X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=doc%2Fcrypto%2FRAND_set_rand_method.pod;h=c9bb6d9f27b3f0f67bebc2ce7d61e3dadacf2c7b;hp=0e3e3d728a3df33da23a315174c24987937ac1ea;hb=5bf738737da9c9c09a73686f945c22d5eb2e1a74;hpb=e93f9a3284c799bb851afaeddd56ed502ba189b6 diff --git a/doc/crypto/RAND_set_rand_method.pod b/doc/crypto/RAND_set_rand_method.pod index 0e3e3d728a..c9bb6d9f27 100644 --- a/doc/crypto/RAND_set_rand_method.pod +++ b/doc/crypto/RAND_set_rand_method.pod @@ -2,28 +2,36 @@ =head1 NAME -RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay - Select RAND method +RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay - select RAND method =head1 SYNOPSIS #include - void RAND_set_rand_method(RAND_METHOD *meth); + void RAND_set_rand_method(const RAND_METHOD *meth); - RAND_METHOD *RAND_get_rand_method(void); + const RAND_METHOD *RAND_get_rand_method(void); RAND_METHOD *RAND_SSLeay(void); =head1 DESCRIPTION -A B specifies the functions that OpenSSL uses for random -number generation. By modifying the method, alternative -implementations such as hardware RNGs may be used. Initially, the -default is to use the OpenSSL internal implementation. RAND_SSLeay() -returns a pointer to that method. +A B specifies the functions that OpenSSL uses for random number +generation. By modifying the method, alternative implementations such as +hardware RNGs may be used. IMPORTANT: See the NOTES section for important +information about how these RAND API functions are affected by the use of +B API calls. -RAND_set_rand_method() sets the RAND method to B. -RAND_get_rand_method() returns a pointer to the current method. +Initially, the default RAND_METHOD is the OpenSSL internal implementation, as +returned by RAND_SSLeay(). + +RAND_set_default_method() makes B the method for PRNG use. B: This is +true only whilst no ENGINE has been set as a default for RAND, so this function +is no longer recommended. + +RAND_get_default_method() returns a pointer to the current RAND_METHOD. +However, the meaningfulness of this result is dependant on whether the ENGINE +API is being used, so this function is no longer recommended. =head1 THE RAND_METHOD STRUCTURE @@ -34,10 +42,12 @@ RAND_get_rand_method() returns a pointer to the current method. void (*cleanup)(void); void (*add)(const void *buf, int num, int entropy); int (*pseudorand)(unsigned char *buf, int num); + int (*status)(void); } RAND_METHOD; The components point to the implementation of RAND_seed(), -RAND_bytes(), RAND_cleanup(), RAND_add() and RAND_pseudo_rand(). +RAND_bytes(), RAND_cleanup(), RAND_add(), RAND_pseudo_rand() +and RAND_status(). Each component may be NULL if the function is not implemented. =head1 RETURN VALUES @@ -45,13 +55,29 @@ Each component may be NULL if the function is not implemented. RAND_set_rand_method() returns no value. RAND_get_rand_method() and RAND_SSLeay() return pointers to the respective methods. +=head1 NOTES + +As of version 0.9.7, RAND_METHOD implementations are grouped together with other +algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B modules. If a +default ENGINE is specified for RAND functionality using an ENGINE API function, +that will override any RAND defaults set using the RAND API (ie. +RAND_set_rand_method()). For this reason, the ENGINE API is the recommended way +to control default implementations for use in RAND and other cryptographic +algorithms. + =head1 SEE ALSO -L +L, L =head1 HISTORY RAND_set_rand_method(), RAND_get_rand_method() and RAND_SSLeay() are available in all versions of OpenSSL. +In the engine version of version 0.9.6, RAND_set_rand_method() was altered to +take an ENGINE pointer as its argument. As of version 0.9.7, that has been +reverted as the ENGINE API transparently overrides RAND defaults if used, +otherwise RAND API functions work as before. RAND_set_rand_engine() was also +introduced in version 0.9.7. + =cut