1b077aed3SPierre Pronchery=pod 2b077aed3SPierre Pronchery 3b077aed3SPierre Pronchery=head1 NAME 4b077aed3SPierre Pronchery 5b077aed3SPierre ProncheryEVP_RAND-SEED-SRC - The randomness seed source EVP_RAND implementation 6b077aed3SPierre Pronchery 7b077aed3SPierre Pronchery=head1 DESCRIPTION 8b077aed3SPierre Pronchery 9b077aed3SPierre ProncherySupport for deterministic random number generator seeding through the 10b077aed3SPierre ProncheryB<EVP_RAND> API. 11b077aed3SPierre Pronchery 12b077aed3SPierre ProncheryThe seed sources used are specified at the time OpenSSL is configured for 13b077aed3SPierre Proncherybuilding using the B<--with-rand-seed=> option. By default, operating system 14b077aed3SPierre Proncheryrandomness sources are used. 15b077aed3SPierre Pronchery 16b077aed3SPierre Pronchery=head2 Identity 17b077aed3SPierre Pronchery 18b077aed3SPierre Pronchery"SEED-SRC" is the name for this implementation; it can be used with the 19b077aed3SPierre ProncheryEVP_RAND_fetch() function. 20b077aed3SPierre Pronchery 21b077aed3SPierre Pronchery=head2 Supported parameters 22b077aed3SPierre Pronchery 23b077aed3SPierre ProncheryThe supported parameters are: 24b077aed3SPierre Pronchery 25b077aed3SPierre Pronchery=over 4 26b077aed3SPierre Pronchery 27b077aed3SPierre Pronchery=item "state" (B<OSSL_RAND_PARAM_STATE>) <integer> 28b077aed3SPierre Pronchery 29b077aed3SPierre Pronchery=item "strength" (B<OSSL_RAND_PARAM_STRENGTH>) <unsigned integer> 30b077aed3SPierre Pronchery 31b077aed3SPierre Pronchery=item "max_request" (B<OSSL_RAND_PARAM_MAX_REQUEST>) <unsigned integer> 32b077aed3SPierre Pronchery 33b077aed3SPierre ProncheryThese parameters work as described in L<EVP_RAND(3)/PARAMETERS>. 34b077aed3SPierre Pronchery 35b077aed3SPierre Pronchery=back 36b077aed3SPierre Pronchery 37b077aed3SPierre Pronchery=head1 NOTES 38b077aed3SPierre Pronchery 39b077aed3SPierre ProncheryA context for the seed source can be obtained by calling: 40b077aed3SPierre Pronchery 41b077aed3SPierre Pronchery EVP_RAND *rand = EVP_RAND_fetch(NULL, "SEED-SRC", NULL); 42b077aed3SPierre Pronchery EVP_RAND_CTX *rctx = EVP_RAND_CTX_new(rand); 43b077aed3SPierre Pronchery 44b077aed3SPierre Pronchery=head1 EXAMPLES 45b077aed3SPierre Pronchery 46b077aed3SPierre Pronchery EVP_RAND *rand; 47b077aed3SPierre Pronchery EVP_RAND_CTX *seed, *rctx; 48b077aed3SPierre Pronchery unsigned char bytes[100]; 49b077aed3SPierre Pronchery OSSL_PARAM params[2], *p = params; 50b077aed3SPierre Pronchery unsigned int strength = 128; 51b077aed3SPierre Pronchery 52*e0c4386eSCy Schubert /* Create and instantiate a seed source */ 53b077aed3SPierre Pronchery rand = EVP_RAND_fetch(NULL, "SEED-SRC", NULL); 54b077aed3SPierre Pronchery seed = EVP_RAND_CTX_new(rand, NULL); 55*e0c4386eSCy Schubert EVP_RAND_instantiate(seed, strength, 0, NULL, 0, NULL); 56b077aed3SPierre Pronchery EVP_RAND_free(rand); 57b077aed3SPierre Pronchery 58b077aed3SPierre Pronchery /* Feed this into a DRBG */ 59b077aed3SPierre Pronchery rand = EVP_RAND_fetch(NULL, "CTR-DRBG", NULL); 60b077aed3SPierre Pronchery rctx = EVP_RAND_CTX_new(rand, seed); 61b077aed3SPierre Pronchery EVP_RAND_free(rand); 62b077aed3SPierre Pronchery 63b077aed3SPierre Pronchery /* Configure the DRBG */ 64b077aed3SPierre Pronchery *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER, 65b077aed3SPierre Pronchery SN_aes_256_ctr, 0); 66b077aed3SPierre Pronchery *p = OSSL_PARAM_construct_end(); 67b077aed3SPierre Pronchery EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params); 68b077aed3SPierre Pronchery 69b077aed3SPierre Pronchery EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0); 70b077aed3SPierre Pronchery 71b077aed3SPierre Pronchery EVP_RAND_CTX_free(rctx); 72b077aed3SPierre Pronchery EVP_RAND_CTX_free(seed); 73b077aed3SPierre Pronchery 74b077aed3SPierre Pronchery=head1 SEE ALSO 75b077aed3SPierre Pronchery 76b077aed3SPierre ProncheryL<EVP_RAND(3)>, 77b077aed3SPierre ProncheryL<EVP_RAND(3)/PARAMETERS> 78b077aed3SPierre Pronchery 79b077aed3SPierre Pronchery=head1 COPYRIGHT 80b077aed3SPierre Pronchery 81b077aed3SPierre ProncheryCopyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. 82b077aed3SPierre Pronchery 83b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 84b077aed3SPierre Proncherythis file except in compliance with the License. You can obtain a copy 85b077aed3SPierre Proncheryin the file LICENSE in the source distribution or at 86b077aed3SPierre ProncheryL<https://www.openssl.org/source/license.html>. 87b077aed3SPierre Pronchery 88b077aed3SPierre Pronchery=cut 89