Random data
This class produces unpredictable, cryptographically secure random numbers. Using a predictable random number generator, such as System.Random, is insecure.
These functions should be used to randomly generate encryption keys, nonces, salts, seeds, integers, strings, and passphrases.
Fills a span with random bytes.
SecureRandom.Fill(Span<byte> buffer)
buffer
has a length of 0.Generates a random integer between 0 (inclusive) and the upper bound (exclusive).
SecureRandom.GetInt32(int upperBound)
upperBound
is less than MinUpperBound
.Generates a random string of a given length. A custom character set can be provided, but several character sets are available via constants.
SecureRandom.GetString(int length, string characterSet = AlphanumericChars)
length
is less than MinStringLength
or greater than MaxStringLength
.characterSet
is null.characterSet
has a length of 0.SecureRandom.GetPassphrase(int wordCount, char separatorChar = '-', bool capitalise = true, bool includeNumber = false)
wordCount
is less than MinWordCount
or greater than MaxWordCount
.Fills a span with deterministic bytes indistinguishable from random without knowing the seed.
SecureRandom.FillDeterministic(Span<byte> buffer, ReadOnlySpan<byte> seed)
buffer
has a length of 0.seed
has a length not equal to SeedSize
.If these functions are called inside a virtual machine (VM) which is snapshotted and restored, the same output may be produced.
The libsodium library uses
RtlGenRandom()
on Windows and getrandom
or /dev/urandom
on Linux and macOS to generate cryptographically secure random numbers non-deterministically. Deterministic generation is done using the IETF version of ChaCha20.Last modified 3mo ago