CryptGenRandom (Compact 2013)

3/28/2014

This function fills a buffer with random bytes.

Syntax

BOOL CRYPTFUNC CryptGenRandom( 
  HCRYPTPROV hProv,
  DWORD dwLen, 
  BYTE* pbBuffer
);

Parameters

  • dwLen
    [in] The length, in bytes, of the random data to generate.
  • pbBuffer
    [in, out] Pointer to the buffer containing the random data. This buffer must be at least dwLen bytes in length.

    On input, the application must fill the buffer with data to use as an auxiliary random seed. The cryptographic service provider will use this data to further randomize its internal seed.

Return Value

TRUE indicates success. FALSE indicates failure. To get extended error information, call the GetLastError function.

The following table shows the common values for the GetLastError function. The error values prefaced by NTE are generated by the particular cryptographic service provider you are using.

Value

Description

ERROR_INVALID_HANDLE

One of the parameters specifies an invalid handle.

ERROR_INVALID_PARAMETER

One of the parameters contains an invalid value. This is most often an illegal pointer.

NTE_BAD_UID

The hProv parameter does not contain a valid context handle.

NTE_FAIL

The function failed in some unexpected way.

Remarks

The data produced by this function is cryptographically random. It is far more random than the data generated by the typical random number generator, such as the one shipped with your C compiler.

This function is often used to generate random initialization vectors and salt values.

All software random number generators work in fundamentally the same way. They start with a random number, known as the seed, and then use an algorithm to generate a pseudo-random sequence of bits based on it. The most difficult part of this process is to get a seed that is truly random. This is usually based on user input latency, or the jitter from one or more hardware pieces.

This function has two of the properties of a good random number generator: unpredictability and even value distribution. On a Windows Embedded Compact powered device, entropy is generated for CryptGenRandom by the following sources:

  • Thread and kernel switches (CeGetRandomSeed)
  • The current process identifier (GetCurrentProcessId)
  • The current thread identifier (GetCurrentThreadId)
  • Ticks since boot (GetTickCount)
  • Current time (GetLocalTime)
  • Memory information (GlobalMemoryStatus)
  • Object store statistics (GetStoreInformation)

All of this information is added to a buffer, which is hashed using MD4 and used as the key to modify a buffer, using RC4, provided by the user.

If the Cryptography Services Catalog item is not included in your OS design, you can also use CeGenRandom to generate random numbers.CeGenRandom is only available if the OS design includes the File System feature.

Example Code

See CryptSetKeyParam.

Requirements

Header

wincrypt.h

Library

coredll.lib

See Also

Reference

Cryptography Functions
CryptAcquireContext
CryptGenKey
CryptSetKeyParam

Other Resources

CeGenRandom