Important: |
---|
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
This function fills a buffer with random bytes.
Syntax
BOOL CRYPTFUNC CryptGenRandom( HCRYPTPROV hProv, DWORD dwLen, BYTE* pbBuffer ); |
Parameters
- hProv
-
[in] An HCRYPTPROVhandle to a cryptographic service provider created by a call to CryptAcquireContext.
- dwLen
-
[in] The length, in bytes, of the random data to generate.
- pbBuffer
-
[in, out] Pointer to the buffer containing the random data. This buffer must be at least dwLenbytes in length.
On input, the application must fill the buffer with data to use as an auxiliary random seed. The cryptographic service provider will use this data to further randomize its internal seed.
Return Value
TRUE indicates success. FALSE indicates failure. To get extended error information, call the GetLastErrorfunction.
The following table shows the common values for the GetLastErrorfunction. The error values prefaced by NTE are generated by the particular cryptographic service provider you are using.
Value | Description |
---|---|
ERROR_INVALID_HANDLE |
One of the parameters specifies an invalid handle. |
ERROR_INVALID_PARAMETER |
One of the parameters contains an invalid value. This is most often an illegal pointer. |
NTE_BAD_UID |
The hProvparameter does not contain a valid context handle. |
NTE_FAIL |
The function failed in some unexpected way. |
Remarks
The data produced by this function is cryptographically random. It is far more random than the data generated by the typical random number generator, such as the one shipped with your C compiler.
This function is often used to generate random initialization vectors and salt values.
All software random number generators work in fundamentally the same way. They start with a random number, known as the seed, and then use an algorithm to generate a pseudo-random sequence of bits based on it. The most difficult part of this process is to get a seed that is truly random. This is usually based on user input latency, or the jitter from one or more hardware pieces.
If your OS design does not include the Cryptography Services feature, you can use CeGenRandomto generate random numbers. CeGenRandomis only available if the OS design includes the File System feature.
Example Code
See CryptSetKeyParam.
Requirements
Header | wincrypt.h |
Library | coredll.lib |
Windows Embedded CE | Windows CE 2.10 and later |
Windows Mobile | Windows Mobile Version 5.0 and later |