=head1 NAME
-RAND_bytes, RAND_pseudo_bytes - generate random data
+RAND_bytes, RAND_priv_bytes, RAND_pseudo_bytes - generate random data
=head1 SYNOPSIS
#include <openssl/rand.h>
int RAND_bytes(unsigned char *buf, int num);
+ int RAND_priv_bytes(unsigned char *buf, int num);
Deprecated:
=head1 DESCRIPTION
RAND_bytes() puts B<num> cryptographically strong pseudo-random bytes
-into B<buf>. An error occurs if the PRNG has not been seeded with
+into B<buf>. An error occurs if the CSPRNG has not been seeded with
enough randomness to ensure an unpredictable byte sequence.
-RAND_pseudo_bytes() has been deprecated; use RAND_bytes() instead.
+RAND_priv_bytes() has the same semantics as RAND_bytes(). It is intended to
+be used for generating long-term private keys. If using the default
+RAND_METHOD, this function uses a separate instance of the PRNG so that
+a compromise of the global generator will not affect such key generation.
=head1 RETURN VALUES
-RAND_bytes() returns 1 on success, -1 if not supported by the current
+RAND_bytes() and RAND_priv_bytes()
+return 1 on success, -1 if not supported by the current
RAND method, or 0 on other failure. The error code can be
obtained by L<ERR_get_error(3)>.
=head1 HISTORY
-RAND_pseudo_bytes() was deprecated in OpenSSL 1.1.0.
+RAND_pseudo_bytes() was deprecated in OpenSSL 1.1.0; use RAND_bytes() instead.
=head1 SEE ALSO
-L<RAND_bytes(3)>, L<ERR_get_error(3)>,
-L<RAND_add(3)>
+L<RAND_add(3)>,
+L<RAND_bytes(3)>,
+L<ERR_get_error(3)>,
+L<RAND(7)>
=head1 COPYRIGHT
-Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
projects / openssl.git / blobdiff