RAND_CTX *RAND_get0_public(OSSL_LIB_CTX *ctx);
EVP_RAND_CTX *RAND_get0_private(OSSL_LIB_CTX *ctx);
-
=head1 DESCRIPTION
The default RAND API implementation (RAND_OpenSSL()) utilizes three
--- /dev/null
+=pod
+
+=head1 NAME
+
+RAND_set_DRBG_type,
+RAND_set_seed_source_type
+- specify the global random number generator types
+
+=head1 SYNOPSIS
+
+ #include <openssl/rand.h>
+
+ int RAND_set_DRBG_type(OSSL_LIB_CTX *ctx, const char *drbg, const char *propq,
+ const char *cipher, const char *digest);
+ int RAND_set_seed_source_type(OSSL_LIB_CTX *ctx, const char *seed,
+ const char *propq);
+
+=head1 DESCRIPTION
+
+RAND_set_DRBG_type() specifies the random bit generator that will be
+used within the library context I<ctx>. A generator of name I<drbg>
+with properties I<propq> will be fetched. It will be instantiated with
+either I<cipher> or I<digest> as its underlying cryptographic algorithm.
+This specifies the type that will be used for the primary, public and
+private random instances.
+
+RAND_set_seed_source_type() specifies the seed source that will be used
+within the library context I<ctx>. The seed source of name I<seed>
+with properties I<propq> will be fetched and used to seed the primary
+random big generator.
+
+=head1 RETURN VALUES
+
+These function return 1 on success and 0 on failure.
+
+=head1 NOTES
+
+These functions must be called before the random bit generators are first
+created in the library context. They will return an error if the call
+is made too late.
+
+The default DRBG is "CTR-DRBG" using the "AES-256-CTR" cipher.
+
+The default seed source is "SEED-SRC".
+
+=head1 SEE ALSO
+
+L<EVP_RAND(3)>,
+L<RAND_get0_primary(3)>
+
+=head1 HISTORY
+
+These functions were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
#include <openssl/rand.h>
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
RAND_METHOD *RAND_OpenSSL(void);
int RAND_set_rand_method(const RAND_METHOD *meth);
=head1 DESCRIPTION
+All of the functions described on this page are deprecated.
+Applications should instead use L<RAND_set_DRBG_type(3)>,
+L<EVP_RAND(3)> and L<EVP_RAND(7)>.
+
A B<RAND_METHOD> specifies the functions that OpenSSL uses for random number
generation.
=head1 SEE ALSO
+L<EVP_RAND(3)>,
+L<RAND_set_DRBG_type(3)>,
L<RAND_bytes(3)>,
L<ENGINE_by_id(3)>,
+L<EVP_RAND(7)>,
L<RAND(7)>
=head1 HISTORY
-The ability for an B<ENGINE> to replace the RAND API was deprecated in
-OpenSSL 3.0.
+All of these functions were deprecated in OpenSSL 3.0.
=head1 COPYRIGHT
CSPRNG instance will not affect the secrecy of these private values.
In the rare case where the default implementation does not satisfy your special
-requirements, the default RAND method can be replaced by your own RAND
-method using L<RAND_set_rand_method(3)>.
+requirements, the default RAND internals can be replaced by your own
+L<EVP_RAND(3)> objects.
Changing the default random generator should be necessary
only in exceptional cases and is not recommended, unless you have a profound
L<RAND_bytes(3)>,
L<RAND_priv_bytes(3)>,
-L<RAND_get_rand_method(3)>,
-L<RAND_set_rand_method(3)>,
-L<RAND_OpenSSL(3)>,
L<EVP_RAND(3)>,
-L<RAND_get0_primary(3)>
+L<RAND_get0_primary(3)>,
+L<EVP_RAND(7)>
=head1 COPYRIGHT
+++ /dev/null
-/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * https://www.openssl.org/source/license.html
- * or in the file LICENSE in the source distribution.
- */
-#include <openssl/rand.h>
-
-static int fuzz_bytes(unsigned char *buf, int num)
-{
- unsigned char val = 1;
-
- while (--num >= 0)
- *buf++ = val++;
- return 1;
-}
-
-static int fuzz_status(void)
-{
- return 1;
-}
-
-static RAND_METHOD fuzz_rand_method = {
- NULL,
- fuzz_bytes,
- NULL,
- NULL,
- fuzz_bytes,
- fuzz_status
-};
-
-void FuzzerSetRand(void)
-{
- RAND_set_rand_method(&fuzz_rand_method);
-}
-
-
projects / openssl.git / commitdiff