Restrict RAND to producing 63 random bits
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Jul 20 19:28:29 UTC 2023
On Thu, Jul 20, 2023 at 02:31:29PM -0400, Robert Moskowitz wrote:
> This seems to generate a random number between 1 and 2^63-1
>
> And print a hex
>
> printf "%X\n" $(shuf -rn 1 -i 1-9223372036854775807
> --random-source=/dev/urandom)
>
> I don't know if I can trust this as a real random number, but it IS
> taking its source from urandom. Plus it is "only" for serial number thus
OpenSSL typically just uses /dev/urandom also. If you prefer using
OpenSSL, and you're on 64-bit CPU, "bash" or "ksh" can do the requisite
arithmetic:
r64="0x$(openssl rand -hex 8)" || exit 1
r63=$(printf "%016x\n" $(( $r64 & (2**63-1) )) )
... do stuff with $r63 ...
--
Viktor.
More information about the openssl-users
mailing list