Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Tree: 606e0426a1
Branches Tags
openssl
/
doc
/
man3
/
BN_rand.pod

BN_rand.pod 4.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129 
  1. =pod
    2. 

  2. 

  3. =head1 NAME
    4. 

  4. 

  5. BN_rand_ex, BN_rand, BN_priv_rand_ex, BN_priv_rand, BN_pseudo_rand,
    6. 

  6. BN_rand_range_ex, BN_rand_range, BN_priv_rand_range_ex, BN_priv_rand_range,
    7. 

  7. BN_pseudo_rand_range
    8. 

  8. - generate pseudo-random number
    9. 

  9. 

  10. =head1 SYNOPSIS
    11. 

  11. 

  12.  #include <openssl/bn.h>
    13. 

  13. 

  14.  int BN_rand_ex(BIGNUM *rnd, int bits, int top, int bottom,
    15. 

  15.                 unsigned int strength, BN_CTX *ctx);
    16. 

  16.  int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
    17. 

  17. 

  18.  int BN_priv_rand_ex(BIGNUM *rnd, int bits, int top, int bottom,
    19. 

  19.                      unsigned int strength, BN_CTX *ctx);
    20. 

  20.  int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom);
    21. 

  21. 

  22.  int BN_rand_range_ex(BIGNUM *rnd, const BIGNUM *range, unsigned int strength,
    23. 

  23.                       BN_CTX *ctx);
    24. 

  24.  int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
    25. 

  25. 

  26.  int BN_priv_rand_range_ex(BIGNUM *rnd, const BIGNUM *range, unsigned int strength,
    27. 

  27.                            BN_CTX *ctx);
    28. 

  28.  int BN_priv_rand_range(BIGNUM *rnd, const BIGNUM *range);
    29. 

  29. 

  30. The following functions have been deprecated since OpenSSL 3.0, and can be
    31. 

  31. hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
    32. 

  32. see L<openssl_user_macros(7)>:
    33. 

  33. 

  34.  int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
    35. 

  35.  int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
    36. 

  36. 

  37. =head1 DESCRIPTION
    38. 

  38. 

  39. BN_rand_ex() generates a cryptographically strong pseudo-random
    40. 

  40. number of I<bits> in length and security strength at least I<strength> bits
    41. 

  41. using the random number generator for the library context associated with
    42. 

  42. I<ctx>. The function stores the generated data in I<rnd>. The parameter I<ctx>
    43. 

  43. may be NULL in which case the default library context is used.
    44. 

  44. If I<bits> is less than zero, or too small to
    45. 

  45. accommodate the requirements specified by the I<top> and I<bottom>
    46. 

  46. parameters, an error is returned.
    47. 

  47. The I<top> parameters specifies
    48. 

  48. requirements on the most significant bit of the generated number.
    49. 

  49. If it is B<BN_RAND_TOP_ANY>, there is no constraint.
    50. 

  50. If it is B<BN_RAND_TOP_ONE>, the top bit must be one.
    51. 

  51. If it is B<BN_RAND_TOP_TWO>, the two most significant bits of
    52. 

  52. the number will be set to 1, so that the product of two such random
    53. 

  53. numbers will always have 2*I<bits> length.
    54. 

  54. If I<bottom> is B<BN_RAND_BOTTOM_ODD>, the number will be odd; if it
    55. 

  55. is B<BN_RAND_BOTTOM_ANY> it can be odd or even.
    56. 

  56. If I<bits> is 1 then I<top> cannot also be B<BN_RAND_TOP_TWO>.
    57. 

  57. 

  58. BN_rand() is the same as BN_rand_ex() except that the default library context
    59. 

  59. is always used.
    60. 

  60. 

  61. BN_rand_range_ex() generates a cryptographically strong pseudo-random
    62. 

  62. number I<rnd>, of security strength at least I<strength> bits,
    63. 

  63. in the range 0 E<lt>= I<rnd> E<lt> I<range> using the random number
    64. 

  64. generator for the library context associated with I<ctx>. The parameter I<ctx>
    65. 

  65. may be NULL in which case the default library context is used.
    66. 

  66. 

  67. BN_rand_range() is the same as BN_rand_range_ex() except that the default
    68. 

  68. library context is always used.
    69. 

  69. 

  70. BN_priv_rand_ex(), BN_priv_rand(), BN_priv_rand_rand_ex() and
    71. 

  71. BN_priv_rand_range() have the same semantics as BN_rand_ex(), BN_rand(),
    72. 

  72. BN_rand_range_ex() and BN_rand_range() respectively.  They are intended to be
    73. 

  73. used for generating values that should remain private, and mirror the
    74. 

  74. same difference between L<RAND_bytes(3)> and L<RAND_priv_bytes(3)>.
    75. 

  75. 

  76. =head1 NOTES
    77. 

  77. 

  78. Always check the error return value of these functions and do not take
    79. 

  79. randomness for granted: an error occurs if the CSPRNG has not been
    80. 

  80. seeded with enough randomness to ensure an unpredictable byte sequence.
    81. 

  81. 

  82. =head1 RETURN VALUES
    83. 

  83. 

  84. The functions return 1 on success, 0 on error.
    85. 

  85. The error codes can be obtained by L<ERR_get_error(3)>.
    86. 

  86. 

  87. =head1 SEE ALSO
    88. 

  88. 

  89. L<ERR_get_error(3)>,
    90. 

  90. L<RAND_add(3)>,
    91. 

  91. L<RAND_bytes(3)>,
    92. 

  92. L<RAND_priv_bytes(3)>,
    93. 

  93. L<RAND(7)>,
    94. 

  94. L<EVP_RAND(7)>
    95. 

  95. 

  96. =head1 HISTORY
    97. 

  97. 

  98. =over 2
    99. 

  99. 

  100. =item *
    101. 

  101. 

  102. Starting with OpenSSL release 1.1.0, BN_pseudo_rand() has been identical
    103. 

  103. to BN_rand() and BN_pseudo_rand_range() has been identical to
    104. 

  104. BN_rand_range().
    105. 

  105. The BN_pseudo_rand() and BN_pseudo_rand_range() functions were
    106. 

  106. deprecated in OpenSSL 3.0.
    107. 

  107. 

  108. =item *
    109. 

  109. 

  110. The BN_priv_rand() and BN_priv_rand_range() functions were added in
    111. 

  111. OpenSSL 1.1.1.
    112. 

  112. 

  113. =item *
    114. 

  114. 

  115. The BN_rand_ex(), BN_priv_rand_ex(), BN_rand_range_ex() and
    116. 

  116. BN_priv_rand_range_ex() functions were added in OpenSSL 3.0.
    117. 

  117. 

  118. =back
    119. 

  119. 

  120. =head1 COPYRIGHT
    121. 

  121. 

  122. Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
    123. 

  123. 

  124. Licensed under the Apache License 2.0 (the "License").  You may not use
    125. 

  125. this file except in compliance with the License.  You can obtain a copy
    126. 

  126. in the file LICENSE in the source distribution or at
    127. 

  127. L<https://www.openssl.org/source/license.html>.
    128. 

  128. 

  129. =cut
    130.