xref: /freebsd/crypto/openssl/doc/man3/BN_rand.pod (revision aa7957345732816fb0ba8308798d2f79f45597f9) 
1e71b7053SJung-uk Kim=pod
2e71b7053SJung-uk Kim
3e71b7053SJung-uk Kim=head1 NAME
4e71b7053SJung-uk Kim
5b077aed3SPierre ProncheryBN_rand_ex, BN_rand, BN_priv_rand_ex, BN_priv_rand, BN_pseudo_rand,
6b077aed3SPierre ProncheryBN_rand_range_ex, BN_rand_range, BN_priv_rand_range_ex, BN_priv_rand_range,
7b077aed3SPierre ProncheryBN_pseudo_rand_range
8e71b7053SJung-uk Kim- generate pseudo-random number
9e71b7053SJung-uk Kim
10e71b7053SJung-uk Kim=head1 SYNOPSIS
11e71b7053SJung-uk Kim
12e71b7053SJung-uk Kim #include <openssl/bn.h>
13e71b7053SJung-uk Kim
14b077aed3SPierre Pronchery int BN_rand_ex(BIGNUM *rnd, int bits, int top, int bottom,
15b077aed3SPierre Pronchery                unsigned int strength, BN_CTX *ctx);
16e71b7053SJung-uk Kim int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
17e71b7053SJung-uk Kim
18b077aed3SPierre Pronchery int BN_priv_rand_ex(BIGNUM *rnd, int bits, int top, int bottom,
19b077aed3SPierre Pronchery                     unsigned int strength, BN_CTX *ctx);
20e71b7053SJung-uk Kim int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom);
21e71b7053SJung-uk Kim
22b077aed3SPierre Pronchery int BN_rand_range_ex(BIGNUM *rnd, const BIGNUM *range, unsigned int strength,
23b077aed3SPierre Pronchery                      BN_CTX *ctx);
24b077aed3SPierre Pronchery int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
25b077aed3SPierre Pronchery
26b077aed3SPierre Pronchery int BN_priv_rand_range_ex(BIGNUM *rnd, const BIGNUM *range, unsigned int strength,
27b077aed3SPierre Pronchery                           BN_CTX *ctx);
28b077aed3SPierre Pronchery int BN_priv_rand_range(BIGNUM *rnd, const BIGNUM *range);
29b077aed3SPierre Pronchery
30b077aed3SPierre ProncheryThe following functions have been deprecated since OpenSSL 3.0, and can be
31b077aed3SPierre Proncheryhidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
32b077aed3SPierre Proncherysee L<openssl_user_macros(7)>:
33b077aed3SPierre Pronchery
34e71b7053SJung-uk Kim int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
35b077aed3SPierre Pronchery int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
36e71b7053SJung-uk Kim
37e71b7053SJung-uk Kim=head1 DESCRIPTION
38e71b7053SJung-uk Kim
39b077aed3SPierre ProncheryBN_rand_ex() generates a cryptographically strong pseudo-random
40b077aed3SPierre Proncherynumber of I<bits> in length and security strength at least I<strength> bits
41b077aed3SPierre Proncheryusing the random number generator for the library context associated with
42b077aed3SPierre ProncheryI<ctx>. The function stores the generated data in I<rnd>. The parameter I<ctx>
43b077aed3SPierre Proncherymay be NULL in which case the default library context is used.
44b077aed3SPierre ProncheryIf I<bits> is less than zero, or too small to
45b077aed3SPierre Proncheryaccommodate the requirements specified by the I<top> and I<bottom>
46e71b7053SJung-uk Kimparameters, an error is returned.
47b077aed3SPierre ProncheryThe I<top> parameters specifies
48e71b7053SJung-uk Kimrequirements on the most significant bit of the generated number.
49e71b7053SJung-uk KimIf it is B<BN_RAND_TOP_ANY>, there is no constraint.
50e71b7053SJung-uk KimIf it is B<BN_RAND_TOP_ONE>, the top bit must be one.
51e71b7053SJung-uk KimIf it is B<BN_RAND_TOP_TWO>, the two most significant bits of
52e71b7053SJung-uk Kimthe number will be set to 1, so that the product of two such random
53b077aed3SPierre Proncherynumbers will always have 2*I<bits> length.
54b077aed3SPierre ProncheryIf I<bottom> is B<BN_RAND_BOTTOM_ODD>, the number will be odd; if it
55e71b7053SJung-uk Kimis B<BN_RAND_BOTTOM_ANY> it can be odd or even.
56b077aed3SPierre ProncheryIf I<bits> is 1 then I<top> cannot also be B<BN_RAND_TOP_TWO>.
57e71b7053SJung-uk Kim
58b077aed3SPierre ProncheryBN_rand() is the same as BN_rand_ex() except that the default library context
59b077aed3SPierre Proncheryis always used.
