BN_RAND(3) Library Functions Manual BN_RAND(3)

BN_rand, BN_rand_range, BN_pseudo_rand, BN_pseudo_rand_rangegenerate pseudo-random number

#include <openssl/bn.h>

BN_rand(BIGNUM *rnd, int bits, int top, int bottom);

BN_rand_range(BIGNUM *rnd, const BIGNUM *range);

() generates a cryptographically strong pseudo-random number of bits in length and stores it in rnd. If top is BN_RAND_TOP_ANY, the most significant bit of the random number can be zero. If top is BN_RAND_TOP_ONE, the most significant bit is set to 1, and if top is BN_RAND_TOP_TWO, the two most significant bits of the number will be set to 1, so that the product of two such random numbers will always have 2*bits length. If bottom is BN_RAND_BOTTOM_ODD, the number will be odd; if it is BN_RAND_BOTTOM_ANY, it can be odd or even. The value of bits must be zero or greater. If bits is +1 then top cannot be BN_RAND_TOP_TWO.

() generates a cryptographically strong pseudo-random number rnd in the range 0 <= rnd < range.

() is a deprecated alias for BN_rand(), and () for BN_rand_range().

The functions return 1 on success, 0 on error. The error codes can be obtained by ERR_get_error(3).


BN_rand() first appeared in SSLeay 0.5.1 and has been available since OpenBSD 2.4.

The top == -1 case and the function BN_rand_range() first appeared in OpenSSL 0.9.6a and have been available since OpenBSD 3.0.

November 30, 2021 OpenBSD 7.5