BCryptGenRandom Function (Windows)

BCryptGenRandom Function

The BCryptGenRandom function generates a random number.

Syntax

C++

NTSTATUS WINAPI BCryptGenRandom(
  __inout  BCRYPT_ALG_HANDLE hAlgorithm,
  __inout  PUCHAR pbBuffer,
  __in     ULONG cbBuffer,
  __in     ULONG dwFlags
);

Parameters

hAlgorithm [in, out]

The handle of an algorithm provider created by using the BCryptOpenAlgorithmProvider function. The algorithm that was specified when the provider was created must support the random number generator interface.

pbBuffer [in, out]

The address of a buffer that receives the random number. The size of this buffer is specified by the cbBuffer parameter.

cbBuffer [in]

The size, in bytes, of the pbBuffer buffer.

dwFlags [in]

A set of flags that modify the behavior of this function. This parameter can be zero or the following value.

Value	Meaning
BCRYPT_RNG_USE_ENTROPY_IN_BUFFER 0x00000001	This function will use the number in the pbBuffer buffer as additional entropy for the random number. If this flag is not specified, this function will use a random number for the entropy.
BCRYPT_USE_SYSTEM_PREFERRED_RNG 0x00000002	Use the system-preferred random number generator algorithm. The hAlgorithm parameter must be NULL. Windows Vista: This flag is not supported.

Value

Meaning

BCRYPT_RNG_USE_ENTROPY_IN_BUFFER
0x00000001

This function will use the number in the pbBuffer buffer as additional entropy for the random number. If this flag is not specified, this function will use a random number for the entropy.

BCRYPT_USE_SYSTEM_PREFERRED_RNG
0x00000002

Use the system-preferred random number generator algorithm. The hAlgorithm parameter must be NULL.

Windows Vista: This flag is not supported.

Return Value

Returns a status code that indicates the success or failure of the function.

Possible return codes include, but are not limited to, the following.

Return code	Description
STATUS_SUCCESS	The function was successful.
STATUS_INVALID_HANDLE	The handle in the hAlgorithm parameter is not valid.
STATUS_INVALID_PARAMETER	One or more parameters are not valid.

Remarks

The default random number provider implements an algorithm for generating random numbers that complies with the NIST SP800-90 standard, specifically the CTR_DRBG portion of that standard.

Windows Vista: Prior to Windows Vista with Service Pack 1 (SP1) the default random number provider implements an algorithm for generating random numbers that complies with the FIPS 186-2 standard.

Depending on what processor modes a provider supports, BCryptGenRandom can be called either from user mode or kernel mode. Kernel mode callers can execute either at PASSIVE_LEVEL IRQL or DISPATCH_LEVEL IRQL. If the current IRQL level is DISPATCH_LEVEL, the handle provided in the hAlgorithm parameter must have been opened by using the BCRYPT_PROV_DISPATCH flag, and any pointers passed to the BCryptGenRandom function must refer to nonpaged (or locked) memory.

Note The Microsoft provider in Windows Vista does not support calling at DISPATCH_LEVEL.

Requirements

Minimum supported client	Windows Vista
Minimum supported server	Windows Server 2008
Header	Bcrypt.h
Library	Bcrypt.lib
DLL	Bcrypt.dll

Send comments about this topic to Microsoft

Build date: 11/19/2009