RAND_bytes() -- SSLeay 0.9.0b -- January 1999

NAME

RAND_bytes, RAND_seed, RAND_cleanup, RAND_file_name, RAND_load_file,
RAND_write_file -- random number generation

SYNOPSIS

#include "rand.h"

void RAND_bytes(buf,num)
unsigned char *buf; int num;

void RAND_seed(buf,num)
unsigned char *buf; int num;

void RAND_cleanup()

char *RAND_file_name(buf,size)
char *buf; int size;

int RAND_load_file(file,number)
char *file; long number;

int RAND_write_file(file)
char *file;

DESCRIPTION

These routines can be used to generate pseudo random numbers and can be used to seed the pseudo random number generator (PRNG). The PRNG make no effort to reproduce the same random number stream with each execution. Various other routines in the SSLeay library seed the PRNG when suitable random input data is available. See Design of the PRNG used in the RAND library for design details.

RAND_bytes() puts num random bytes into buf. One should make sure RAND_seed() has been called before using this routine.

RAND_seed() adds more seed data to the PRNG state. num bytes are added to the PRNG state; they are taken from buf. This routine can be called with sensitive data such as user-entered passwords. This sensitive data is in no way recoverable from the RAND library routines or state. Try to pass as much data from 'random' sources as possible into the PRNG via this function. Also strongly consider using the RAND_load_file() and RAND_write_file() routines.

RAND_cleanup() zeros all variables and state information associated with these routines. This function can be called when a program has finished with the RAND library, if the user so desires.

The following 3 routines are convenience routines that can be used to save and restore data from/to the PRNG and its state. Since the more 'random' data that is feed as seed data the better, why not keep it around between executions of the program? Of course the application should pass more 'random' data in via RAND_seed() and make sure no-one can read the 'random' data file.

RAND_file_name() returns a default name for the location of a 'rand' file. The 'rand' file should keep a sequence of random bytes used to initialise the PRNG. The filename is put in buf. Buf is size bytes long. buf is returned to the user, or NULL on error. The 'rand' file name is generated in the following way. First, if there is a RANDFILE environment variable, it is returned. Second, if there is a HOME environment variable, $HOME/.rand is returned. Third, NULL is returned. NULL is also returned if buf would overflow.

RAND_load_file() adds the file file into the PRNG state. It does this by doing a RAND_seed() on the value returned from a stat() system call on the file and if number is non-zero, up to number bytes are read from the file. The number of bytes passed to RAND_seed() is returned.

RAND_write_file() writes N random bytes to the file file, where N is the size of the internal RND state (currently 1k). This is a suitable method of saving PRNG state for reloading via RAND_load_file().