xref: /openssl/doc/man1/openssl-rand.pod.in (revision 7deb2b43) 
1=pod
2{- OpenSSL::safe::output_do_not_edit_headers(); -}
3
4=head1 NAME
5
6openssl-rand - generate pseudo-random bytes
7
8=head1 SYNOPSIS
9
10B<openssl rand>
11[B<-help>]
12[B<-out> I<file>]
13[B<-base64>]
14[B<-hex>]
15{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_r_synopsis -}
16{- $OpenSSL::safe::opt_provider_synopsis -}
17I<num>[K|M|G|T]
18
19=head1 DESCRIPTION
20
21This command generates I<num> random bytes using a cryptographically
22secure pseudo random number generator (CSPRNG). A suffix [K|M|G|T] may be
23appended to the num value to indicate the requested value be scaled as a
24multiple of KiB/MiB/GiB/TiB respectively. Note that suffixes are case
25sensitive, and that the suffixes represent binary multiples
26(K = 1024 bytes, M = 1024*1024 bytes, etc).
27
28The string 'max' may be substituted for a numerical value in num, to request the
29maximum number of bytes the CSPRNG can produce per instantiation.  Currently,
30this is restricted to 2^61 bytes as per NIST SP 800-90C.
31
32The random bytes are generated using the L<RAND_bytes(3)> function,
33which provides a security level of 256 bits, provided it managed to
34seed itself successfully from a trusted operating system entropy source.
35Otherwise, the command will fail with a nonzero error code.
36For more details, see L<RAND_bytes(3)>, L<RAND(7)>, and L<EVP_RAND(7)>.
37
38=head1 OPTIONS
39
40=over 4
41
42=item B<-help>
43
44Print out a usage message.
45
46=item B<-out> I<file>
47
48Write to I<file> instead of standard output.
49
50=item B<-base64>
51
52Perform base64 encoding on the output.
53
54=item B<-hex>
55
56Show the output as a hex string.
57
58{- $OpenSSL::safe::opt_engine_item -}
59
60{- $OpenSSL::safe::opt_r_item -}
61
62{- $OpenSSL::safe::opt_provider_item -}
63
64=back
65
66=head1 SEE ALSO
67
68L<openssl(1)>,
69L<RAND_bytes(3)>,
70L<RAND(7)>,
71L<EVP_RAND(7)>
72
73=head1 HISTORY
74
75The B<-engine> option was deprecated in OpenSSL 3.0.
76
77=head1 COPYRIGHT
78
79Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
80
81Licensed under the Apache License 2.0 (the "License").  You may not use
82this file except in compliance with the License.  You can obtain a copy
83in the file LICENSE in the source distribution or at
84L<https://www.openssl.org/source/license.html>.
85
86=cut
87