1*b077aed3SPierre Pronchery=pod 2*b077aed3SPierre Pronchery 3*b077aed3SPierre Pronchery=head1 NAME 4*b077aed3SPierre Pronchery 5*b077aed3SPierre ProncheryRAND_get0_primary, 6*b077aed3SPierre ProncheryRAND_get0_public, 7*b077aed3SPierre ProncheryRAND_get0_private 8*b077aed3SPierre Pronchery- get access to the global EVP_RAND_CTX instances 9*b077aed3SPierre Pronchery 10*b077aed3SPierre Pronchery=head1 SYNOPSIS 11*b077aed3SPierre Pronchery 12*b077aed3SPierre Pronchery #include <openssl/rand.h> 13*b077aed3SPierre Pronchery 14*b077aed3SPierre Pronchery EVP_RAND_CTX *RAND_get0_primary(OSSL_LIB_CTX *ctx); 15*b077aed3SPierre Pronchery EVP_RAND_CTX *RAND_get0_public(OSSL_LIB_CTX *ctx); 16*b077aed3SPierre Pronchery EVP_RAND_CTX *RAND_get0_private(OSSL_LIB_CTX *ctx); 17*b077aed3SPierre Pronchery 18*b077aed3SPierre Pronchery=head1 DESCRIPTION 19*b077aed3SPierre Pronchery 20*b077aed3SPierre ProncheryThe default RAND API implementation (RAND_OpenSSL()) utilizes three 21*b077aed3SPierre Proncheryshared DRBG instances which are accessed via the RAND API: 22*b077aed3SPierre Pronchery 23*b077aed3SPierre ProncheryThe I<public> and I<private> DRBG are thread-local instances, which are used 24*b077aed3SPierre Proncheryby RAND_bytes() and RAND_priv_bytes(), respectively. 25*b077aed3SPierre ProncheryThe I<primary> DRBG is a global instance, which is not intended to be used 26*b077aed3SPierre Proncherydirectly, but is used internally to reseed the other two instances. 27*b077aed3SPierre Pronchery 28*b077aed3SPierre ProncheryThese functions here provide access to the shared DRBG instances. 29*b077aed3SPierre Pronchery 30*b077aed3SPierre Pronchery=head1 RETURN VALUES 31*b077aed3SPierre Pronchery 32*b077aed3SPierre ProncheryRAND_get0_primary() returns a pointer to the I<primary> DRBG instance 33*b077aed3SPierre Proncheryfor the given OSSL_LIB_CTX B<ctx>. 34*b077aed3SPierre Pronchery 35*b077aed3SPierre ProncheryRAND_get0_public() returns a pointer to the I<public> DRBG instance 36*b077aed3SPierre Proncheryfor the given OSSL_LIB_CTX B<ctx>. 37*b077aed3SPierre Pronchery 38*b077aed3SPierre ProncheryRAND_get0_private() returns a pointer to the I<private> DRBG instance 39*b077aed3SPierre Proncheryfor the given OSSL_LIB_CTX B<ctx>. 40*b077aed3SPierre Pronchery 41*b077aed3SPierre ProncheryIn all the above cases the B<ctx> parameter can 42*b077aed3SPierre Proncherybe NULL in which case the default OSSL_LIB_CTX is used. 43*b077aed3SPierre Pronchery 44*b077aed3SPierre Pronchery=head1 NOTES 45*b077aed3SPierre Pronchery 46*b077aed3SPierre ProncheryIt is not thread-safe to access the I<primary> DRBG instance. 47*b077aed3SPierre ProncheryThe I<public> and I<private> DRBG instance can be accessed safely, because 48*b077aed3SPierre Proncherythey are thread-local. Note however, that changes to these two instances 49*b077aed3SPierre Proncheryapply only to the current thread. 50*b077aed3SPierre Pronchery 51*b077aed3SPierre ProncheryFor that reason it is recommended not to change the settings of these 52*b077aed3SPierre Proncherythree instances directly. 53*b077aed3SPierre ProncheryInstead, an application should change the default settings for new DRBG instances 54*b077aed3SPierre Proncheryat initialization time, before creating additional threads. 55*b077aed3SPierre Pronchery 56*b077aed3SPierre ProncheryDuring initialization, it is possible to change the reseed interval 57*b077aed3SPierre Proncheryand reseed time interval. 58*b077aed3SPierre ProncheryIt is also possible to exchange the reseeding callbacks entirely. 59*b077aed3SPierre Pronchery 60*b077aed3SPierre ProncheryTo set the type of DRBG that will be instantiated, use the 61*b077aed3SPierre ProncheryL<RAND_set_DRBG_type(3)> call before accessing the random number generation 62*b077aed3SPierre Proncheryinfrastructure. 63*b077aed3SPierre Pronchery 64*b077aed3SPierre Pronchery=head1 SEE ALSO 65*b077aed3SPierre Pronchery 66*b077aed3SPierre ProncheryL<EVP_RAND(3)>, 67*b077aed3SPierre ProncheryL<RAND_set_DRBG_type(3)> 68*b077aed3SPierre Pronchery 69*b077aed3SPierre Pronchery=head1 HISTORY 70*b077aed3SPierre Pronchery 71*b077aed3SPierre ProncheryThese functions were added in OpenSSL 3.0. 72*b077aed3SPierre Pronchery 73*b077aed3SPierre Pronchery=head1 COPYRIGHT 74*b077aed3SPierre Pronchery 75*b077aed3SPierre ProncheryCopyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. 76*b077aed3SPierre Pronchery 77*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 78*b077aed3SPierre Proncherythis file except in compliance with the License. You can obtain a copy 79*b077aed3SPierre Proncheryin the file LICENSE in the source distribution or at 80*b077aed3SPierre ProncheryL<https://www.openssl.org/source/license.html>. 81*b077aed3SPierre Pronchery 82*b077aed3SPierre Pronchery=cut 83