openssl-rand.pod.in 2.1 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586
  1. =pod
  2. {- OpenSSL::safe::output_do_not_edit_headers(); -}
  3. =head1 NAME
  4. openssl-rand - generate pseudo-random bytes
  5. =head1 SYNOPSIS
  6. B<openssl rand>
  7. [B<-help>]
  8. [B<-out> I<file>]
  9. [B<-base64>]
  10. [B<-hex>]
  11. {- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_r_synopsis -}
  12. {- $OpenSSL::safe::opt_provider_synopsis -}
  13. I<num>[K|M|G|T]
  14. =head1 DESCRIPTION
  15. This command generates I<num> random bytes using a cryptographically
  16. secure pseudo random number generator (CSPRNG). A suffix [K|M|G|T] may be
  17. appended to the num value to indicate the requested value be scaled as a
  18. multiple of KiB/MiB/GiB/TiB respectively. Note that suffixes are case
  19. sensitive, and that the suffixes represent binary multiples
  20. (K = 1024 bytes, M = 1024*1024 bytes, etc).
  21. The string 'max' may be substituted for a numerical value in num, to request the
  22. maximum number of bytes the CSPRNG can produce per instantiation. Currently,
  23. this is restricted to 2^61 bytes as per NIST SP 800-90C.
  24. The random bytes are generated using the L<RAND_bytes(3)> function,
  25. which provides a security level of 256 bits, provided it managed to
  26. seed itself successfully from a trusted operating system entropy source.
  27. Otherwise, the command will fail with a nonzero error code.
  28. For more details, see L<RAND_bytes(3)>, L<RAND(7)>, and L<EVP_RAND(7)>.
  29. =head1 OPTIONS
  30. =over 4
  31. =item B<-help>
  32. Print out a usage message.
  33. =item B<-out> I<file>
  34. Write to I<file> instead of standard output.
  35. =item B<-base64>
  36. Perform base64 encoding on the output.
  37. =item B<-hex>
  38. Show the output as a hex string.
  39. {- $OpenSSL::safe::opt_engine_item -}
  40. {- $OpenSSL::safe::opt_r_item -}
  41. {- $OpenSSL::safe::opt_provider_item -}
  42. =back
  43. =head1 SEE ALSO
  44. L<openssl(1)>,
  45. L<RAND_bytes(3)>,
  46. L<RAND(7)>,
  47. L<EVP_RAND(7)>
  48. =head1 HISTORY
  49. The B<-engine> option was deprecated in OpenSSL 3.0.
  50. =head1 COPYRIGHT
  51. Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
  52. Licensed under the Apache License 2.0 (the "License"). You may not use
  53. this file except in compliance with the License. You can obtain a copy
  54. in the file LICENSE in the source distribution or at
  55. L<https://www.openssl.org/source/license.html>.
  56. =cut