diff options
author | Nicola Tuveri <nic.tuv@gmail.com> | 2018-06-18 19:13:36 +0300 |
---|---|---|
committer | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2018-06-19 17:06:38 +0200 |
commit | b26befb541f8bc7d4f4e0beead50248b16949932 (patch) | |
tree | 3c32dde09c1c122a6a40f4240b53edb30c87443e /doc/man7 | |
parent | f667820c16a44245a4a898a568936c47a9b0ee6e (diff) |
Fix & update documentation about RAND_priv_bytes()
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6514)
Diffstat (limited to 'doc/man7')
-rw-r--r-- | doc/man7/RAND.pod | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/doc/man7/RAND.pod b/doc/man7/RAND.pod index 578018feab..971b3cdb16 100644 --- a/doc/man7/RAND.pod +++ b/doc/man7/RAND.pod @@ -24,16 +24,19 @@ to be initialized ('seeded') explicitly. It seeds and reseeds itself automatically using trusted random sources provided by the operating system. -As a normal application developer, you don't have to worry about any details, +As a normal application developer, you do not have to worry about any details, just use L<RAND_bytes(3)> to obtain random data. Having said that, there is one important rule to obey: Always check the error -return value of L<RAND_bytes(3)> and don't take randomness for granted. +return value of L<RAND_bytes(3)> and do not take randomness for granted. -For long-term secrets, you can use L<RAND_priv_bytes(3)> instead. +For values that should remain secret, you can use L<RAND_priv_bytes(3)> +instead. This method does not provide 'better' randomness, it uses the same type of CSPRNG. -The intention behind using a dedicated CSPRNG exclusively for long-term secrets is -that none of its output should be visible to an attacker (e.g used as salt value), -in order to reveal as little information as possible about its internal state. +The intention behind using a dedicated CSPRNG exclusively for private +values is that none of its output should be visible to an attacker (e.g., +used as salt value), in order to reveal as little information as +possible about its internal state, and that a compromise of the "public" +CSPRNG instance will not affect the secrecy of these private values. In the rare case where the default implementation does not satisfy your special requirements, there are two options: @@ -61,10 +64,10 @@ of cryptographic principles and understand the implications of your changes. L<RAND_add(3)>, L<RAND_bytes(3)>, L<RAND_priv_bytes(3)>, -L<RAND_get_rand_method(3)> -L<RAND_set_rand_method(3)> +L<RAND_get_rand_method(3)>, +L<RAND_set_rand_method(3)>, L<RAND_OpenSSL(3)>, -L<RAND_DRBG(7)>, +L<RAND_DRBG(7)> =head1 COPYRIGHT |