diff options
author | Rich Salz <rsalz@openssl.org> | 2017-08-03 09:23:28 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2017-08-03 09:23:28 -0400 |
commit | 75e2c877650444fb829547bdb58d46eb1297bc1a (patch) | |
tree | 67ad6280bccdca4ae95cc269b1994ea4c1557aa7 /doc | |
parent | 67dc995eaf538ea309c6292a1a5073465201f55b (diff) |
Switch from ossl_rand to DRBG rand
If RAND_add wraps around, XOR with existing. Add test to drbgtest that
does the wrap-around.
Re-order seeding and stop after first success.
Add RAND_poll_ex()
Use the DF and therefore lower RANDOMNESS_NEEDED. Also, for child DRBG's,
mix in the address as the personalization bits.
Centralize the entropy callbacks, from drbg_lib to rand_lib.
(Conceptually, entropy is part of the enclosing application.)
Thanks to Dr. Matthias St Pierre for the suggestion.
Various code cleanups:
-Make state an enum; inline RANDerr calls.
-Add RAND_POLL_RETRIES (thanks Pauli for the idea)
-Remove most RAND_seed calls from rest of library
-Rename DRBG_CTX to RAND_DRBG, etc.
-Move some code from drbg_lib to drbg_rand; drbg_lib is now only the
implementation of NIST DRBG.
-Remove blocklength
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4019)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/RAND_add.pod | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/doc/man3/RAND_add.pod b/doc/man3/RAND_add.pod index ee54390669..5006bdb2f7 100644 --- a/doc/man3/RAND_add.pod +++ b/doc/man3/RAND_add.pod @@ -2,7 +2,8 @@ =head1 NAME -RAND_add, RAND_poll, RAND_seed, RAND_status, RAND_event, RAND_screen +RAND_add, RAND_poll, RAND_poll_ex, RAND_poll_fn, +RAND_seed, RAND_status, RAND_event, RAND_screen - add randomness to the PRNG or get its status =head1 SYNOPSIS @@ -10,7 +11,11 @@ RAND_add, RAND_poll, RAND_seed, RAND_status, RAND_event, RAND_screen #include <openssl/rand.h> int RAND_status(void); - int RAND_poll() + + typedef void (*RAND_poll_fn)(void *arg, + const void *buf, int num, double randomness); + int RAND_poll_ex(RAND_poll_fn cb, void *arg); + int RAND_poll(); void RAND_add(const void *buf, int num, double randomness); void RAND_seed(const void *buf, int num); @@ -35,11 +40,16 @@ and network packet timings, can be reasonable sources of seeding material. RAND_status() indicates whether or not the CSPRNG has been sufficiently seeded. If not, functions such as RAND_bytes(3) will fail. -RAND_poll() uses the current capabilities to seed the CSPRNG. The -exact features used depends on how OpenSSL was configured, and can -be displayed with the OpenSSL L<version(1)> command. This function is -normally called automatically during OpenSSL initialization, but -can be called by the application to reseed the CSPRNG. +RAND_poll_ex() uses the system's capabilities to obtain a buffer +containing random bits which can then be used to seed a CSPRNG. The +exact features used depends on how OpenSSL was configured, and a summary +can be displayed with the OpenSSL L<version(1)> command. This function +is normally called as needed by the CSPRNG. The B<arg> parameter is an +arbitrary pointer which will be passed as an argument to the callback. +The B<cb> function is called each time there is data to add. + +RAND_poll() invokes RAND_poll_ex() with B<cb> and B<arg> set so that it +will call RAND_add(), to add the randomness to the global CSPRNG. RAND_add() mixes the B<num> bytes at B<buf> into the PRNG state. The B<randomness> argument is an estimate of how much randomness is |