Overview of random number generation

• Overview

• Base classes and their derived classes

• Dependencies

The purpose of the Random Number Generation API is the generation of cryptographically strong random numbers.

Several cryptographic applications rely upon the randomness, unpredictability and irreproducibility of the random number generator, such as:

• one-time pads

• key generation

• random nonces

• Initialization Vectors (IVs)

• salts to be hashed with passwords

• unique parameters in signing operations.

The RNG uses the RANROT algorithm seeded by random data available on the target hardware (for instance free running counters available on ARM processors).

In order to be fully compliant with DSS (Digital Signature Standard), applications using the cryptography library must supply a FIPS-186-2 CR 1 compliant random number generator. The library provides a mechanism for using such a random number generator if required.

The diagram below shows the main classes used in the RNG, which are implemented in random.dll. For information on each class see the Cryptography API Reference material.

TRandom is a cryptographically stong random number generator. Its declaration is:

class TRandom
    {
public:
    IMPORT_C static void RandomL(TDes8& aDestination);
    };

Note: the function TRandom::Random() which panics rather than leaves when it cannot obtain a random number, is deprecated from v9.1 onwards.

TRandom::RandomL() generates random bytes by first connecting to the random number generation server (using RRandomSession). If the attempt to connect fails, TRandom::RandomL() leaves.

The server fills aDestination with randomly generated bytes up to its current length (not its maximum length). If this fails, TRandom::RandomL() leaves. If aDestination is 1024 or more bytes long, multiple calls are made to the server. Finally, TRandom closes the session.

TRandom can be used like this:

HBufC8* rand = HBufC8::NewLC(5);
TPtr8 pRand=rand->Des();
pRand.SetLength(5);
TRandom::RandomL(pRand);
...
CleanupStack::PopAndDestroy(rand);

The diagram linked to below shows the inter-dependencies between random.dll and its clients:

• Dependency diagram for random.dll

From v9.5 random number generation is implemented by the CryptoSpi::CRandom class. To create a random number generator, use the factory function CryptoSpi::CRandomFactory::CreateRandomL() or CryptoSpi::CRandomFactory::CreateAsyncRandomL().

See also

• Generating random bytes