5 .\" The Regents of the University of California. All rights reserved.
7 .\" Redistribution and use in source and binary forms, with or without
8 .\" modification, are permitted provided that the following conditions
10 .\" 1. Redistributions of source code must retain the above copyright
11 .\" notice, this list of conditions and the following disclaimer.
12 .\" 2. Redistributions in binary form must reproduce the above copyright
13 .\" notice, this list of conditions and the following disclaimer in the
14 .\" documentation and/or other materials provided with the distribution.
16 .\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR
17 .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 .\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT,
20 .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 .Nm is_random_seeded ,
41 .Nd supply pseudo-random numbers
47 .Fn arc4random_buf "void *ptr" "size_t len"
49 .Fn arc4rand "void *ptr" "u_int length" "int reseed"
53 .Fn is_random_seeded "void"
55 .Fn read_random "void *buffer" "int count"
57 .Fn read_random_uio "struct uio *uio" "bool nonblock"
61 .Fn srandom "u_long seed"
69 functions will return very good quality random numbers, suited for
70 security-related purposes.
71 Both are wrappers around the underlying
75 returns a 32-bit random value, while
88 kernel abstract entropy device.
89 Automatic reseeding happens at unspecified time and bytes (of output)
91 A reseed can be forced by passing a non-zero
97 function is used to read entropy directly from the kernel abstract entropy
100 blocks if and until the entropy device is seeded.
103 is filled with no more than
106 It is strongly advised that
108 is not used directly;
115 function can be used to check in advance if
118 (If random is seeded, it will not block.)
122 function behaves identically to
128 argument points to a buffer where random data should be stored.
131 is true and the random device is not seeded, this function does not return any
133 Otherwise, this function may block interruptibly until the random device is seeded.
134 If the function is interrupted before the random device is seeded, no data is
139 function will produce a sequence of numbers that can be duplicated by calling
141 with some constant as the
145 function may be called with any
148 It is strongly advised that the
150 function not be used to generate random numbers.
152 .Sx SECURITY CONSIDERATIONS .
156 function uses the Chacha20 algorithm to generate a pseudo-random sequence of
162 to generate pseudo-random numbers
163 in the range from 0 to
164 .if t 2\u\s732\s10\d\(mi1.
170 the number of bytes placed in
174 returns zero when successful,
175 otherwise an error code is returned.
180 a non-linear additive feedback random number generator
181 employing a default table
183 containing long integers
184 to return successive pseudo-random
185 numbers in the range from 0 to
186 .if t 2\u\s731\s10\d\(mi1.
188 The period of this random number generator
191 .if t 16\(mu(2\u\s731\s10\d\(mi1).
192 .if n 16*((2**31)\(mi1).
199 points to an invalid memory region.
200 .It Bq Er EWOULDBLOCK
201 The random device is unseeded and
212 .Sh SECURITY CONSIDERATIONS
219 It is important to remember that the
221 function is entirely predictable.
222 It is easy for attackers to predict future output of
224 by recording some generated values.
225 We cannot emphasize strongly enough that
227 must not be used to generate values that are intended to be unpredictable.