mirror of https://github.com/openssl/openssl
87 lines
2.1 KiB
Plaintext
87 lines
2.1 KiB
Plaintext
=pod
|
|
{- OpenSSL::safe::output_do_not_edit_headers(); -}
|
|
|
|
=head1 NAME
|
|
|
|
openssl-rand - generate pseudo-random bytes
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
B<openssl rand>
|
|
[B<-help>]
|
|
[B<-out> I<file>]
|
|
[B<-base64>]
|
|
[B<-hex>]
|
|
{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_r_synopsis -}
|
|
{- $OpenSSL::safe::opt_provider_synopsis -}
|
|
I<num>[K|M|G|T]
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
This command generates I<num> random bytes using a cryptographically
|
|
secure pseudo random number generator (CSPRNG). A suffix [K|M|G|T] may be
|
|
appended to the num value to indicate the requested value be scaled as a
|
|
multiple of KiB/MiB/GiB/TiB respectively. Note that suffixes are case
|
|
sensitive, and that the suffixes represent binary multiples
|
|
(K = 1024 bytes, M = 1024*1024 bytes, etc).
|
|
|
|
The string 'max' may be substituted for a numercial value in num, to request the
|
|
maximum number of bytes the CSPRNG can produce per instantiation. Currently,
|
|
this is restricted to 2^61 bytes as per NIST SP 800-90C.
|
|
|
|
The random bytes are generated using the L<RAND_bytes(3)> function,
|
|
which provides a security level of 256 bits, provided it managed to
|
|
seed itself successfully from a trusted operating system entropy source.
|
|
Otherwise, the command will fail with a nonzero error code.
|
|
For more details, see L<RAND_bytes(3)>, L<RAND(7)>, and L<EVP_RAND(7)>.
|
|
|
|
=head1 OPTIONS
|
|
|
|
=over 4
|
|
|
|
=item B<-help>
|
|
|
|
Print out a usage message.
|
|
|
|
=item B<-out> I<file>
|
|
|
|
Write to I<file> instead of standard output.
|
|
|
|
=item B<-base64>
|
|
|
|
Perform base64 encoding on the output.
|
|
|
|
=item B<-hex>
|
|
|
|
Show the output as a hex string.
|
|
|
|
{- $OpenSSL::safe::opt_engine_item -}
|
|
|
|
{- $OpenSSL::safe::opt_r_item -}
|
|
|
|
{- $OpenSSL::safe::opt_provider_item -}
|
|
|
|
=back
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<openssl(1)>,
|
|
L<RAND_bytes(3)>,
|
|
L<RAND(7)>,
|
|
L<EVP_RAND(7)>
|
|
|
|
=head1 HISTORY
|
|
|
|
The B<-engine> option was deprecated in OpenSSL 3.0.
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|