Home Verkennen Help
Inloggen
OWEALs
/
openssl
spiegel van git://git.openssl.org/openssl.git
2
0
Vork 0
Bestanden Issues 1 Wiki
Boom: 3ea20ce281
Aftakkingen Labels
openssl
/
doc
/
internal
/
man3
/
ossl_rand_get_entropy.pod

ossl_rand_get_entropy.pod 4.5 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104 
  1. =pod
    2. 

  2. 

  3. =head1 NAME
    4. 

  4. 

  5. ossl_rand_get_entropy, ossl_rand_get_user_entropy,
    6. 

  6. ossl_rand_cleanup_entropy, ossl_rand_cleanup_user_entropy,
    7. 

  7. ossl_rand_get_nonce, ossl_rand_get_user_nonce,
    8. 

  8. ossl_rand_cleanup_nonce, ossl_rand_cleanup_user_nonce
    9. 

  9. - get seed material from the operating system
    10. 

  10. 

  11. =head1 SYNOPSIS
    12. 

  12. 

  13.  #include "crypto/rand.h"
    14. 

  14. 

  15.  size_t ossl_rand_get_entropy(OSSL_CORE_HANDLE *handle,
    16. 

  16.                               unsigned char **pout, int entropy,
    17. 

  17.                               size_t min_len, size_t max_len);
    18. 

  18.  size_t ossl_rand_get_user_entropy(OSSL_CORE_HANDLE *handle,
    19. 

  19.                                    unsigned char **pout, int entropy,
    20. 

  20.                                    size_t min_len, size_t max_len);
    21. 

  21.  void ossl_rand_cleanup_entropy(OSSL_CORE_HANDLE *handle,
    22. 

  22.                                 unsigned char *buf, size_t len);
    23. 

  23.  void ossl_rand_cleanup_user_entropy(OSSL_CORE_HANDLE *handle,
    24. 

  24.                                      unsigned char *buf, size_t len);
    25. 

  25.  size_t ossl_rand_get_nonce(OSSL_CORE_HANDLE *handle,
    26. 

  26.                             unsigned char **pout, size_t min_len,
    27. 

  27.                             size_t max_len, const void *salt, size_t salt_len);
    28. 

  28.  size_t ossl_rand_get_user_nonce(OSSL_CORE_HANDLE *handle, unsigned char **pout,
    29. 

  29.                                  size_t min_len, size_t max_len,
    30. 

  30.                                  const void *salt, size_t salt_len);
    31. 

  31.  void ossl_rand_cleanup_nonce(OSSL_CORE_HANDLE *handle,
    32. 

  32.                               unsigned char *buf, size_t len);
    33. 

  33.  void ossl_rand_cleanup_user_nonce(OSSL_CORE_HANDLE *handle,
    34. 

  34.                                    unsigned char *buf, size_t len);
    35. 

  35. 

  36. =head1 DESCRIPTION
    37. 

  37. 

  38. ossl_rand_get_entropy() retrieves seeding material from the operating system.
    39. 

  39. The seeding material will have at least I<entropy> bytes of randomness and is
    40. 

  40. stored in a buffer which contains at least I<min_len> and at most I<max_len>
    41. 

  41. bytes.  The buffer address is stored in I<*pout> and the buffer length is
    42. 

  42. returned to the caller.
    43. 

  43. 

  44. ossl_rand_get_user_entropy() is the same as ossl_rand_get_entropy()
    45. 

  45. except that it retrieves the seeding material from the library context's
    46. 

  46. DRBG seed source.  By default this is the operating system but it can
    47. 

  47. be changed by calling L<RAND_set_seed_source_type(3)>.
    48. 

  48. 

  49. ossl_rand_cleanup_entropy() cleanses and frees any storage allocated by
    50. 

  50. ossl_rand_get_entropy().  The entropy buffer is pointed to by I<buf>
    51. 

  51. and is of length I<len> bytes.
    52. 

  52. 

  53. ossl_rand_cleanup_user_entropy() cleanses and frees any storage allocated by
    54. 

  54. ossl_rand_get_user_entropy().  The entropy buffer is pointed to by I<buf>
    55. 

  55. and is of length I<len> bytes.
    56. 

  56. 

  57. ossl_rand_get_nonce() retrieves a nonce using the passed I<salt> parameter
    58. 

  58. of length I<salt_len> and operating system specific information.
    59. 

  59. The I<salt> should contain uniquely identifying information and this is
    60. 

  60. included, in an unspecified manner, as part of the output.
    61. 

  61. The output is stored in a buffer which contains at least I<min_len> and at
    62. 

  62. most I<max_len> bytes.  The buffer address is stored in I<*pout> and the
    63. 

  63. buffer length returned to the caller.
    64. 

  64. 

  65. ossl_rand_get_user_nonce() is the same as ossl_rand_get_nonce() except
    66. 

  66. that it retrieves the seeding material from the library context's DRBG
    67. 

  67. seed source.  By default this is the operating system but it can be
    68. 

  68. changed by calling L<RAND_set_seed_source_type(3)>.
    69. 

  69. 

  70. ossl_rand_cleanup_nonce() cleanses and frees any storage allocated by
    71. 

  71. ossl_rand_get_nonce() or ossl_rand_get_user_nonce().  The nonce buffer
    72. 

  72. is pointed to by I<buf> and is of length I<len> bytes.
    73. 

  73. 

  74. =head1 NOTES
    75. 

  75. 

  76. FIPS providers 3.0.0, 3.0.8 and 3.0.9 incorrectly pass a provider
    77. 

  77. internal pointer to ossl_rand_get_entropy(), ossl_rand_cleanup_entropy(),
    78. 

  78. ossl_rand_get_nonce() and ossl_rand_cleanup_nonce().  This pointer cannot
    79. 

  79. be safely dereferenced.
    80. 

  80. 

  81. =head1 RETURN VALUES
    82. 

  82. 

  83. ossl_rand_get_entropy(), ossl_rand_get_user_entropy(),
    84. 

  84. ossl_rand_get_nonce() and ossl_rand_get_user_nonce() return the number
    85. 

  85. of bytes in I<*pout> or 0 on error.
    86. 

  86. 

  87. =head1 HISTORY
    88. 

  88. 

  89. The functions ossl_rand_get_user_entropy(), ossl_rand_get_user_nonce(),
    90. 

  90. ossl_rand_cleanup_user_entropy(), and ossl_rand_cleanup_user_nonce()
    91. 

  91. were added in OpenSSL 3.1.4 and 3.2.0.
    92. 

  92. 

  93. The remaining functions described here were all added in OpenSSL 3.0.
    94. 

  94. 

  95. =head1 COPYRIGHT
    96. 

  96. 

  97. Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
    98. 

  98. 

  99. Licensed under the Apache License 2.0 (the "License").  You may not use
    100. 

  100. this file except in compliance with the License.  You can obtain a copy
    101. 

  101. in the file LICENSE in the source distribution or at
    102. 

  102. L<https://www.openssl.org/source/license.html>.
    103. 

  103. 

  104. =cut
    105.