crypt.generatebytes

Generates size cryptographically random bytes from the OS CSPRNGCSPRNGCryptographically Secure Pseudo-Random Number Generator. Produces output indistinguishable from true randomness. OS implementations: BCryptGenRandom (Windows), getrandom (Linux), /dev/urandom (Unix). and returns them Base64-encoded.

The random bytes come from the operating system’s cryptographically secure pseudo-random number generator:

• Windows: BCryptGenRandom(NULL, buffer, size, BCRYPT_USE_SYSTEM_PREFERRED_RNG) — backed by the CNG (Cryptography: Next Generation) subsystem, seeded from hardware entropy (RDRAND, interrupt timing)
• Linux: getrandom(buffer, size, 0) or /dev/urandom — backed by ChaCha20ChaCha20A stream cipher used in Linux's getrandom() CSPRNG. Generates random bytes by encrypting a counter with a key initialized from hardware entropy. Fast in software, no AES hardware acceleration needed.-based CSPRNGCSPRNGCryptographically Secure Pseudo-Random Number Generator. Produces output indistinguishable from true randomness. OS implementations: BCryptGenRandom (Windows), getrandom (Linux), /dev/urandom (Unix)., seeded from hardware entropy

These sources are suitable for key generation, IVs, nonces, and salts. Decode the result with crypt.base64decode() to get raw bytes.