RAND_bytes.3ssl man page

RAND_bytes, RAND_priv_bytes, RAND_pseudo_bytes — generate random data


 #include <openssl/rand.h>

 int RAND_bytes(unsigned char *buf, int num);
 int RAND_priv_bytes(unsigned char *buf, int num);


 #if OPENSSL_API_COMPAT < 0x10100000L
 int RAND_pseudo_bytes(unsigned char *buf, int num);


RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf.

RAND_priv_bytes() has the same semantics as RAND_bytes().  It is intended to be used for generating values that should remain private. If using the default RAND_METHOD, this function uses a separate “private” PRNG instance so that a compromise of the “public” PRNG instance will not affect the secrecy of these private values, as described in RAND(7) and RAND_DRBG(7).


Always check the error return value of RAND_bytes() and RAND_priv_bytes() and do not take randomness for granted: an error occurs if the CSPRNG has not been seeded with enough randomness to ensure an unpredictable byte sequence.

Return Values

RAND_bytes() and RAND_priv_bytes() return 1 on success, -1 if not supported by the current RAND method, or 0 on other failure. The error code can be obtained by ERR_get_error(3).

See Also

RAND_add(3), RAND_bytes(3), RAND_priv_bytes(3), ERR_get_error(3), RAND(7), RAND_DRBG(7)


Referenced By

BN_generate_prime.3ssl(3), BN_rand.3ssl(3), DH_generate_key.3ssl(3), DH_generate_parameters.3ssl(3), DSA_do_sign.3ssl(3), DSA_generate_key.3ssl(3), DSA_generate_parameters.3ssl(3), DSA_sign.3ssl(3), ENGINE_add.3ssl(3), EVP_BytesToKey.3ssl(3), EVP_OpenInit.3ssl(3), EVP_SealInit.3ssl(3), PKCS5_PBKDF2_HMAC.3ssl(3), rand.3ssl(3), RAND_add.3ssl(3), RAND_DRBG_generate.3ssl(3), RAND_egd.3ssl(3), RAND_load_file.3ssl(3), RAND_set_rand_method.3ssl(3), RSA_generate_key.3ssl(3), RSA_public_encrypt.3ssl(3), RSA_sign_ASN1_OCTET_STRING.3ssl(3), SSL_get_client_random.3ssl(3).

The man pages RAND_priv_bytes.3ssl(3) and RAND_pseudo_bytes.3ssl(3) are aliases of RAND_bytes.3ssl(3).

2020-02-17 1.1.1d OpenSSL