1RAND_DRBG_RESEED(3)                 OpenSSL                RAND_DRBG_RESEED(3)
2
3
4

NAME

6       RAND_DRBG_reseed, RAND_DRBG_set_reseed_interval,
7       RAND_DRBG_set_reseed_time_interval, RAND_DRBG_set_reseed_defaults -
8       reseed a RAND_DRBG instance
9

SYNOPSIS

11        #include <openssl/rand_drbg.h>
12
13        int RAND_DRBG_reseed(RAND_DRBG *drbg,
14                             const unsigned char *adin, size_t adinlen);
15
16        int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg,
17                                          unsigned int interval);
18
19        int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg,
20                                               time_t interval);
21
22        int RAND_DRBG_set_reseed_defaults(
23                                          unsigned int master_reseed_interval,
24                                          unsigned int slave_reseed_interval,
25                                          time_t master_reseed_time_interval,
26                                          time_t slave_reseed_time_interval
27                                          );
28

DESCRIPTION

30       RAND_DRBG_reseed() reseeds the given drbg, obtaining entropy input from
31       its entropy source and mixing in the specified additional data provided
32       in the buffer adin of length adinlen.  The additional data can be
33       omitted by setting adin to NULL and adinlen to 0.
34
35       RAND_DRBG_set_reseed_interval() sets the reseed interval of the drbg,
36       which is the maximum allowed number of generate requests between
37       consecutive reseedings.  If interval > 0, then the drbg will reseed
38       automatically whenever the number of generate requests since its last
39       seeding exceeds the given reseed interval.  If interval == 0, then this
40       feature is disabled.
41
42       RAND_DRBG_set_reseed_time_interval() sets the reseed time interval of
43       the drbg, which is the maximum allowed number of seconds between
44       consecutive reseedings.  If interval > 0, then the drbg will reseed
45       automatically whenever the elapsed time since its last reseeding
46       exceeds the given reseed time interval.  If interval == 0, then this
47       feature is disabled.
48
49       RAND_DRBG_set_reseed_defaults() sets the default values for the reseed
50       interval (master_reseed_interval and slave_reseed_interval) and the
51       reseed time interval (master_reseed_time_interval and
52       slave_reseed_tme_interval) of DRBG instances.  The default values are
53       set independently for master DRBG instances (which don't have a parent)
54       and slave DRBG instances (which are chained to a parent DRBG).
55

RETURN VALUES

57       RAND_DRBG_reseed(), RAND_DRBG_set_reseed_interval(), and
58       RAND_DRBG_set_reseed_time_interval(), return 1 on success, 0 on
59       failure.
60

NOTES

62       The default OpenSSL random generator is already set up for automatic
63       reseeding, so in general it is not necessary to reseed it explicitly,
64       or to modify its reseeding thresholds.
65
66       Normally, the entropy input for seeding a DRBG is either obtained from
67       a trusted os entropy source or from a parent DRBG instance, which was
68       seeded (directly or indirectly) from a trusted os entropy source.  In
69       exceptional cases it is possible to replace the reseeding mechanism
70       entirely by providing application defined callbacks using
71       RAND_DRBG_set_callbacks().
72
73       The reseeding default values are applied only during creation of a DRBG
74       instance.  To ensure that they are applied to the global and thread-
75       local DRBG instances (<master>, resp. <public> and <private>), it is
76       necessary to call RAND_DRBG_set_reseed_defaults() before creating any
77       thread and before calling any
78        cryptographic routines that obtain random data directly or indirectly.
79

HISTORY

81       The RAND_DRBG functions were added in OpenSSL 1.1.1.
82

SEE ALSO

84       RAND_DRBG_generate(3), RAND_DRBG_bytes(3), RAND_DRBG_set_callbacks(3).
85       RAND_DRBG(7)
86
88       Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
89
90       Licensed under the OpenSSL license (the "License").  You may not use
91       this file except in compliance with the License.  You can obtain a copy
92       in the file LICENSE in the source distribution or at
93       <https://www.openssl.org/source/license.html>.
94
95
96
971.1.1                             2018-09-11               RAND_DRBG_RESEED(3)
Impressum