RAND_egd(3)RAND_egd(3)NAMERAND_egd - Query entropy gathering daemon
SYNOPSIS
#include <openssl/rand.h>
int RAND_egd(
const char *path ); int RAND_egd_bytes(
const char *path, int bytes );
DESCRIPTION
The RAND_egd() function queries the entropy gathering daemon EGD on
socket path. It queries 255 bytes and uses RAND_add() to seed the
OpenSSL built-in PRNG. The RAND_egd(path) is a wrapper for
RAND_egd_bytes(path, 255).
The RAND_egd_bytes() function queries the entropy gathering daemon EGD
on socket path. It queries bytes and uses RAND_add() to seed the
OpenSSL built-in PRNG. This function is more flexible than the
RAND_egd() function . When only one secret key must be generated, it is
not necessary to request the full amount 255 bytes from the EGD socket.
This can be advantageous, since the amount of entropy that can be
retrieved from EGD over time is limited.
NOTES
On systems without /dev/*random devices providing entropy from the ker‐
nel, the EGD entropy gathering daemon can be used to collect entropy.
It provides a socket interface through which entropy can be gathered in
chunks up to 255 bytes. Several chunks can be queried during one con‐
nection.
EGD is available from http://www.lothar.com/tech/crypto/ (perl Make‐
file.PL; make; make install to install). It is run as egd path, where
path is an absolute path designating a socket. When the RAND_egd()
function is called with that path as an argument, it tries to read ran‐
dom bytes that EGD collected. The read is performed in non-blocking
mode.
Alternatively, the EGD-interface compatible daemon PRNGD can be used.
It is available from http://www.aet.tu-cottbus.de/perso‐
nen/jaenicke/postfix_tls/prngd.html. PRNGD does employ an internal
PRNG itself and can therefore never run out of entropy.
RETURN VALUE
The RAND_egd() and RAND_egd_bytes() functions return the number of
bytes read from the daemon on success, and -1 if the connection failed
or the daemon did not return enough data to fully seed the PRNG.
HISTORY
The RAND_egd() function is available since OpenSSL 0.9.5.
The RAND_egd_bytes() function is available since OpenSSL 0.9.6.
SEE ALSO
Functions: rand_ssl(3), RAND_add(3), RAND_cleanup(3)RAND_egd(3)