Reputation: 169
Openssl RAND_bytes algorithm
What algorithm does the RAND_bytes function use in OpenSSL?
Upvotes: 5
Views: 7362
Answers (1)
Reputation: 17846
OpenSSL can load and run different random-number engines, and is not limited to a single implementation. RAND_bytes is implemented in crypto/rand/rand_lib.c, and it gets a function pointer to the concrete RNG implementation by calling the function RAND_get_rand_method() in the same file.
So assuming you haven't loaded a new RNG engine, OpenSSL will pick one of the following:
By default it chooses,
RAND_SSLeay(), implemented incrypto/rand/md_rand.c, which ultimately callsssleay_rand_bytes(). I don't think it really has a name, and the randomness ultimately comes from the message digest (MD_Update).If you are running the 1.0 FIPS module in FIPS mode, you get an ANSI X9.31 RNG, which uses either 3DES or AES at its core. (Note that ANSI X9.31 is no longer allowed in FIPS 140-2).
If you are running the 2.0 FIPS module in FIPS mode, you get an SP 800-90A Deterministic Random Bit Generator (DRBG).
Upvotes: 5
Related Questions
- Proper way to reimplement openssl_random_pseudo_bytes function in Java
- OPENSSL RAND_bytes output isn't reliable
- RAND_bytes not invoking though setting a RAND_set_rand_method()?
- replace rand() with openssl_random_pseudo_bytes()
- openssl RAND_add() documentation refers to RFC1750. RFC1750 is silent on the matter
- Is openssl_random_pseudo_bytes truly random?
- OpenSSL random - using ENGINE API to set random, what is the right way to do it?
- OpenSSL and Rand_bytes
- random string generated by openssl is not so random.
- random number generator and seed