Next: Overriding algorithms, Previous: Hash and MAC functions, Up: Using GnuTLS as a cryptographic library [Contents][Index]
Access to the random number generator is provided using the gnutls_rnd function. It allows obtaining random data of various levels.
GNUTLS_RND_NONCE
Non-predictable random number. Fatal in parts of session if broken, i.e., vulnerable to statistical analysis.
GNUTLS_RND_RANDOM
Pseudo-random cryptographic random number. Fatal in session if broken. Example use: temporal keys.
GNUTLS_RND_KEY
Fatal in many sessions if broken. Example use: Long-term keys.
level: a security level
data: place to store random bytes
len: The requested size
This function will generate random data and store it to output
buffer. The value of level
should be one of GNUTLS_RND_NONCE
,
GNUTLS_RND_RANDOM
and GNUTLS_RND_KEY
. See the manual and
gnutls_rnd_level_t
for detailed information.
This function is thread-safe and also fork-safe.
Returns: Zero on success, or a negative error code on error.
Since: 2.12.0
See Random Number Generators-internals for more information on the random number generator operation.