mirror of
https://github.com/openssl/openssl.git
synced 2024-12-27 06:21:43 +08:00
ddc6a5c8f5
Add a new global DRBG for private keys used by RAND_priv_bytes. Add BN_priv_rand() and BN_priv_rand_range() which use RAND_priv_bytes(). Change callers to use the appropriate BN_priv... function. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4076)
57 lines
1.5 KiB
Plaintext
57 lines
1.5 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
RAND_bytes, RAND_priv_bytes, RAND_pseudo_bytes - generate random data
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
#include <openssl/rand.h>
|
|
|
|
int RAND_bytes(unsigned char *buf, int num);
|
|
int RAND_priv_bytes(unsigned char *buf, int num);
|
|
|
|
Deprecated:
|
|
|
|
#if OPENSSL_API_COMPAT < 0x10100000L
|
|
int RAND_pseudo_bytes(unsigned char *buf, int num);
|
|
#endif
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
RAND_bytes() puts B<num> cryptographically strong pseudo-random bytes
|
|
into B<buf>. An error occurs if the PRNG has not been seeded with
|
|
enough randomness to ensure an unpredictable byte sequence.
|
|
|
|
RAND_priv_bytes() has the same semantics as RAND_bytes(). It is intended to
|
|
be used for generating long-term private keys. If using the default
|
|
RAND_METHOD, this function uses a separate instance of the PRNG so that
|
|
a compromise of the global generator will not affect such key generation.
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
RAND_bytes() nad RAND_priv_bytes()
|
|
return 1 on success, -1 if not supported by the current
|
|
RAND method, or 0 on other failure. The error code can be
|
|
obtained by L<ERR_get_error(3)>.
|
|
|
|
=head1 HISTORY
|
|
|
|
RAND_pseudo_bytes() was deprecated in OpenSSL 1.1.0; use RAND_bytes() instead.
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<RAND_bytes(3)>, L<ERR_get_error(3)>,
|
|
L<RAND_add(3)>
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the OpenSSL license (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|