60e71b7053SJung-uk Kim
61b077aed3SPierre ProncheryBN_rand_range_ex() generates a cryptographically strong pseudo-random
62*aa795734SPierre Proncherynumber I<rnd>, of security strength at least I<strength> bits,
63b077aed3SPierre Proncheryin the range 0 E<lt>= I<rnd> E<lt> I<range> using the random number
64b077aed3SPierre Proncherygenerator for the library context associated with I<ctx>. The parameter I<ctx>
65b077aed3SPierre Proncherymay be NULL in which case the default library context is used.
66b077aed3SPierre Pronchery
67b077aed3SPierre ProncheryBN_rand_range() is the same as BN_rand_range_ex() except that the default
68b077aed3SPierre Proncherylibrary context is always used.
69b077aed3SPierre Pronchery
70b077aed3SPierre ProncheryBN_priv_rand_ex(), BN_priv_rand(), BN_priv_rand_rand_ex() and
71b077aed3SPierre ProncheryBN_priv_rand_range() have the same semantics as BN_rand_ex(), BN_rand(),
72b077aed3SPierre ProncheryBN_rand_range_ex() and BN_rand_range() respectively.  They are intended to be
73e71b7053SJung-uk Kimused for generating values that should remain private, and mirror the
74e71b7053SJung-uk Kimsame difference between L<RAND_bytes(3)> and L<RAND_priv_bytes(3)>.
75e71b7053SJung-uk Kim
76e71b7053SJung-uk Kim=head1 NOTES
77e71b7053SJung-uk Kim
78e71b7053SJung-uk KimAlways check the error return value of these functions and do not take
79e71b7053SJung-uk Kimrandomness for granted: an error occurs if the CSPRNG has not been
80e71b7053SJung-uk Kimseeded with enough randomness to ensure an unpredictable byte sequence.
81e71b7053SJung-uk Kim
82e71b7053SJung-uk Kim=head1 RETURN VALUES
83e71b7053SJung-uk Kim
84e71b7053SJung-uk KimThe functions return 1 on success, 0 on error.
85e71b7053SJung-uk KimThe error codes can be obtained by L<ERR_get_error(3)>.
86e71b7053SJung-uk Kim
87610a21fdSJung-uk Kim=head1 SEE ALSO
88610a21fdSJung-uk Kim
89610a21fdSJung-uk KimL<ERR_get_error(3)>,
90610a21fdSJung-uk KimL<RAND_add(3)>,
91610a21fdSJung-uk KimL<RAND_bytes(3)>,
92610a21fdSJung-uk KimL<RAND_priv_bytes(3)>,
93610a21fdSJung-uk KimL<RAND(7)>,
94b077aed3SPierre ProncheryL<EVP_RAND(7)>
95610a21fdSJung-uk Kim
96e71b7053SJung-uk Kim=head1 HISTORY
97e71b7053SJung-uk Kim
98e71b7053SJung-uk Kim=over 2
99e71b7053SJung-uk Kim
100e71b7053SJung-uk Kim=item *
101e71b7053SJung-uk Kim
102e71b7053SJung-uk KimStarting with OpenSSL release 1.1.0, BN_pseudo_rand() has been identical
103e71b7053SJung-uk Kimto BN_rand() and BN_pseudo_rand_range() has been identical to
104e71b7053SJung-uk KimBN_rand_range().
105b077aed3SPierre ProncheryThe BN_pseudo_rand() and BN_pseudo_rand_range() functions were
106b077aed3SPierre Proncherydeprecated in OpenSSL 3.0.
107e71b7053SJung-uk Kim
108e71b7053SJung-uk Kim=item *
109e71b7053SJung-uk Kim
110b077aed3SPierre ProncheryThe BN_priv_rand() and BN_priv_rand_range() functions were added in
111b077aed3SPierre ProncheryOpenSSL 1.1.1.
112b077aed3SPierre Pronchery
113b077aed3SPierre Pronchery=item *
114b077aed3SPierre Pronchery
115b077aed3SPierre ProncheryThe BN_rand_ex(), BN_priv_rand_ex(), BN_rand_range_ex() and
116b077aed3SPierre ProncheryBN_priv_rand_range_ex() functions were added in OpenSSL 3.0.
117e71b7053SJung-uk Kim
118e71b7053SJung-uk Kim=back
119e71b7053SJung-uk Kim
120e71b7053SJung-uk Kim=head1 COPYRIGHT
121e71b7053SJung-uk Kim
122*aa795734SPierre ProncheryCopyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.
123e71b7053SJung-uk Kim
124b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License").  You may not use
125e71b7053SJung-uk Kimthis file except in compliance with the License.  You can obtain a copy
126e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at
127e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>.
128e71b7053SJung-uk Kim
129e71b7053SJung-uk Kim=cut
130