mirror of
https://github.com/openssl/openssl.git
synced 2024-11-27 05:21:51 +08:00
8389ec4b49
Add a new config param to specify how the CSPRNG should be seeded. Illegal values or nonsensical combinations (e.g., anything other than "os" on VMS or HP VOS etc) result in build failures. Add RDSEED support. Add RDTSC but leave it disabled for now pending more investigation. Refactor and reorganization all seeding files (rand_unix/win/vms) so that they are simpler. Only require 128 bits of seeding material. Many document improvements, including why to not use RAND_add() and the limitations around using load_file/write_file. Document RAND_poll(). Cleanup Windows RAND_poll and return correct status More completely initialize the default DRBG. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/3965)
90 lines
2.4 KiB
Plaintext
90 lines
2.4 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
#include <openssl/rand.h>
|
|
|
|
int RAND_load_file(const char *filename, long max_bytes);
|
|
|
|
int RAND_write_file(const char *filename);
|
|
|
|
const char *RAND_file_name(char *buf, size_t num);
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
RAND_load_file() reads a number of bytes from file B<filename> and
|
|
adds them to the PRNG. If B<max_bytes> is non-negative,
|
|
up to B<max_bytes> are read;
|
|
if B<max_bytes> is -1, the complete file is read.
|
|
Do not load the same file multiple times unless its contents have
|
|
been updated by RAND_write_file() between reads.
|
|
Also, note that B<filename> should be adequately protected so that an
|
|
attacker cannot replace or examine the contents.
|
|
|
|
RAND_write_file() writes a number of random bytes (currently 128) to
|
|
file B<filename> which can be used to initialize the PRNG by calling
|
|
RAND_load_file() in a later session.
|
|
|
|
RAND_file_name() generates a default path for the random seed
|
|
file. B<buf> points to a buffer of size B<num> in which to store the
|
|
filename.
|
|
|
|
On all systems, if the environment variable B<RANDFILE> is set, its
|
|
value will be used as the seed file name.
|
|
Otherwise, the file is called C<.rnd>, found in platform dependent locations:
|
|
|
|
=over 4
|
|
|
|
=item On Windows (in order of preference)
|
|
|
|
%HOME%, %USERPROFILE%, %SYSTEMROOT%, C:\
|
|
|
|
=item On VMS
|
|
|
|
SYS$LOGIN:
|
|
|
|
=item On all other systems
|
|
|
|
$HOME
|
|
|
|
=back
|
|
|
|
If C<$HOME> (on non-Windows and non-VMS system) is not set either, or
|
|
B<num> is too small for the path name, an error occurs.
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
RAND_load_file() returns the number of bytes read.
|
|
|
|
RAND_write_file() returns the number of bytes written, or -1 if the
|
|
bytes written were generated without appropriate seeding.
|
|
|
|
RAND_file_name() returns a pointer to B<buf> on success, and NULL on
|
|
error.
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<RAND_bytes(3)>, L<RAND_add(3)>
|
|
|
|
=head1 HISTORY
|
|
|
|
A comment in the source since at least OpenSSL 1.0.2 said that
|
|
RAND_load_file() and RAND_write_file() were only intended for regular files,
|
|
and not really device special files such as C</dev/random>. This was
|
|
poorly enforced before OpenSSL 1.1.1.
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the OpenSSL license (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|