RAND_set_rand_method 3 2008-05-09 0.9.9-dev OpenSSL

NAME

RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay - select RAND method

LIBRARY

libcrypto, -lcrypto

SYNOPSIS


 #include 


 void RAND_set_rand_method(const RAND_METHOD *meth);


 const RAND_METHOD *RAND_get_rand_method(void);


 RAND_METHOD *RAND_SSLeay(void);

DESCRIPTION

A RRAANNDD__MMEETTHHOODD specifies the functions that OpenSSL uses for random number generation. By modifying the method, alternative implementations such as hardware RNGs may be used. IMPORTANT: See the NOTES section for important information about how these RAND API functions are affected by the use of EENNGGIINNEE API calls.

Initially, the default RAND_METHOD is the OpenSSL internal implementation, as returned by _R_A_N_D___S_S_L_e_a_y_(_).

_R_A_N_D___s_e_t___d_e_f_a_u_l_t___m_e_t_h_o_d_(_) makes mmeetthh the method for PRNG use. NNBB: This is true only whilst no ENGINE has been set as a default for RAND, so this function is no longer recommended.

_R_A_N_D___g_e_t___d_e_f_a_u_l_t___m_e_t_h_o_d_(_) returns a pointer to the current RAND_METHOD. However, the meaningfulness of this result is dependent on whether the ENGINE API is being used, so this function is no longer recommended.

THE RAND_METHOD STRUCTURE





 typedef struct rand_meth_st
 {
        void (*seed)(const void *buf, int num);
        int (*bytes)(unsigned char *buf, int num);
        void (*cleanup)(void);
        void (*add)(const void *buf, int num, int entropy);
        int (*pseudorand)(unsigned char *buf, int num);
        int (*status)(void);
 } RAND_METHOD;

The components point to the implementation of _R_A_N_D___s_e_e_d_(_), _R_A_N_D___b_y_t_e_s_(_), _R_A_N_D___c_l_e_a_n_u_p_(_), _R_A_N_D___a_d_d_(_), _R_A_N_D___p_s_e_u_d_o___r_a_n_d_(_) and _R_A_N_D___s_t_a_t_u_s_(_). Each component may be NULL if the function is not implemented.

RETURN VALUES

_R_A_N_D___s_e_t___r_a_n_d___m_e_t_h_o_d_(_) returns no value. _R_A_N_D___g_e_t___r_a_n_d___m_e_t_h_o_d_(_) and _R_A_N_D___S_S_L_e_a_y_(_) return pointers to the respective methods.

NOTES

As of version 0.9.7, RAND_METHOD implementations are grouped together with other algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in EENNGGIINNEE modules. If a default ENGINE is specified for RAND functionality using an ENGINE API function, that will override any RAND defaults set using the RAND API (ie. _R_A_N_D___s_e_t___r_a_n_d___m_e_t_h_o_d_(_)). For this reason, the ENGINE API is the recommended way to control default implementations for use in RAND and other cryptographic algorithms.

SEE ALSO

_o_p_e_n_s_s_l___r_a_n_d(3), _e_n_g_i_n_e(3)

HISTORY

_R_A_N_D___s_e_t___r_a_n_d___m_e_t_h_o_d_(_), _R_A_N_D___g_e_t___r_a_n_d___m_e_t_h_o_d_(_) and _R_A_N_D___S_S_L_e_a_y_(_) are available in all versions of OpenSSL.

In the engine version of version 0.9.6, _R_A_N_D___s_e_t___r_a_n_d___m_e_t_h_o_d_(_) was altered to take an ENGINE pointer as its argument. As of version 0.9.7, that has been reverted as the ENGINE API transparently overrides RAND defaults if used, otherwise RAND API functions work as before. _R_A_N_D___s_e_t___r_a_n_d___e_n_g_i_n_e_(_) was also introduced in version 0.9.7.