RAND_DRBG_get0_master.pod 3.2 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697
  1. =pod
  2. =head1 NAME
  3. OPENSSL_CTX_get0_master_drbg,
  4. OPENSSL_CTX_get0_public_drbg,
  5. OPENSSL_CTX_get0_private_drbg,
  6. RAND_DRBG_get0_master,
  7. RAND_DRBG_get0_public,
  8. RAND_DRBG_get0_private
  9. - get access to the global RAND_DRBG instances
  10. =head1 SYNOPSIS
  11. #include <openssl/rand_drbg.h>
  12. RAND_DRBG *OPENSSL_CTX_get0_master_drbg(OPENSSL_CTX *ctx);
  13. RAND_DRBG *OPENSSL_CTX_get0_public_drbg(OPENSSL_CTX *ctx);
  14. RAND_DRBG *OPENSSL_CTX_get0_private_drbg(OPENSSL_CTX *ctx);
  15. RAND_DRBG *RAND_DRBG_get0_master(void);
  16. RAND_DRBG *RAND_DRBG_get0_public(void);
  17. RAND_DRBG *RAND_DRBG_get0_private(void);
  18. =head1 DESCRIPTION
  19. The default RAND API implementation (RAND_OpenSSL()) utilizes three
  20. shared DRBG instances which are accessed via the RAND API:
  21. The I<public> and I<private> DRBG are thread-local instances, which are used
  22. by RAND_bytes() and RAND_priv_bytes(), respectively.
  23. The I<master> DRBG is a global instance, which is not intended to be used
  24. directly, but is used internally to reseed the other two instances.
  25. These functions here provide access to the shared DRBG instances.
  26. =head1 RETURN VALUES
  27. OPENSSL_CTX_get0_master_drbg() returns a pointer to the I<master> DRBG instance
  28. for the given OPENSSL_CTX B<ctx>.
  29. OPENSSL_CTX_get0_public_drbg() returns a pointer to the I<public> DRBG instance
  30. for the given OPENSSL_CTX B<ctx>.
  31. OPENSSL_CTX_get0_private_drbg() returns a pointer to the I<private> DRBG instance
  32. for the given OPENSSL_CTX B<ctx>.
  33. In all the above cases the B<ctx> parameter can
  34. be NULL in which case the default OPENSSL_CTX is used. RAND_DRBG_get0_master(),
  35. RAND_DRBG_get0_public() and RAND_DRBG_get0_private() are the same as
  36. OPENSSL_CTX_get0_master_drbg(), OPENSSL_CTX_get0_public_drbg() and
  37. OPENSSL_CTX_get0_private_drbg() respectively except that the default OPENSSL_CTX
  38. is always used.
  39. =head1 NOTES
  40. It is not thread-safe to access the I<master> DRBG instance.
  41. The I<public> and I<private> DRBG instance can be accessed safely, because
  42. they are thread-local. Note however, that changes to these two instances
  43. apply only to the current thread.
  44. For that reason it is recommended not to change the settings of these
  45. three instances directly.
  46. Instead, an application should change the default settings for new DRBG instances
  47. at initialization time, before creating additional threads.
  48. During initialization, it is possible to change the reseed interval
  49. and reseed time interval.
  50. It is also possible to exchange the reseeding callbacks entirely.
  51. =head1 SEE ALSO
  52. L<RAND_DRBG_set_callbacks(3)>,
  53. L<RAND_DRBG_set_reseed_defaults(3)>,
  54. L<RAND_DRBG_set_reseed_interval(3)>,
  55. L<RAND_DRBG_set_reseed_time_interval(3)>,
  56. L<RAND_DRBG_set_callbacks(3)>,
  57. L<RAND_DRBG_generate(3)>,
  58. L<RAND_DRBG(7)>
  59. =head1 HISTORY
  60. The OPENSSL_CTX_get0_master_drbg(), OPENSSL_CTX_get0_public_drbg() and
  61. OPENSSL_CTX_get0_private_drbg() functions were added in OpenSSL 3.0.
  62. All other RAND_DRBG functions were added in OpenSSL 1.1.1.
  63. =head1 COPYRIGHT
  64. Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
  65. Licensed under the Apache License 2.0 (the "License"). You may not use
  66. this file except in compliance with the License. You can obtain a copy
  67. in the file LICENSE in the source distribution or at
  68. L<https://www.openssl.org/source/license.html>.
  69. =cut