RAND_SET_RAND_METHOD(3) OpenSSL RAND_SET_RAND_METHOD(3)NAME
RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay -
select RAND method
SYNOPSIS
#include <openssl/rand.h>
void RAND_set_rand_method(const RAND_METHOD *meth);
const RAND_METHOD *RAND_get_rand_method(void);
RAND_METHOD *RAND_SSLeay(void);
DESCRIPTION
A RAND_METHOD specifies the functions that OpenSSL uses for
random number generation. By modifying the method, alterna-
tive implementations such as hardware RNGs may be used.
IMPORTANT: See the NOTES section for important information
about how these RAND API functions are affected by the use
of ENGINE API calls.
Initially, the default RAND_METHOD is the OpenSSL internal
implementation, as returned by RAND_SSLeay().
RAND_set_default_method() makes meth the method for PRNG
use. NB: This is true only whilst no ENGINE has been set as
a default for RAND, so this function is no longer recom-
mended.
RAND_get_default_method() returns a pointer to the current
RAND_METHOD. However, the meaningfulness of this result is
dependant on whether the ENGINE API is being used, so this
function is no longer recommended.
THE RAND_METHOD STRUCTURE
typedef struct rand_meth_st
{
void (*seed)(const void *buf, int num);
int (*bytes)(unsigned char *buf, int num);
void (*cleanup)(void);
void (*add)(const void *buf, int num, int entropy);
int (*pseudorand)(unsigned char *buf, int num);
int (*status)(void);
} RAND_METHOD;
The components point to the implementation of RAND_seed(),
RAND_bytes(), RAND_cleanup(), RAND_add(), RAND_pseudo_rand()
and RAND_status(). Each component may be NULL if the func-
tion is not implemented.
RETURN VALUESRAND_set_rand_method() returns no value.
MirOS BSD #10-current 2005-02-05 1
RAND_SET_RAND_METHOD(3) OpenSSL RAND_SET_RAND_METHOD(3)RAND_get_rand_method() and RAND_SSLeay() return pointers to
the respective methods.
NOTES
As of version 0.9.7, RAND_METHOD implementations are grouped
together with other algorithmic APIs (eg. RSA_METHOD,
EVP_CIPHER, etc) in ENGINE modules. If a default ENGINE is
specified for RAND functionality using an ENGINE API func-
tion, that will override any RAND defaults set using the
RAND API (ie. RAND_set_rand_method()). For this reason, the
ENGINE API is the recommended way to control default imple-
mentations for use in RAND and other cryptographic algo-
rithms.
SEE ALSOrand(3), engine(3)HISTORYRAND_set_rand_method(), RAND_get_rand_method() and
RAND_SSLeay() are available in all versions of OpenSSL.
In the engine version of version 0.9.6,
RAND_set_rand_method() was altered to take an ENGINE pointer
as its argument. As of version 0.9.7, that has been reverted
as the ENGINE API transparently overrides RAND defaults if
used, otherwise RAND API functions work as before.
RAND_set_rand_engine() was also introduced in version 0.9.7.
MirOS BSD #10-current 2005-02-05 2