1=pod 2 3=head1 NAME 4 5RAND_get0_primary, 6RAND_get0_public, 7RAND_get0_private 8- get access to the global EVP_RAND_CTX instances 9 10=head1 SYNOPSIS 11 12 #include <openssl/rand.h> 13 14 EVP_RAND_CTX *RAND_get0_primary(OSSL_LIB_CTX *ctx); 15 EVP_RAND_CTX *RAND_get0_public(OSSL_LIB_CTX *ctx); 16 EVP_RAND_CTX *RAND_get0_private(OSSL_LIB_CTX *ctx); 17 18=head1 DESCRIPTION 19 20The default RAND API implementation (RAND_OpenSSL()) utilizes three 21shared DRBG instances which are accessed via the RAND API: 22 23The I<public> and I<private> DRBG are thread-local instances, which are used 24by RAND_bytes() and RAND_priv_bytes(), respectively. 25The I<primary> DRBG is a global instance, which is not intended to be used 26directly, but is used internally to reseed the other two instances. 27 28These functions here provide access to the shared DRBG instances. 29 30=head1 RETURN VALUES 31 32RAND_get0_primary() returns a pointer to the I<primary> DRBG instance 33for the given OSSL_LIB_CTX B<ctx>. 34 35RAND_get0_public() returns a pointer to the I<public> DRBG instance 36for the given OSSL_LIB_CTX B<ctx>. 37 38RAND_get0_private() returns a pointer to the I<private> DRBG instance 39for the given OSSL_LIB_CTX B<ctx>. 40 41In all the above cases the B<ctx> parameter can 42be NULL in which case the default OSSL_LIB_CTX is used. 43 44=head1 NOTES 45 46It is not thread-safe to access the I<primary> DRBG instance. 47The I<public> and I<private> DRBG instance can be accessed safely, because 48they are thread-local. Note however, that changes to these two instances 49apply only to the current thread. 50 51For that reason it is recommended not to change the settings of these 52three instances directly. 53Instead, an application should change the default settings for new DRBG instances 54at initialization time, before creating additional threads. 55 56During initialization, it is possible to change the reseed interval 57and reseed time interval. 58It is also possible to exchange the reseeding callbacks entirely. 59 60To set the type of DRBG that will be instantiated, use the 61L<RAND_set_DRBG_type(3)> call before accessing the random number generation 62infrastructure. 63 64=head1 SEE ALSO 65 66L<EVP_RAND(3)>, 67L<RAND_set_DRBG_type(3)> 68 69=head1 HISTORY 70 71These functions were added in OpenSSL 3.0. 72 73=head1 COPYRIGHT 74 75Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. 76 77Licensed under the Apache License 2.0 (the "License"). You may not use 78this file except in compliance with the License. You can obtain a copy 79in the file LICENSE in the source distribution or at 80L<https://www.openssl.org/source/license.html>. 81 82=cut 83