| | 1 | =pod |
| | 2 | |
| | 3 | =head1 NAME |
| | 4 | |
| | 5 | RAND_bytes, RAND_priv_bytes, RAND_bytes_ex, RAND_priv_bytes_ex, |
| | 6 | RAND_pseudo_bytes, RAND_set1_random_provider - generate random data |
| | 7 | |
| | 8 | =head1 SYNOPSIS |
| | 9 | |
| | 10 | #include <openssl/rand.h> |
| | 11 | |
| | 12 | int RAND_bytes(unsigned char *buf, int num); |
| | 13 | int RAND_priv_bytes(unsigned char *buf, int num); |
| | 14 | |
| | 15 | int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num, |
| | 16 | unsigned int strength); |
| | 17 | int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num, |
| | 18 | unsigned int strength); |
| | 19 | |
| | 20 | int RAND_set1_random_provider(OSSL_LIB_CTX *ctx, OSSL_PROVIDER *p); |
| | 21 | |
| | 22 | The following function has been deprecated since OpenSSL 1.1.0, and can be |
| | 23 | hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value, |
| | 24 | see L<openssl_user_macros(7)>: |
| | 25 | |
| | 26 | int RAND_pseudo_bytes(unsigned char *buf, int num); |
| | 27 | |
| | 28 | =head1 DESCRIPTION |
| | 29 | |
| | 30 | RAND_bytes() generates B<num> random bytes using a cryptographically |
| | 31 | secure pseudo random generator (CSPRNG) and stores them in B<buf>. B<buf> B<MUST NOT> be NULL. |
| | 32 | |
| | 33 | RAND_priv_bytes() has the same semantics as RAND_bytes(). It is intended to |
| | 34 | be used for generating values that should remain private. If using the |
| | 35 | default RAND_METHOD, this function uses a separate "private" PRNG |
| | 36 | instance so that a compromise of the "public" PRNG instance will not |
| | 37 | affect the secrecy of these private values, as described in L<RAND(7)> |
| | 38 | and L<EVP_RAND(7)>. |
| | 39 | |
| | 40 | RAND_bytes_ex() and RAND_priv_bytes_ex() are the same as RAND_bytes() and |
| | 41 | RAND_priv_bytes() except that they both take additional I<strength> and |
| | 42 | I<ctx> parameters. The bytes generated will have a security strength of at |
| | 43 | least I<strength> bits. |
| | 44 | The DRBG used for the operation is the public or private DRBG associated with |
| | 45 | the specified I<ctx>. The parameter can be NULL, in which case |
| | 46 | the default library context is used (see L<OSSL_LIB_CTX(3)>. |
| | 47 | If the default RAND_METHOD has been changed then for compatibility reasons the |
| | 48 | RAND_METHOD will be used in preference and the DRBG of the library context |
| | 49 | ignored. |
| | 50 | |
| | 51 | RAND_set1_random_provider() specifies a provider, I<prov>, which will be used |
| | 52 | by the library context I<ctx> for all of the generate calls above instead |
| | 53 | of the built-in in DRBGs and entropy source. Pass NULL for the provider |
| | 54 | to disable the random provider functionality. In this case, the built-in DRBGs |
| | 55 | and entropy source will be used. This call should not be considered thread safe. |
| | 56 | |
| | 57 | =head1 NOTES |
| | 58 | |
| | 59 | By default, the OpenSSL CSPRNG supports a security level of 256 bits, provided it |
| | 60 | was able to seed itself from a trusted entropy source. |
| | 61 | On all major platforms supported by OpenSSL (including the Unix-like platforms |
| | 62 | and Windows), OpenSSL is configured to automatically seed the CSPRNG on first use |
| | 63 | using the operating systems's random generator. |
| | 64 | |
| | 65 | If the entropy source fails or is not available, the CSPRNG will enter an |
| | 66 | error state and refuse to generate random bytes. For that reason, it is important |
| | 67 | to always check the error return value of RAND_bytes() and RAND_priv_bytes() and |
| | 68 | not take randomness for granted. |
| | 69 | |
| | 70 | On other platforms, there might not be a trusted entropy source available |
| | 71 | or OpenSSL might have been explicitly configured to use different entropy sources. |
| | 72 | If you are in doubt about the quality of the entropy source, don't hesitate to ask |
| | 73 | your operating system vendor or post a question on GitHub or the openssl-users |
| | 74 | mailing list. |
| | 75 | |
| | 76 | =head1 RETURN VALUES |
| | 77 | |
| | 78 | RAND_bytes() and RAND_priv_bytes() |
| | 79 | return 1 on success, -1 if not supported by the current |
| | 80 | RAND method, or 0 on other failure. The error code can be |
| | 81 | obtained by L<ERR_get_error(3)>. |
| | 82 | |
| | 83 | RAND_set1_random_provider() returns 1 on success and 0 on failure. |
| | 84 | |
| | 85 | =head1 SEE ALSO |
| | 86 | |
| | 87 | L<RAND_add(3)>, |
| | 88 | L<RAND_bytes(3)>, |
| | 89 | L<RAND_priv_bytes(3)>, |
| | 90 | L<ERR_get_error(3)>, |
| | 91 | L<RAND(7)>, |
| | 92 | L<EVP_RAND(7)> |
| | 93 | |
| | 94 | =head1 HISTORY |
| | 95 | |
| | 96 | =over 2 |
| | 97 | |
| | 98 | =item * |
| | 99 | |
| | 100 | RAND_pseudo_bytes() was deprecated in OpenSSL 1.1.0; use RAND_bytes() instead. |
| | 101 | |
| | 102 | =item * |
| | 103 | |
| | 104 | The RAND_priv_bytes() function was added in OpenSSL 1.1.1. |
| | 105 | |
| | 106 | =item * |
| | 107 | |
| | 108 | The RAND_bytes_ex() and RAND_priv_bytes_ex() functions were added in OpenSSL 3.0 |
| | 109 | |
| | 110 | =item * |
| | 111 | |
| | 112 | The RAND_set1_random_provider() function was added in OpenSSL 3.5 |
| | 113 | |
| | 114 | =back |
| | 115 | |
| | 116 | =head1 COPYRIGHT |
| | 117 | |
| | 118 | Copyright 2000-2025 The OpenSSL Project Authors. All Rights Reserved. |
| | 119 | |
| | 120 | Licensed under the Apache License 2.0 (the "License"). You may not use |
| | 121 | this file except in compliance with the License. You can obtain a copy |
| | 122 | in the file LICENSE in the source distribution or at |
| | 123 | L<https://www.openssl.org/source/license.html>. |
| | 124 | |
| | 125 | =cut |
projects / thirdparty / openssl.git / blame_incremental