2000-01-22 01:50:27 +08:00
|
|
|
=pod
|
|
|
|
|
|
|
|
=head1 NAME
|
|
|
|
|
2000-02-24 19:55:57 +08:00
|
|
|
RAND_add, RAND_seed, RAND_screen - add entropy to the PRNG
|
2000-01-22 01:50:27 +08:00
|
|
|
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
|
|
|
|
#include <openssl/rand.h>
|
|
|
|
|
|
|
|
void RAND_seed(const void *buf, int num);
|
|
|
|
|
2000-02-19 23:22:53 +08:00
|
|
|
void RAND_add(const void *buf, int num, double entropy);
|
2000-01-22 01:50:27 +08:00
|
|
|
|
2000-02-24 10:51:47 +08:00
|
|
|
int RAND_status(void);
|
|
|
|
|
2000-01-22 01:50:27 +08:00
|
|
|
void RAND_screen(void);
|
|
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
|
|
|
RAND_add() mixes the B<num> bytes at B<buf> into the PRNG state. Thus,
|
|
|
|
if the data at B<buf> are unpredictable to an adversary, this
|
|
|
|
increases the uncertainty about the state and makes the PRNG output
|
|
|
|
less predictable. Suitable input comes from user interaction (random
|
|
|
|
key presses, mouse movements) and certain hardware events. The
|
|
|
|
B<entropy> argument is (the lower bound of) an estimate of how much
|
2000-02-19 23:22:53 +08:00
|
|
|
randomness is contained in B<buf>, measured in bytes. Details about
|
|
|
|
sources of randomness and how to estimate their entropy can be found
|
|
|
|
in the literature, e.g. RFC 1750.
|
2000-01-22 01:50:27 +08:00
|
|
|
|
|
|
|
RAND_add() may be called with sensitive data such as user entered
|
|
|
|
passwords. The seed values cannot be recovered from the PRNG output.
|
|
|
|
|
|
|
|
OpenSSL makes sure that the PRNG state is unique for each thread. On
|
2000-01-22 03:54:22 +08:00
|
|
|
systems that provide C</dev/urandom>, the randomness device is used
|
2000-01-22 01:50:27 +08:00
|
|
|
to seed the PRNG transparently. However, on all other systems, the
|
|
|
|
application is responsible for seeding the PRNG by calling RAND_add()
|
2000-01-27 09:25:31 +08:00
|
|
|
or L<RAND_load_file(3)|RAND_load_file(3)>.
|
2000-01-22 01:50:27 +08:00
|
|
|
|
|
|
|
RAND_seed() is equivalent to RAND_add() when B<num == entropy>.
|
|
|
|
|
|
|
|
The RAND_screen() function is available for the convenience of Windows
|
|
|
|
programmers. It adds the current contents of the screen to the PRNG.
|
|
|
|
For applications that can catch Windows events, seeding the PRNG with
|
|
|
|
the parameters of B<WM_MOUSEMOVE> events is a significantly better
|
|
|
|
source of randomness. It should be noted that both methods cannot be
|
|
|
|
used on servers that run without user interaction.
|
|
|
|
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
|
2000-02-24 10:51:47 +08:00
|
|
|
RAND_status() returns 1 if the PRNG has been seeded with enough data,
|
|
|
|
0 otherwise.
|
|
|
|
|
|
|
|
The other functions do not return values.
|
2000-01-22 01:50:27 +08:00
|
|
|
|
|
|
|
=head1 SEE ALSO
|
|
|
|
|
2000-01-27 09:25:31 +08:00
|
|
|
L<rand(3)|rand(3)>, L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
|
2000-01-22 01:50:27 +08:00
|
|
|
|
|
|
|
=head1 HISTORY
|
|
|
|
|
|
|
|
RAND_seed() and RAND_screen() are available in all versions of SSLeay
|
2000-02-24 10:51:47 +08:00
|
|
|
and OpenSSL. RAND_add() and RAND_status() have been added in OpenSSL
|
|
|
|
0.9.5.
|
2000-01-22 01:50:27 +08:00
|
|
|
|
|
|
|
=cut
|