BCryptGenRandom function
The BCryptGenRandom function generates a random number.
Syntax
NTSTATUS BCryptGenRandom(
BCRYPT_ALG_HANDLE hAlgorithm,
PUCHAR pbBuffer,
ULONG cbBuffer,
ULONG dwFlags
);
Parameters
hAlgorithm
The handle of an algorithm provider created by using the BCryptOpenAlgorithmProvider function. The algorithm that was specified when the provider was created must support the random number generator interface.
pbBuffer
The address of a buffer that receives the random number. The size of this buffer is specified by the cbBuffer parameter.
cbBuffer
The size, in bytes, of the pbBuffer buffer.
dwFlags
A set of flags that modify the behavior of this function. This parameter can be zero or the following value.
Value | Meaning |
---|---|
|
This function will use the number in the pbBuffer buffer as additional entropy for the random number. If this flag is not specified, this function will use a random number for the entropy.
Windows 8 and later: This flag is ignored in Windows 8 and later. |
|
Use the system-preferred random number generator algorithm. The hAlgorithm parameter must be NULL.
BCRYPT_USE_SYSTEM_PREFERRED_RNG is only supported at PASSIVE_LEVEL IRQL. For more information, see Remarks. Windows Vista: This flag is not supported. |
Return Value
Returns a status code that indicates the success or failure of the function.
Possible return codes include, but are not limited to, the following.
Return code | Description |
---|---|
|
The function was successful. |
|
The handle in the hAlgorithm parameter is not valid. |
|
One or more parameters are not valid. |
Remarks
The default random number provider implements an algorithm for generating random numbers that complies with the NIST SP800-90 standard, specifically the CTR_DRBG portion of that standard.
Windows Vista: Prior to Windows Vista with Service Pack 1 (SP1) the default random number provider implements an algorithm for generating random numbers that complies with the FIPS 186-2 standard.
Depending on what processor modes a provider supports, BCryptGenRandom can be called either from user mode or kernel mode. Kernel mode callers can execute either at PASSIVE_LEVEL IRQL or DISPATCH_LEVEL IRQL. If the current IRQL level is DISPATCH_LEVEL, the handle provided in the hAlgorithm parameter must have been opened by using the BCRYPT_PROV_DISPATCH flag, and any pointers passed to the BCryptGenRandom function must refer to nonpaged (or locked) memory.Windows Vista: The Microsoft provider does not support calling at DISPATCH_LEVEL.
To call this function in kernel mode, use Cng.lib, which is part of the Driver Development Kit (DDK). For more information, see WDK and Developer Tools.Windows Server 2008 and Windows Vista: To call this function in kernel mode, use Ksecdd.lib.
Requirements
Minimum supported client | Windows Vista [desktop apps | UWP apps] |
Minimum supported server | Windows Server 2008 [desktop apps | UWP apps] |
Target Platform | Windows |
Header | bcrypt.h |
Library | Bcrypt.lib |
DLL | Bcrypt.dll |