openssl/doc/internal/man3/ossl_rand_get_entropy.pod
Pauli 71febb3992 doc: Documentation changes for moving the entropy source out of the fips provider
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/13226)
2020-11-20 08:24:21 +10:00

67 lines
2.5 KiB
Plaintext

=pod
=head1 NAME
ossl_rand_get_entropy, ossl_rand_cleanup_entropy,
ossl_rand_get_nonce, ossl_rand_cleanup_nonce
- get seed material from the operating system
=head1 SYNOPSIS
#include "crypto/rand.h"
size_t ossl_rand_get_entropy(OSSL_CORE_HANDLE *handle,
unsigned char **pout, int entropy,
size_t min_len, size_t max_len);
void ossl_rand_cleanup_entropy(OSSL_CORE_HANDLE *handle,
unsigned char *buf, size_t len);
size_t ossl_rand_get_nonce(OSSL_CORE_HANDLE *handle,
unsigned char **pout, size_t min_len,
size_t max_len, const void *salt, size_t salt_len);
void ossl_rand_cleanup_nonce(OSSL_CORE_HANDLE *handle,
unsigned char *buf, size_t len);
=head1 DESCRIPTION
ossl_rand_get_entropy() retrieves seeding material from the operating system.
The seeding material will have at least I<entropy> bytes of randomness and is
stored in a buffer which contains at least I<min_len> and at most I<max_len>
bytes. The buffer address is stored in I<*pout> and the buffer length is
returned to the caller.
ossl_rand_cleanup_entropy() cleanses and frees any storage allocated by
ossl_rand_get_entropy(). The seeding buffer is pointed to by I<buf> and is
of length I<len> bytes.
ossl_rand_get_nonce() retrieves a nonce using the passed I<salt> parameter
of length I<salt_len> and operating system specific information.
The I<salt> should contain uniquely identifying information and this is
included, in an unspecified manner, as part of the output.
The output is stored in a buffer which contains at least I<min_len> and at
most I<max_len> bytes. The buffer address is stored in I<*pout> and the
buffer length returned to the caller.
ossl_rand_cleanup_nonce() cleanses and frees any storage allocated by
ossl_rand_get_nonce(). The nonce buffer is pointed to by I<buf> and is
of length I<len> bytes.
=head1 RETURN VALUES
ossl_rand_get_entropy() and ossl_rand_get_nonce() return the number of bytes
in I<*pout> or 0 on error.
=head1 HISTORY
The functions described here were all added in OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut