Geralt
  • Introduction
  • Random data
  • Constant time
  • Secure memory
  • Encoding
  • Padding
  • Hashing
  • Message authentication
  • Password hashing
  • Key derivation
  • Authenticated encryption
    • Stream and file encryption
    • AEGIS-128L
    • AEGIS-256
    • ChaCha20-Poly1305
    • XChaCha20-Poly1305
  • Key exchange
  • Digital signatures
  • Advanced
    • Validation
    • Concat
    • ChaCha20
    • XChaCha20
    • HChaCha20
    • Poly1305
    • Ed25519 to X25519
Powered by GitBook
On this page
  • Purpose
  • Usage
  • Fill
  • GetInt32
  • GetString
  • GetPassphrase
  • FillDeterministic
  • Constants
  • Notes

Random data

Last updated 6 months ago

Purpose

This class produces unpredictable, cryptographically secure random numbers. Using a predictable random number generator, such as , is insecure.

These functions should be used to randomly generate encryption keys, nonces, salts, seeds, integers, strings, and passphrases.

Usage

Fill

Fills a span with random bytes.

SecureRandom.Fill(Span<byte> buffer)

Exceptions

buffer has a length of 0.

GetInt32

Generates a random integer between 0 (inclusive) and the upper bound (exclusive).

SecureRandom.GetInt32(int upperBound)

Exceptions

upperBound is less than MinUpperBound.

GetString

Generates a random string of a given length. A custom character set can be provided, but several character sets are available via constants.

SecureRandom.GetString(int length, string characterSet = AlphanumericChars)

Exceptions

length is less than MinStringLength or greater than MaxStringLength.

characterSet is null.

characterSet has a length of 0.

GetPassphrase

SecureRandom.GetPassphrase(int wordCount, char separatorChar = '-', bool capitalize = false, bool includeNumber = false)

wordCount is less than MinWordCount or greater than MaxWordCount.

FillDeterministic

Fills a span with deterministic bytes indistinguishable from random without knowing the seed.

SecureRandom.FillDeterministic(Span<byte> buffer, ReadOnlySpan<byte> seed)

Exceptions

buffer has a length of 0.

seed has a length not equal to SeedSize.

Constants

These are used for validation and/or save you defining your own constants.

public const int SeedSize = 32;
public const string AlphabeticChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
public const string NumericChars = "0123456789";
public const string SymbolChars = "!#$%&'()*+,-./:;<=>?@[]^_`{}~";
public const string AlphanumericChars = AlphabeticChars + NumericChars;
public const string AlphanumericSymbolChars = AlphanumericChars + SymbolChars;
public const int MinUpperBound = 2;
public const int MinStringLength = 8;
public const int MaxStringLength = 128;
public const int MinWordCount = 4;
public const int MaxWordCount = 20;

Notes

If these functions are called inside a virtual machine (VM) which is snapshotted and restored, the same output may be produced.​

Generates a random passphrase using the (minus hyphenated words).

This should be reserved for tests and custom constructions (e.g. an ).

The libsodium library uses RtlGenRandom() on Windows and getrandom or /dev/urandom on Linux and macOS to generate cryptographically secure random numbers non-deterministically. Deterministic generation is done using the IETF version of .

System.Random
ArgumentOutOfRangeException
ArgumentOutOfRangeException
ArgumentOutOfRangeException
ArgumentNullException
ArgumentOutOfRangeException
EFF's long wordlist
ArgumentOutOfRangeException
XOF
ArgumentOutOfRangeException
ArgumentOutOfRangeException
ChaCha20