Next: openssl MD, Previous: openssl General, Up: SXEmacs OpenSSL API [Contents][Index]
Random numbers are necessary for cryptographically secure implementations. The term number here indeed means a string. OpenSSL itself provides random number generators which fulfill the the demands of cryptography.
Return count bytes of randomness.
Note: You probably want to put a wrapping encoder function
(like base16-encode-string
) around it, since this returns
binary string data.
(base16-encode-string (ossl-rand-bytes 8)) ⇒ "5a78acd572984bdf"
Modern systems supply more sophisticated sources for random data, so called entropy gathering daemons.
Return count bytes of randomness from an EGD socket. By default use the socket /var/run/egd-pool.
Note: You probably want to put a wrapping encoder function
(like base16-encode-string
) around it, since this returns
binary string data.
(base16-encode-string (ossl-rand-bytes-egd 8 "/var/run/egd-pool")) ⇒ "59342a240b356a04"
Please note that the system’s random sources are used only for seeding OpenSSL’s pseudo-random number generator. So even large amounts of random data should be feasible. In contrast querying for large amounts of random data directly most likely freezes your process since the size of random devices or pools, and hence the size of cached random data, is quite limited.
Random numbers generated this way, can be used as “passwords” or
salt values in various encryption and decryption functions. As stated
above, whenever security is concerned one of the above functions,
ossl-rand-bytes
or ossl-rand-bytes-egd
should be used to
obtain random numbers. The built-in random
function of SXEmacs
is not cryptographically secure.