[apple/libc.git] / gen / FreeBSD / arc4random.3

.\" $OpenBSD: arc4random.3,v 1.34 2014/07/19 16:11:16 naddy Exp $
.\"
.\" Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\"    must display the following acknowledgement:
.\"      This product includes software developed by Niels Provos.
.\" 4. The name of the author may not be used to endorse or promote products
.\"    derived from this software without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" Manual page, using -mandoc macros
.\"
.Dd July 30, 2015
.Dt ARC4RANDOM 3
.Os
.Sh NAME
.Nm arc4random ,
.Nm arc4random_buf ,
.Nm arc4random_uniform
.Nd random number generator
.Sh SYNOPSIS
.In stdlib.h
.Ft uint32_t
.Fn arc4random "void"
.Ft void
.Fn arc4random_buf "void *buf" "size_t nbytes"
.Ft uint32_t
.Fn arc4random_uniform "uint32_t upper_bound"
.Sh DESCRIPTION
.Pp
These functions use a cryptographic pseudo-random number generator to generate
high quality random bytes very quickly.  One data pool is used for all
consumers in a process, so that consumption under program flow can act as
additional stirring.  The subsystem is re-seeded from the kernel random number
subsystem on a regular basis, and also upon 
.Xr fork 2 .
.Pp
This family of functions provides higher quality random data than those
described in
.Xr rand 3 ,
.Xr random 3 ,
and
.Xr rand48 3 .
They can be called in almost all environments, including
.Xr chroot 2 ,
and their use is encouraged over all other standard library functions for
random numbers.
.Pp
.Fn arc4random
returns a single 32-bit value.
.Pp
.Fn arc4random_buf
fills the region
.Fa buf
of length
.Fa nbytes
with random data.
.Pp
.Fn arc4random_uniform
will return a single 32-bit value, uniformly distributed but less than
.Fa upper_bound .
This is recommended over constructions like
.Dq Li arc4random() % upper_bound
as it avoids "modulo bias" when the upper bound is not a power of two.
In the worst case, this function may require multiple iterations
to ensure uniformity.
.Sh RETURN VALUES
These functions are always successful, and no return value is
reserved to indicate an error.
.Sh SEE ALSO
.Xr rand 3 ,
.Xr rand48 3 ,
.Xr random 3 ,
.Xr random 4
.Sh HISTORY
The original version of this random number generator used the RC4 (also known
as ARC4) algorithm.  In OS X 10.12 it was replaced with the NIST-approved AES
cipher, and it may be replaced again in the future as cryptographic techniques
advance.  A good mnemonic is
.Dq A Replacement Call for Random .
Commit	Line	Data
974e3884 A	1	.\" $OpenBSD: arc4random.3,v 1.34 2014/07/19 16:11:16 naddy Exp $
974e3884 A	2	.\"
224c7076 A	3	.\" Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
	4	.\" All rights reserved.
	5	.\"
	6	.\" Redistribution and use in source and binary forms, with or without
	7	.\" modification, are permitted provided that the following conditions
	8	.\" are met:
	9	.\" 1. Redistributions of source code must retain the above copyright
	10	.\" notice, this list of conditions and the following disclaimer.
	11	.\" 2. Redistributions in binary form must reproduce the above copyright
	12	.\" notice, this list of conditions and the following disclaimer in the
	13	.\" documentation and/or other materials provided with the distribution.
	14	.\" 3. All advertising materials mentioning features or use of this software
	15	.\" must display the following acknowledgement:
	16	.\" This product includes software developed by Niels Provos.
	17	.\" 4. The name of the author may not be used to endorse or promote products
	18	.\" derived from this software without specific prior written permission.
	19	.\"
	20	.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	21	.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	22	.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	23	.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	24	.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	25	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	26	.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	27	.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	28	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	29	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	30	.\"
	31	.\" Manual page, using -mandoc macros
224c7076	32	.\"
974e3884	33	.Dd July 30, 2015
224c7076 A	34	.Dt ARC4RANDOM 3
	35	.Os
	36	.Sh NAME
	37	.Nm arc4random ,
1f2f436a	38	.Nm arc4random_buf ,
974e3884 A	39	.Nm arc4random_uniform
974e3884 A	40	.Nd random number generator
224c7076 A	41	.Sh SYNOPSIS
224c7076 A	42	.In stdlib.h
974e3884	43	.Ft uint32_t
224c7076 A	44	.Fn arc4random "void"
224c7076 A	45	.Ft void
1f2f436a	46	.Fn arc4random_buf "void *buf" "size_t nbytes"
974e3884 A	47	.Ft uint32_t
974e3884 A	48	.Fn arc4random_uniform "uint32_t upper_bound"
224c7076	49	.Sh DESCRIPTION
974e3884 A	50	.Pp
	51	These functions use a cryptographic pseudo-random number generator to generate
	52	high quality random bytes very quickly. One data pool is used for all
	53	consumers in a process, so that consumption under program flow can act as
	54	additional stirring. The subsystem is re-seeded from the kernel random number
	55	subsystem on a regular basis, and also upon
	56	.Xr fork 2 .
	57	.Pp
	58	This family of functions provides higher quality random data than those
	59	described in
	60	.Xr rand 3 ,
	61	.Xr random 3 ,
224c7076	62	and
974e3884	63	.Xr rand48 3 .
b061a43b A	64	They can be called in almost all environments, including
b061a43b A	65	.Xr chroot 2 ,
974e3884 A	66	and their use is encouraged over all other standard library functions for
	67	random numbers.
	68	.Pp
	69	.Fn arc4random
	70	returns a single 32-bit value.
224c7076	71	.Pp
1f2f436a	72	.Fn arc4random_buf
974e3884	73	fills the region
1f2f436a A	74	.Fa buf
	75	of length
	76	.Fa nbytes
974e3884	77	with random data.
1f2f436a A	78	.Pp
1f2f436a A	79	.Fn arc4random_uniform
974e3884	80	will return a single 32-bit value, uniformly distributed but less than
1f2f436a	81	.Fa upper_bound .
974e3884	82	This is recommended over constructions like
1f2f436a A	83	.Dq Li arc4random() % upper_bound
1f2f436a A	84	as it avoids "modulo bias" when the upper bound is not a power of two.
974e3884 A	85	In the worst case, this function may require multiple iterations
	86	to ensure uniformity.
	87	.Sh RETURN VALUES
	88	These functions are always successful, and no return value is
	89	reserved to indicate an error.
224c7076 A	90	.Sh SEE ALSO
224c7076 A	91	.Xr rand 3 ,
974e3884	92	.Xr rand48 3 ,
224c7076	93	.Xr random 3 ,
974e3884	94	.Xr random 4
224c7076	95	.Sh HISTORY
974e3884 A	96	The original version of this random number generator used the RC4 (also known
	97	as ARC4) algorithm. In OS X 10.12 it was replaced with the NIST-approved AES
	98	cipher, and it may be replaced again in the future as cryptographic techniques
	99	advance. A good mnemonic is
	100	.Dq A Replacement Call for Random .