diff options
Diffstat (limited to 'secure/lib/libcrypto/man/man7/RAND.7')
| -rw-r--r-- | secure/lib/libcrypto/man/man7/RAND.7 | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/secure/lib/libcrypto/man/man7/RAND.7 b/secure/lib/libcrypto/man/man7/RAND.7 index 07f4e2f7cdf3..9640d3890a6f 100644 --- a/secure/lib/libcrypto/man/man7/RAND.7 +++ b/secure/lib/libcrypto/man/man7/RAND.7 @@ -1,5 +1,5 @@ .\" -*- mode: troff; coding: utf-8 -*- -.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45) +.\" Automatically generated by Pod::Man v6.0.2 (Pod::Simple 3.45) .\" .\" Standard preamble: .\" ======================================================================== @@ -52,10 +52,13 @@ . \} .\} .rr rF +.\" +.\" Required to disable full justification in groff 1.23.0. +.if n .ds AD l .\" ======================================================================== .\" .IX Title "RAND 7ossl" -.TH RAND 7ossl 2025-09-30 3.5.4 OpenSSL +.TH RAND 7ossl 2026-04-07 3.5.6 OpenSSL .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -67,8 +70,8 @@ RAND .IX Header "DESCRIPTION" Random numbers are a vital part of cryptography, they are needed to provide unpredictability for tasks like key generation, creating salts, and many more. -Software-based generators must be seeded with external randomness before they -can be used as a cryptographically-secure pseudo-random number generator +Software\-based generators must be seeded with external randomness before they +can be used as a cryptographically\-secure pseudo\-random number generator (CSPRNG). The availability of common hardware with special instructions and modern operating systems, which may use items such as interrupt jitter @@ -78,7 +81,7 @@ OpenSSL comes with a default implementation of the RAND API which is based on the deterministic random bit generator (DRBG) model as described in [NIST SP 800\-90A Rev. 1]. The default random generator will initialize automatically on first use and will be fully functional without having -to be initialized ('seeded') explicitly. +to be initialized (\*(Aqseeded\*(Aq) explicitly. It seeds and reseeds itself automatically using trusted random sources provided by the operating system. .PP @@ -95,7 +98,7 @@ For more details on reseeding and error recovery, see \fBEVP_RAND\fR\|(7). .PP For values that should remain secret, you can use \fBRAND_priv_bytes\fR\|(3) instead. -This method does not provide 'better' randomness, it uses the same type of +This method does not provide \*(Aqbetter\*(Aq randomness, it uses the same type of CSPRNG. The intention behind using a dedicated CSPRNG exclusively for private values is that none of its output should be visible to an attacker (e.g., @@ -122,7 +125,7 @@ family of functions. .IX Header "DEFAULT SETUP" The default OpenSSL RAND method is based on the EVP_RAND deterministic random bit generator (DRBG) classes. -A DRBG is a certain type of cryptographically-secure pseudo-random +A DRBG is a certain type of cryptographically\-secure pseudo\-random number generator (CSPRNG), which is described in [NIST SP 800\-90A Rev. 1]. .SH "SEE ALSO" .IX Header "SEE ALSO" |