projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix typo in HKDF example documentation
[openssl.git]
/
doc
/
man3
/
RAND_load_file.pod
diff --git
a/doc/man3/RAND_load_file.pod
b/doc/man3/RAND_load_file.pod
index 0a0c4bca6b6557da5c0b1fd6dda4ee1a14b59995..3cb7084862f78bdf477533f232174915d77f7474 100644
(file)
--- a/
doc/man3/RAND_load_file.pod
+++ b/
doc/man3/RAND_load_file.pod
@@
-20,8
+20,12
@@
RAND_load_file() reads a number of bytes from file B<filename> and
adds them to the PRNG. If B<max_bytes> is non-negative,
up to B<max_bytes> are read;
if B<max_bytes> is -1, the complete file is read.
adds them to the PRNG. If B<max_bytes> is non-negative,
up to B<max_bytes> are read;
if B<max_bytes> is -1, the complete file is read.
+Do not load the same file multiple times unless its contents have
+been updated by RAND_write_file() between reads.
+Also, note that B<filename> should be adequately protected so that an
+attacker cannot replace or examine the contents.
-RAND_write_file() writes a number of random bytes (currently
256
) to
+RAND_write_file() writes a number of random bytes (currently
128
) to
file B<filename> which can be used to initialize the PRNG by calling
RAND_load_file() in a later session.
file B<filename> which can be used to initialize the PRNG by calling
RAND_load_file() in a later session.
@@
-56,8
+60,8
@@
B<num> is too small for the path name, an error occurs.
RAND_load_file() returns the number of bytes read.
RAND_load_file() returns the number of bytes read.
-RAND_write_file() returns the number of bytes written,
and
-1 if the
-bytes written were generated without appropriate seed.
+RAND_write_file() returns the number of bytes written,
or
-1 if the
+bytes written were generated without appropriate seed
ing
.
RAND_file_name() returns a pointer to B<buf> on success, and NULL on
error.
RAND_file_name() returns a pointer to B<buf> on success, and NULL on
error.
@@
-68,10
+72,10
@@
L<RAND_bytes(3)>, L<RAND_add(3)>
=head1 HISTORY
=head1 HISTORY
-A comment in the source since at least OpenSSL
version
1.0.2 said that
+A comment in the source since at least OpenSSL 1.0.2 said that
RAND_load_file() and RAND_write_file() were only intended for regular files,
and not really device special files such as C</dev/random>. This was
RAND_load_file() and RAND_write_file() were only intended for regular files,
and not really device special files such as C</dev/random>. This was
-poorly enforced before OpenSSL
version
1.1.1.
+poorly enforced before OpenSSL 1.1.1.
=head1 COPYRIGHT
=head1 COPYRIGHT