| =pod |
| |
| =head1 NAME |
| |
| OPENSSL_CTX_get0_master_drbg, |
| OPENSSL_CTX_get0_public_drbg, |
| OPENSSL_CTX_get0_private_drbg, |
| RAND_DRBG_get0_master, |
| RAND_DRBG_get0_public, |
| RAND_DRBG_get0_private |
| - get access to the global RAND_DRBG instances |
| |
| =head1 SYNOPSIS |
| |
| #include <openssl/rand_drbg.h> |
| |
| RAND_DRBG *OPENSSL_CTX_get0_master_drbg(OPENSSL_CTX *ctx); |
| RAND_DRBG *OPENSSL_CTX_get0_public_drbg(OPENSSL_CTX *ctx); |
| RAND_DRBG *OPENSSL_CTX_get0_private_drbg(OPENSSL_CTX *ctx); |
| RAND_DRBG *RAND_DRBG_get0_master(void); |
| RAND_DRBG *RAND_DRBG_get0_public(void); |
| RAND_DRBG *RAND_DRBG_get0_private(void); |
| |
| |
| =head1 DESCRIPTION |
| |
| The default RAND API implementation (RAND_OpenSSL()) utilizes three |
| shared DRBG instances which are accessed via the RAND API: |
| |
| The I<public> and I<private> DRBG are thread-local instances, which are used |
| by RAND_bytes() and RAND_priv_bytes(), respectively. |
| The I<master> DRBG is a global instance, which is not intended to be used |
| directly, but is used internally to reseed the other two instances. |
| |
| These functions here provide access to the shared DRBG instances. |
| |
| =head1 RETURN VALUES |
| |
| OPENSSL_CTX_get0_master_drbg() returns a pointer to the I<master> DRBG instance |
| for the given OPENSSL_CTX B<ctx>. |
| |
| OPENSSL_CTX_get0_public_drbg() returns a pointer to the I<public> DRBG instance |
| for the given OPENSSL_CTX B<ctx>. |
| |
| OPENSSL_CTX_get0_private_drbg() returns a pointer to the I<private> DRBG instance |
| for the given OPENSSL_CTX B<ctx>. |
| |
| In all the above cases the B<ctx> parameter can |
| be NULL in which case the default OPENSSL_CTX is used. RAND_DRBG_get0_master(), |
| RAND_DRBG_get0_public() and RAND_DRBG_get0_private() are the same as |
| OPENSSL_CTX_get0_master_drbg(), OPENSSL_CTX_get0_public_drbg() and |
| OPENSSL_CTX_get0_private_drbg() respectively except that the default OPENSSL_CTX |
| is always used. |
| |
| =head1 NOTES |
| |
| It is not thread-safe to access the I<master> DRBG instance. |
| The I<public> and I<private> DRBG instance can be accessed safely, because |
| they are thread-local. Note however, that changes to these two instances |
| apply only to the current thread. |
| |
| For that reason it is recommended not to change the settings of these |
| three instances directly. |
| Instead, an application should change the default settings for new DRBG instances |
| at initialization time, before creating additional threads. |
| |
| During initialization, it is possible to change the reseed interval |
| and reseed time interval. |
| It is also possible to exchange the reseeding callbacks entirely. |
| |
| =head1 SEE ALSO |
| |
| L<RAND_DRBG_set_callbacks(3)>, |
| L<RAND_DRBG_set_reseed_defaults(3)>, |
| L<RAND_DRBG_set_reseed_interval(3)>, |
| L<RAND_DRBG_set_reseed_time_interval(3)>, |
| L<RAND_DRBG_set_callbacks(3)>, |
| L<RAND_DRBG_generate(3)>, |
| L<RAND_DRBG(7)> |
| |
| =head1 HISTORY |
| |
| The OPENSSL_CTX_get0_master_drbg(), OPENSSL_CTX_get0_public_drbg() and |
| OPENSSL_CTX_get0_private_drbg() functions were added in OpenSSL 3.0. |
| |
| All other RAND_DRBG functions were added in OpenSSL 1.1.1. |
| |
| =head1 COPYRIGHT |
| |
| Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved. |
| |
| Licensed under the Apache License 2.0 (the "License"). You may not use |
| this file except in compliance with the License. You can obtain a copy |
| in the file LICENSE in the source distribution or at |
| L<https://www.openssl.org/source/license.html>. |
| |
| =cut |
