Overview of random number generation
Overview
The purpose of the Random Number Generation API is the generation of cryptographically strong random numbers.
Several cryptographic applications rely upon the randomness, unpredictability and irreproducibility of the random number generator, such as:
one-time pads
key generation
random nonces
Initialization Vectors (IVs)
salts to be hashed with passwords
unique parameters in signing operations.
Note: In order to be fully compliant with DSS (Digital Signature Standard), applications using the cryptography library must supply a FIPS-186-2 CR 1 compliant random number generator. The library provides a mechanism for using such a random number generator if required.
The Random Number Generation API
The diagram below shows the main classes
used in the RNG, which are implemented in random.dll.
For information on each class see the Cryptography API Reference material.
Figure: The inheritance hierarchy for the RRandomSession and CSystemRandom classes
How to use TRandom
TRandom is a
cryptographically stong random number generator. Its declaration is:
class TRandom
{
public:
IMPORT_C static void RandomL(TDes8& aDestination);
};Note: The function
TRandom::Random() which
panics rather than leaves when it cannot obtain a random number, is deprecated
from v9.1 onwards. TRandom::RandomL() generates
random bytes by first connecting to the random number generation server (using RRandomSession).
If the attempt to connect fails, TRandom::RandomL() leaves.
The
server fills aDestination with randomly generated bytes up
to its current length (not its maximum length). If this fails, TRandom::RandomL() leaves.
If aDestination is 1024 or more bytes long, multiple calls
are made to the server. Finally, TRandom closes the session.
TRandom can
be used like this:
HBufC8* rand = HBufC8::NewLC(5); TPtr8 pRand=rand->Des(); pRand.SetLength(5); TRandom::RandomL(pRand); ... CleanupStack::PopAndDestroy(rand);