X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=doc%2Fman3%2FRAND_add.pod;h=ee54390669037cfa0061736d0177fff88aafe722;hp=f5514f092e87691c2eb612961749537615bc932b;hb=8389ec4b4950b9474e72a959eb0b0a6ce77ac1e8;hpb=0d7903f83f84bba1d29225efd999c633a0c5ba01;ds=sidebyside diff --git a/doc/man3/RAND_add.pod b/doc/man3/RAND_add.pod index f5514f092e..ee54390669 100644 --- a/doc/man3/RAND_add.pod +++ b/doc/man3/RAND_add.pod @@ -2,63 +2,76 @@ =head1 NAME -RAND_add, RAND_seed, RAND_status, RAND_event, RAND_screen - add -randomness to the PRNG +RAND_add, RAND_poll, RAND_seed, RAND_status, RAND_event, RAND_screen +- add randomness to the PRNG or get its status =head1 SYNOPSIS #include - void RAND_seed(const void *buf, int num); + int RAND_status(void); + int RAND_poll() void RAND_add(const void *buf, int num, double randomness); + void RAND_seed(const void *buf, int num); - int RAND_status(void); +Deprecated: #if OPENSSL_API_COMPAT < 0x10100000L - int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam); + int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam); void RAND_screen(void); #endif =head1 DESCRIPTION -RAND_add() mixes the B bytes at B into the PRNG state. Thus, -if the data at B are unpredictable to an adversary, this -increases the uncertainty about the state and makes the PRNG output -less predictable. Suitable input comes from user interaction (random -key presses, mouse movements) and certain hardware events. The -B argument is an estimate of how much randomness is contained in +Random numbers are a vital part of cryptography, including key generation, +creating salts, etc., and software-based +generators must be "seeded" with external randomness before they can be +used as a cryptographically-secure pseudo-random number generator (CSPRNG). +The availability of common hardware with special instructions and +modern operating systems, which may use items such as interrupt jitter +and network packet timings, can be reasonable sources of seeding material. + +RAND_status() indicates whether or not the CSPRNG has been sufficiently +seeded. If not, functions such as RAND_bytes(3) will fail. + +RAND_poll() uses the current capabilities to seed the CSPRNG. The +exact features used depends on how OpenSSL was configured, and can +be displayed with the OpenSSL L command. This function is +normally called automatically during OpenSSL initialization, but +can be called by the application to reseed the CSPRNG. + +RAND_add() mixes the B bytes at B into the PRNG state. +The B argument is an estimate of how much randomness is +contained in B, in bytes, and should be a number between zero and B. Details about sources of randomness and how to estimate their randomness -can be found in the literature; for example IETF RFC 4086. - -RAND_add() may be called with sensitive data such as user entered -passwords. The seed values cannot be recovered from the PRNG output. +can be found in the literature; for example NIST SP 800-90B. +The content of B cannot be recovered from subsequent CSPRNG output. +This function will not normally be needed, as RAND_poll() should have been +configured to do the appropriate seeding for the local platform. +Applications that need to keep random state in an external file should +use L. RAND_seed() is equivalent to RAND_add() with B set to B. -On systems that provide C or similar source of randomess, -it will be used -to seed the PRNG transparently. On older systems, however, it might -be necessary to use RAND_add(), L or L. - -RAND_event() and RAND_screen() are deprecated and should not be called. +RAND_event() and RAND_screen() are equivalent to RAND_poll(). =head1 RETURN VALUES -RAND_status() returns 1 if the PRNG has been seeded +RAND_status() returns 1 if the CSPRNG has been seeded with enough data, 0 otherwise. -RAND_event() calls RAND_poll() and returns RAND_status(). +RAND_poll() returns 1 if it generated seed data, 0 otherwise. -RAND_screen calls RAND_poll(). +RAND_event() returns RAND_status(). The other functions do not return values. =head1 HISTORY -RAND_event() and RAND_screen() are deprecated since OpenSSL -1.1.0. Use the functions described above instead. +RAND_event() and RAND_screen() were deprecated in OpenSSL 1.1.0 and should +not be used. =head1 SEE ALSO