From 30287d2d655e1a9fe476477b6c74b62f816f37d6 Mon Sep 17 00:00:00 2001 From: Jay Berkenbilt Date: Sat, 30 Nov 2013 12:25:01 -0500 Subject: Allow OS-provided secure random to be disabled --- manual/qpdf-manual.xml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'manual/qpdf-manual.xml') diff --git a/manual/qpdf-manual.xml b/manual/qpdf-manual.xml index 8d68db9d..2cb6be5d 100644 --- a/manual/qpdf-manual.xml +++ b/manual/qpdf-manual.xml @@ -1851,6 +1851,31 @@ outfile.pdf preserved as clear-text if it is that way in the original file. + + Random Number Generation + + QPDF generates random numbers to support generation of encrypted + data. Versions prior to 5.0.1 used random or + rand from stdlib to + generate random numbers. Version 5.0.1, if available, used + operating system-provided secure random number generation instead, + enabling use of stdlib random number + generation only if enabled by a compile-time option. Starting in + version 5.1.0, use of insecure random numbers was disabled unless + enabled at compile time. Starting in version 5.1.0, it is also + possible for you to disable use of OS-provided secure random + numbers. This is especially useful on Windows if you want to + avoid a dependency on Microsoft's cryptography API. In this case, + you must provide your own random data provider. Regardless of how + you compile qpdf, starting in version 5.1.0, it is possible for + you to provide your own random data provider at runtime. This + would enable you to use some software-based secure pseudorandom + number generator and to avoid use of whatever the operating system + provides. For details on how to do this, please refer to the + top-level README file in the source distribution and to comments + in QUtil.hh. + + Adding and Removing Pages -- cgit v1.2.3-54-g00ecf