getentropy(2) BSD System Calls Manual getentropy(2)
NAME
getentropy -- get entropy
SYNOPSIS
#include <sys/random.h>
int
getentropy(void *buf, size_t buflen);
DESCRIPTION
getentropy() fills a buffer with random data, which can be used as input
for process-context pseudorandom generators like arc4random(3).
The maximum buffer size permitted is 256 bytes. If buflen exceeds this,
an error of EIO will be indicated.
getentropy() should be used as a replacement for random(4) when random
data derived directly from the kernel random byte generator is required.
Unlike the random(4) pseudo-devices, it is not vulnerable to file
descriptor exhaustion attacks and is available when sandboxed or in a
chroot, making it more reliable for security-critical applications.
However, it should be noted that getentropy() is primarily intended for
use in the construction and seeding of userspace PRNGs like arc4random(3)
or CC_crypto(3). Clients who simply require random data should use
arc4random(3), CCRandomGenerateBytes() from CC_crypto(3), or
SecRandomCopyBytes() from the Security framework instead of getentropy()
or random(4)
RETURN VALUES
Upon successful completion, the value 0 is returned; otherwise the
value -1 is returned and the global variable errno is set to indicate the
error.
ERRORS
getentropy() will succeed unless:
[EINVAL] The buf parameter points to an invalid address.
[EIO] Too many bytes requested, or some other fatal error
occurred.
SEE ALSO
arc4random(3) CC_crypto(3) random(4)
HISTORY
The getentropy() function appeared in OSX 10.12
BSD October 2 2015 BSD
Mac OS X 10.12.3 - Generated Sun Feb 5 06:15:43 CST 2017