CryptGenRandom
[New
- Windows NT]
[New
- Windows 95, OEM Service Release 2]
The CryptGenRandom
function fills a buffer with random bytes.
BOOL
CRYPTFUNC CryptGenRandom(
|
HCRYPTPROV
hProv, |
|
|
DWORD dwLen, |
|
|
BYTE *pbBuffer |
|
|
); |
|
Parameters
hProv
[in] A handle
to the application s CSP. An application obtains this handle using the CryptAcquireContext function.
dwLen
[in] The
number of bytes of random data to be generated.
pbBuffer
[in/out] The
buffer the function is to copy the random data to. This buffer must be at least
dwLen bytes in length.
Optionally,
the application can fill this buffer with data to use as an auxiliary random
seed. This is explained further in the Remarks section.
Remarks
The data
produced by this function is cryptographically random. It is far more random
than the data generated by the typical random number generator such as the one
shipped with your C compiler.
This function
is often used to generate random initialization vectors and salt values.
Seeding the Random Number Generator
All software
random number generators work in fundamentally the same way. They start with
one truly random number, known as the seed, and then use an algorithm to
generate a pseudo-random sequence of bits based on it. The most difficult part
of this process is to get a seed that is truly random. This is usually based on
user input latency, or the jitter from one or more hardware components.
If your
application has access to a good random source, then it can fill the pbBuffer
buffer with some amount of random data before calling CryptGenRandom.
The CSP will then use this data to further randomize its internal seed. Failing
to initialize the pbBuffer buffer before calling CryptGenRandom is acceptable.
Return Values
If the
function succeeds, the return value is nonzero.
If the
function fails, the return value is zero. To retrieve extended error information,
use the GetLastError
function.
The following
table lists the error codes most commonly returned by the GetLastError
function. The error codes prefaced by NTE are generated by the particular CSP
you are using.
|
Error |
Description |
|
ERROR_INVALID_HANDLE |
One of the
parameters specifies an invalid handle. |
|
ERROR_INVALID_PARAMETER |
One of the
parameters contains an invalid value. This is most often an illegal pointer. |
|
NTE_BAD_UID |
The hProv
parameter does not contain a valid context handle. |
|
NTE_FAIL |
The
function failed in some unexpected way. |
Example
See the
Example section in the CryptSetKeyParam function.
See Also