These are updates/fixes to DH/DSA/RAND docs based on the fixes to the RSA
docs. There were a couple of other places where the docs were not synchronised with the API that are now fixed. One or two still remain to be fixed though ...
This commit is contained in:
Geoff Thorpe
@@ -8,22 +8,30 @@ RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay - select RAND method
|
||||
|
||||
#include <openssl/rand.h>
|
||||
|
||||
void RAND_set_rand_method(RAND_METHOD *meth);
|
||||
void RAND_set_rand_method(const RAND_METHOD *meth);
|
||||
|
||||
RAND_METHOD *RAND_get_rand_method(void);
|
||||
const RAND_METHOD *RAND_get_rand_method(void);
|
||||
|
||||
RAND_METHOD *RAND_SSLeay(void);
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
A B<RAND_METHOD> specifies the functions that OpenSSL uses for random
|
||||
number generation. By modifying the method, alternative
|
||||
implementations such as hardware RNGs may be used. Initially, the
|
||||
default is to use the OpenSSL internal implementation. RAND_SSLeay()
|
||||
returns a pointer to that method.
|
||||
A B<RAND_METHOD> specifies the functions that OpenSSL uses for random number
|
||||
generation. By modifying the method, alternative implementations such as
|
||||
hardware RNGs may be used. IMPORTANT: See the NOTES section for important
|
||||
information about how these RAND API functions are affected by the use of
|
||||
B<ENGINE> API calls.
|
||||
|
||||
RAND_set_rand_method() sets the RAND method to B<meth>.
|
||||
RAND_get_rand_method() returns a pointer to the current method.
|
||||
Initially, the default RAND_METHOD is the OpenSSL internal implementation, as
|
||||
returned by RAND_SSLeay().
|
||||
|
||||
RAND_set_default_method() makes B<meth> the method for PRNG use. B<NB>: This is
|
||||
true only whilst no ENGINE has been set as a default for RAND, so this function
|
||||
is no longer recommended.
|
||||
|
||||
RAND_get_default_method() returns a pointer to the current RAND_METHOD.
|
||||
However, the meaningfulness of this result is dependant on whether the ENGINE
|
||||
API is being used, so this function is no longer recommended.
|
||||
|
||||
=head1 THE RAND_METHOD STRUCTURE
|
||||
|
||||
@@ -47,13 +55,29 @@ Each component may be NULL if the function is not implemented.
|
||||
RAND_set_rand_method() returns no value. RAND_get_rand_method() and
|
||||
RAND_SSLeay() return pointers to the respective methods.
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
As of version 0.9.7, RAND_METHOD implementations are grouped together with other
|
||||
algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B<ENGINE> modules. If a
|
||||
default ENGINE is specified for RAND functionality using an ENGINE API function,
|
||||
that will override any RAND defaults set using the RAND API (ie.
|
||||
RAND_set_rand_method()). For this reason, the ENGINE API is the recommended way
|
||||
to control default implementations for use in RAND and other cryptographic
|
||||
algorithms.
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<rand(3)|rand(3)>
|
||||
L<rand(3)|rand(3)>, L<engine(3)|engine(3)>
|
||||
|
||||
=head1 HISTORY
|
||||
|
||||
RAND_set_rand_method(), RAND_get_rand_method() and RAND_SSLeay() are
|
||||
available in all versions of OpenSSL.
|
||||
|
||||
In the engine version of version 0.9.6, RAND_set_rand_method() was altered to
|
||||
take an ENGINE pointer as its argument. As of version 0.9.7, that has been
|
||||
reverted as the ENGINE API transparently overrides RAND defaults if used,
|
||||
otherwise RAND API functions work as before. RAND_set_rand_engine() was also
|
||||
introduced in version 0.9.7.
|
||||
|
||||
=cut
|
||||
|
||||
Reference in New Issue
Block a user