Libcryptorandom is a cross-platform library that allows programmers to obtain cryptographically secure random numbers from the best available entropy source on the underlying system. The library frees the programmer from having to understand and code for various OS-specific crypto implementations and/or hardware devices. The calling program merely specifies what grade of random bytes are needed, and the library returns a random number provider that will satisfy the request (if available).
This library supports Intel® Secure Key.
Underlying sources of random numbers are referred to as providers. The library chooses the best available provider from the list of defined providers that will satisfy the request. "Best" is a somewhat subjective term, but the intention is to favor high-throughput sources over lower ones, and high-quality hardware devices over OS implementations.
Linux*, OS X*, and Windows* operating systems are supported, in both 32- and 64-bit builds.
The API includes the following functions:
int random_open(crypto_random_t *provider, unsigned int flags);
Open a random provider that meets the requirements specified in flags.
int random_close(crypto_random_t *provider);
Close an open provider and free its resources.
int random_info(crypto_random_t *provider, int parameter, void *value);
Obtain information about a provider, or about all known providers.
ssize_t random_read(crypto_random_t *provider, void *buf, ssize_t len);
Read random bytes from an open provider.
int random_reseed(crypto_random_t *provider);
Explicitly force a reseed of the underlying random provider.
const char *random_strerror(int errornum);
Obtain an error string from an error code.
The random providers known to libcryptorandom are:
The OS facility for obtaining cryptographically secure random numbers. On Linux and OS X this would be the /dev/random and /dev/urandom devices. On Windows, random numbers come from the CryptGenRandom() function in Microsoft's CryptoAPI.
Intel Corporation's digital random number generator, marketed under the name Intel® Data Protection Technology with Intel Secure Key. For more information, see DRNG Software Implementation Guide.
Building and Installation
Libcryptorandom is distributed as source code and must be built on the target platform.
Builds and installs via Gnu Autotools, using either gcc or the Intel® compiler. The build target is a shared library, libcryptorandom.
Same build procedure as Linux.
Builds via Visual Studio*, using either the Microsoft or Intel compiler. The build target is a static library.
Libcryptorandom is an open source library distributed under the terms of the BSD 2.0 license. The license text is included in the distribution.
Any software source code reprinted in this document is furnished under a software license and may only be used or copied in accordance with the terms of that license.
Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.
Copyright © 2013 Intel Corporation. All rights reserved.
*Other names and brands may be claimed as the property of others.