Doc-Verzeichnis Site Map Manpages GNU INFO Suche
 

RAND_egd(3)



     RAND_egd(3)            0.9.6h (2001-02-08)            RAND_egd(3)

     NAME
          RAND_egd - query entropy gathering daemon

     SYNOPSIS
           #include <openssl/rand.h>

           int RAND_egd(const char *path);
           int RAND_egd_bytes(const char *path, int bytes);

     DESCRIPTION
          RAND_egd() queries the entropy gathering daemon EGD on
          socket path.  It queries 255 bytes and uses RAND_add(3) to
          seed the OpenSSL built-in PRNG. RAND_egd(path) is a wrapper
          for RAND_egd_bytes(path, 255);

          RAND_egd_bytes() queries the entropy gathering daemon EGD on
          socket path.  It queries bytes bytes and uses RAND_add(3) to
          seed the OpenSSL built-in PRNG.  This function is more
          flexible than RAND_egd().  When only one secret key must be
          generated, it is not necessary to request the full amount
          255 bytes from the EGD socket. This can be advantageous,
          since the amount of entropy that can be retrieved from EGD
          over time is limited.

     NOTES
          On systems without /dev/*random devices providing entropy
          from the kernel, the EGD entropy gathering daemon can be
          used to collect entropy. It provides a socket interface
          through which entropy can be gathered in chunks up to 255
          bytes. Several chunks can be queried during one connection.

          EGD is available from http://www.lothar.com/tech/crypto/
          ("perl Makefile.PL; make; make install" to install). It is
          run as egd path, where path is an absolute path designating
          a socket. When RAND_egd() is called with that path as an
          argument, it tries to read random bytes that EGD has
          collected. The read is performed in non-blocking mode.

          Alternatively, the EGD-interface compatible daemon PRNGD can
          be used. It is available from
          http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
          .  PRNGD does employ an internal PRNG itself and can
          therefore never run out of entropy.

     RETURN VALUE
          RAND_egd() and RAND_egd_bytes() return the number of bytes
          read from the daemon on success, and -1 if the connection
          failed or the daemon did not return enough data to fully
          seed the PRNG.

     SEE ALSO
          rand(3), RAND_add(3), RAND_cleanup(3)

     Page 1                                         (printed 1/19/103)

     RAND_egd(3)            0.9.6h (2001-02-08)            RAND_egd(3)

     HISTORY
          RAND_egd() is available since OpenSSL 0.9.5.

          RAND_egd_bytes() is available since OpenSSL 0.9.6.

     Page 2                                         (printed 1/19/103)
Man(1) output converted with man2html