diff options
author | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2020-03-02 00:25:29 +0100 |
---|---|---|
committer | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2020-03-03 10:55:03 +0100 |
commit | 88398d2a358fe41e33c61ac02f23ffaeacddcff0 (patch) | |
tree | a61c8197f46cf38706c9731af031d8ed74f82095 /doc/man1 | |
parent | a24e62f54b48d01832fd0b80f97115927a777a0f (diff) |
doc: document that 'openssl rand' is cryptographically secure
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11213)
Diffstat (limited to 'doc/man1')
-rw-r--r-- | doc/man1/openssl-rand.pod.in | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/doc/man1/openssl-rand.pod.in b/doc/man1/openssl-rand.pod.in index 61c74df466..b8a01750c8 100644 --- a/doc/man1/openssl-rand.pod.in +++ b/doc/man1/openssl-rand.pod.in @@ -20,8 +20,14 @@ I<num> =head1 DESCRIPTION -This command outputs I<num> pseudo-random bytes after seeding -the random number generator once. +This command generates I<num> random bytes using a cryptographically +secure pseudo random number generator (CSPRNG). + +The random bytes are generated using the L<RAND_bytes(3)> function, +which provides a security level of 256 bits, provided it managed to +seed itself successfully from a trusted operating system entropy source. +Otherwise, the command will fail with a non-zero error code. +For more details, see L<RAND_bytes(3)>, L<RAND(7)>, and L<RAND_DRBG(7)>. =head1 OPTIONS @@ -52,7 +58,9 @@ Show the output as a hex string. =head1 SEE ALSO L<openssl(1)>, -L<RAND_bytes(3)> +L<RAND_bytes(3)>, +L<RAND(7)>, +L<RAND_DRBG(7)> =head1 COPYRIGHT |