DragonFly On-Line Manual Pages
RAND(3) LibreSSL RAND(3)
NAME
RAND - pseudo-random number generator
SYNOPSIS
#include <openssl/rand.h>
int RAND_bytes(unsigned char *buf, int num);
int RAND_pseudo_bytes(unsigned char *buf, int num);
DESCRIPTION
These functions give access to the systems cryptographically secure
pseudo-random number generator (PRNG). It is used by other library
functions for example to generate random keys, and applications can use
it when they need randomness.
RAND_bytes(3) describes how to obtain random data from the PRNG.
INTERNALS
The RAND_SSLeay() method implements a PRNG based on the systems'
arc4random_buf(3) random number generator.
SEE ALSO
BN_rand(3), RAND_bytes(3)
LibreSSL 2017-01-09 RAND(3)
RAND_set_rand_method(3) OpenSSL RAND_set_rand_method(3)
NAME
RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay - select RAND
method
SYNOPSIS
#include <openssl/rand.h>
void RAND_set_rand_method(const RAND_METHOD *meth);
const RAND_METHOD *RAND_get_rand_method(void);
RAND_METHOD *RAND_SSLeay(void);
DESCRIPTION
A RAND_METHOD specifies the functions that OpenSSL uses for random
number generation. By modifying the method, alternative implementations
such as hardware RNGs may be used. IMPORTANT: See the NOTES section for
important information about how these RAND API functions are affected
by the use of ENGINE API calls.
Initially, the default RAND_METHOD is the OpenSSL internal
implementation, as returned by RAND_SSLeay().
RAND_set_default_method() makes meth the method for PRNG use. NB: This
is true only whilst no ENGINE has been set as a default for RAND, so
this function is no longer recommended.
RAND_get_default_method() returns a pointer to the current RAND_METHOD.
However, the meaningfulness of this result is dependent on whether the
ENGINE API is being used, so this function is no longer recommended.
THE RAND_METHOD STRUCTURE
typedef struct rand_meth_st
{
void (*seed)(const void *buf, int num);
int (*bytes)(unsigned char *buf, int num);
void (*cleanup)(void);
void (*add)(const void *buf, int num, int entropy);
int (*pseudorand)(unsigned char *buf, int num);
int (*status)(void);
} RAND_METHOD;
The components point to the implementation of RAND_seed(),
RAND_bytes(), RAND_cleanup(), RAND_add(), RAND_pseudo_rand() and
RAND_status(). Each component may be NULL if the function is not
implemented.
RETURN VALUES
RAND_set_rand_method() returns no value. RAND_get_rand_method() and
RAND_SSLeay() return pointers to the respective methods.
NOTES
As of version 0.9.7, RAND_METHOD implementations are grouped together
with other algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in ENGINE
modules. If a default ENGINE is specified for RAND functionality using
an ENGINE API function, that will override any RAND defaults set using
the RAND API (ie. RAND_set_rand_method()). For this reason, the ENGINE
API is the recommended way to control default implementations for use
in RAND and other cryptographic algorithms.
SEE ALSO
rand(3), engine(3)
HISTORY
RAND_set_rand_method(), RAND_get_rand_method() and RAND_SSLeay() are
available in all versions of OpenSSL.
In the engine version of version 0.9.6, RAND_set_rand_method() was
altered to take an ENGINE pointer as its argument. As of version 0.9.7,
that has been reverted as the ENGINE API transparently overrides RAND
defaults if used, otherwise RAND API functions work as before.
RAND_set_rand_engine() was also introduced in version 0.9.7.
1.0.2h 2016-05-03 RAND_set_rand_method(3)