CryptGenRandom
This function fills a buffer with random bytes.
BOOL CRYPTFUNCCryptGenRandom(HCRYPTPROVhProv,DWORDdwLen,BYTE* pbBuffer);
Parameters
hProv
[in] HCRYPTPROV handle to a cryptographic service provider (CSP) created by a call to CryptAcquireContext.dwLen
[in] Specifies the number of bytes of random data to be generated.pbBuffer
[in, out] Pointer to the buffer that receives the random data. This buffer must be at least dwLen bytes in length.Optionally, the application can fill this buffer with data to use as an auxiliary random seed. This is explained further in the Remarks section.
Return Values
TRUE indicates success. FALSE indicates failure. To get extended error information, call the GetLastError function.
The following table shows the common values for the GetLastError function. The error values prefaced by NTE are generated by the particular cryptographic service provider (CSP) you are using.
| Value | Description |
|---|---|
| ERROR_INVALID_HANDLE | One of the parameters specifies an invalid handle. |
| ERROR_INVALID_PARAMETER | One of the parameters contains an invalid value. This is most often an illegal pointer. |
| NTE_BAD_UID | The hProv parameter does not contain a valid context handle. |
| NTE_FAIL | The function failed in some unexpected way. |
Remarks
The data produced by this function is cryptographically random. It is far more random than the data generated by the typical random number generator, such as the one shipped with your C compiler.
This function is often used to generate random initialization vectors and salt values.
All software random number generators work in fundamentally the same way. They start with a random number, known as the seed, and then use an algorithm to generate a pseudo-random sequence of bits based on it. The most difficult part of this process is to get a seed that is truly random. This is usually based on user input latency, or the jitter from one or more hardware components.
If your application has access to a good random source, then it can fill the pbBuffer buffer with some random data before calling the CryptGenRandom function. The CSP will then use this data to further randomize its internal seed. Failing to initialize the pbBuffer buffer before calling the CryptGenRandom function is acceptable.
If your platform does not include Cryptography Services features, you can use CeGenRandom to generate random numbers.
Example Code
See CryptSetKeyParam.
Requirements
OS Versions: Windows CE 2.10 and later.
Header: Wincrypt.h.
Link Library: Coredll.lib.
See Also
CeGenRandom | CryptAcquireContext | CryptGenKey | CryptSetKeyParam
Last updated on Thursday, April 08, 2004
© 1992-2003 Microsoft Corporation. All rights reserved.