mirror of https://github.com/openssl/openssl.git
doc: document that 'openssl rand' is cryptographically secure
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11213)
This commit is contained in:
Dr. Matthias St. Pierre
parent
a24e62f54b
commit
88398d2a35
|
|
@ -20,8 +20,14 @@ I<num>
|
|||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
This command outputs I<num> pseudo-random bytes after seeding
|
||||
the random number generator once.
|
||||
This command generates I<num> random bytes using a cryptographically
|
||||
secure pseudo random number generator (CSPRNG).
|
||||
|
||||
The random bytes are generated using the L<RAND_bytes(3)> function,
|
||||
which provides a security level of 256 bits, provided it managed to
|
||||
seed itself successfully from a trusted operating system entropy source.
|
||||
Otherwise, the command will fail with a non-zero error code.
|
||||
For more details, see L<RAND_bytes(3)>, L<RAND(7)>, and L<RAND_DRBG(7)>.
|
||||
|
||||
=head1 OPTIONS
|
||||
|
||||
|
|
@ -52,7 +58,9 @@ Show the output as a hex string.
|
|||
=head1 SEE ALSO
|
||||
|
||||
L<openssl(1)>,
|
||||
L<RAND_bytes(3)>
|
||||
L<RAND_bytes(3)>,
|
||||
L<RAND(7)>,
|
||||
L<RAND_DRBG(7)>
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
|
|
|
|||
|
|
@ -23,8 +23,8 @@ L<openssl_user_macros(7)>:
|
|||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
RAND_bytes() puts B<num> cryptographically strong pseudo-random bytes
|
||||
into B<buf>.
|
||||
RAND_bytes() generates B<num> random bytes using a cryptographically
|
||||
secure pseudo random generator (CSPRNG) and stores them in B<buf>.
|
||||
|
||||
RAND_priv_bytes() has the same semantics as RAND_bytes(). It is intended to
|
||||
be used for generating values that should remain private. If using the
|
||||
|
|
@ -44,10 +44,22 @@ ignored.
|
|||
|
||||
=head1 NOTES
|
||||
|
||||
Always check the error return value of RAND_bytes() and
|
||||
RAND_priv_bytes() and do not take randomness for granted: an error occurs
|
||||
if the CSPRNG has not been seeded with enough randomness to ensure an
|
||||
unpredictable byte sequence.
|
||||
By default, the OpenSSL CSPRNG supports a security level of 256 bits, provided it
|
||||
was able to seed itself from a trusted entropy source.
|
||||
On all major platforms supported by OpenSSL (including the Unix-like platforms
|
||||
and Windows), OpenSSL is configured to automatically seed the CSPRNG on first use
|
||||
using the operating systems's random generator.
|
||||
|
||||
If the entropy source fails or is not available, the CSPRNG will enter an
|
||||
error state and refuse to generate random bytes. For that reason, it is important
|
||||
to always check the error return value of RAND_bytes() and RAND_priv_bytes() and
|
||||
not take randomness for granted.
|
||||
|
||||
On other platforms, there might not be a trusted entropy source available
|
||||
or OpenSSL might have been explicitly configured to use different entropy sources.
|
||||
If you are in doubt about the quality of the entropy source, don't hesitate to ask
|
||||
your operating system vendor or post a question on GitHub or the openssl-users
|
||||
mailing list.
|
||||
|
||||
=head1 RETURN VALUES
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue