openssl/doc/man3/RAND_egd.pod

=pod

=head1 NAME

RAND_egd, RAND_egd_bytes, RAND_query_egd_bytes - query entropy gathering daemon

=head1 SYNOPSIS

 #include <openssl/rand.h>

 int RAND_egd(const char *path);
 int RAND_egd_bytes(const char *path, int bytes);

 int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);

=head1 DESCRIPTION

RAND_egd() queries the Entropy Gathering Daemon (EGD) on socket B<path>.
It queries 255 bytes and uses L<RAND_add(3)> to seed the
OpenSSL built-in PRNG. RAND_egd(path) is a wrapper for
RAND_egd_bytes(path, 255);

RAND_egd_bytes() queries EGD on socket B<path>.
It queries B<bytes> bytes and uses L<RAND_add(3)> to seed the
OpenSSL built-in PRNG.
This function is more flexible than RAND_egd().
When only one secret key must
be generated, it is not necessary to request the full amount 255 bytes from
the EGD socket. This can be advantageous, since the amount of randomness
that can be retrieved from EGD over time is limited.

RAND_query_egd_bytes() performs the actual query of the EGD daemon on socket
B<path>. If B<buf> is given, B<bytes> bytes are queried and written into
B<buf>. If B<buf> is NULL, B<bytes> bytes are queried and used to seed the
OpenSSL built-in PRNG using L<RAND_add(3)>.

=head1 NOTES

On systems without /dev/*random devices providing randomness from the kernel,
EGD provides
a socket interface through which randomness can be gathered in chunks up to
255 bytes. Several chunks can be queried during one connection.

EGD is available from http://www.lothar.com/tech/crypto/ (C<perl
Makefile.PL; make; make install> to install). It is run as B<egd>
I<path>, where I<path> is an absolute path designating a socket. When
RAND_egd() is called with that path as an argument, it tries to read
random bytes that EGD has collected. RAND_egd() retrieves randomness from the
daemon using the daemon's "non-blocking read" command which shall
be answered immediately by the daemon without waiting for additional
randomness to be collected. The write and read socket operations in the
communication are blocking.

Alternatively, the EGD-interface compatible daemon PRNGD can be used. It is
available from
http://prngd.sourceforge.net/ .
PRNGD does employ an internal PRNG itself and can therefore never run
out of randomness.

OpenSSL automatically queries EGD when randomness is requested via RAND_bytes()
or the status is checked via RAND_status() for the first time, if the socket
is located at /var/run/egd-pool, /dev/egd-pool or /etc/egd-pool.

=head1 RETURN VALUE

RAND_egd() and RAND_egd_bytes() return the number of bytes read from the
daemon on success, and -1 if the connection failed or the daemon did not
return enough data to fully seed the PRNG.

RAND_query_egd_bytes() returns the number of bytes read from the daemon on
success, and -1 if the connection failed. The PRNG state is not considered.

=head1 SEE ALSO

L<RAND_bytes(3)>, L<RAND_add(3)>,
L<RAND_cleanup(3)>

=head1 COPYRIGHT

Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the OpenSSL license (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Support EGD. 2000-02-24 02:51:47 +00:00			`=pod`

			`=head1 NAME`

Document updates from wiki. PR#3071 The primary changes made are: - Updates to the "NAME" section of many pages to correctly reflect the functions defined on those pages. This section is automatically parsed by the util/extract-names.pl script, so if it is not correct then running "man" will not correctly locate the right manual pages. - Updates to take account of where functions are now deprecated - Full documentation of the ec sub-library - A number of other typo corrections and other minor tweaks 2013-06-12 22:42:08 +00:00			`RAND_egd, RAND_egd_bytes, RAND_query_egd_bytes - query entropy gathering daemon`
Support EGD. 2000-02-24 02:51:47 +00:00
			`=head1 SYNOPSIS`

			`#include <openssl/rand.h>`

			`int RAND_egd(const char *path);`
Update documentation to match the state at 0.9.6 _and_ the recent changes. 2001-02-08 10:42:01 +00:00			`int RAND_egd_bytes(const char *path, int bytes);`

			`int RAND_query_egd_bytes(const char path, unsigned char buf, int bytes);`
Support EGD. 2000-02-24 02:51:47 +00:00
			`=head1 DESCRIPTION`

Use randomness not entropy Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3773) 2017-06-26 16:02:57 +00:00			`RAND_egd() queries the Entropy Gathering Daemon (EGD) on socket B<path>.`
Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-17 19:21:33 +00:00			`It queries 255 bytes and uses L<RAND_add(3)> to seed the`
Update documentation to match the state at 0.9.6 _and_ the recent changes. 2001-02-08 10:42:01 +00:00			`OpenSSL built-in PRNG. RAND_egd(path) is a wrapper for`
			`RAND_egd_bytes(path, 255);`

Use randomness not entropy Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3773) 2017-06-26 16:02:57 +00:00			`RAND_egd_bytes() queries EGD on socket B<path>.`
Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-17 19:21:33 +00:00			`It queries B<bytes> bytes and uses L<RAND_add(3)> to seed the`
Update documentation to match the state at 0.9.6 _and_ the recent changes. 2001-02-08 10:42:01 +00:00			`OpenSSL built-in PRNG.`
cleanup 2001-02-08 17:14:07 +00:00			`This function is more flexible than RAND_egd().`
			`When only one secret key must`
			`be generated, it is not necessary to request the full amount 255 bytes from`
Use randomness not entropy Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3773) 2017-06-26 16:02:57 +00:00			`the EGD socket. This can be advantageous, since the amount of randomness`
cleanup 2001-02-08 17:14:07 +00:00			`that can be retrieved from EGD over time is limited.`
Update documentation to match the state at 0.9.6 _and_ the recent changes. 2001-02-08 10:42:01 +00:00
			`RAND_query_egd_bytes() performs the actual query of the EGD daemon on socket`
			`B<path>. If B<buf> is given, B<bytes> bytes are queried and written into`
			`B<buf>. If B<buf> is NULL, B<bytes> bytes are queried and used to seed the`
Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-17 19:21:33 +00:00			`OpenSSL built-in PRNG using L<RAND_add(3)>.`
Update documentation to match the state at 0.9.6 _and_ the recent changes. 2001-02-08 10:42:01 +00:00
			`=head1 NOTES`

Use randomness not entropy Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3773) 2017-06-26 16:02:57 +00:00			`On systems without /dev/*random devices providing randomness from the kernel,`
			`EGD provides`
			`a socket interface through which randomness can be gathered in chunks up to`
Update documentation to match the state at 0.9.6 _and_ the recent changes. 2001-02-08 10:42:01 +00:00			`255 bytes. Several chunks can be queried during one connection.`

EGD info, as requested. 2000-02-24 03:36:01 +00:00			`EGD is available from http://www.lothar.com/tech/crypto/ (C<perl`
			`Makefile.PL; make; make install> to install). It is run as B<egd>`
			`I<path>, where I<path> is an absolute path designating a socket. When`
			`RAND_egd() is called with that path as an argument, it tries to read`
Use randomness not entropy Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3773) 2017-06-26 16:02:57 +00:00			`random bytes that EGD has collected. RAND_egd() retrieves randomness from the`
Clarify (non-)blocking behavior of EGD socket interface used by RAND_egd(). 2008-11-10 11:26:44 +00:00			`daemon using the daemon's "non-blocking read" command which shall`
			`be answered immediately by the daemon without waiting for additional`
Use randomness not entropy Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3773) 2017-06-26 16:02:57 +00:00			`randomness to be collected. The write and read socket operations in the`
Clarify (non-)blocking behavior of EGD socket interface used by RAND_egd(). 2008-11-10 11:26:44 +00:00			`communication are blocking.`
EGD info, as requested. 2000-02-24 03:36:01 +00:00
Update documentation to match the state at 0.9.6 _and_ the recent changes. 2001-02-08 10:42:01 +00:00			`Alternatively, the EGD-interface compatible daemon PRNGD can be used. It is`
Add PRNGD link. 2000-07-03 17:26:51 +00:00			`available from`
Update to new home page 2007-01-12 18:47:13 +00:00			`http://prngd.sourceforge.net/ .`
Update documentation to match the state at 0.9.6 _and_ the recent changes. 2001-02-08 10:42:01 +00:00			`PRNGD does employ an internal PRNG itself and can therefore never run`
Use randomness not entropy Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3773) 2017-06-26 16:02:57 +00:00			`out of randomness.`
Add PRNGD link. 2000-07-03 17:26:51 +00:00
Use randomness not entropy Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3773) 2017-06-26 16:02:57 +00:00			`OpenSSL automatically queries EGD when randomness is requested via RAND_bytes()`
Include information that automatic query is a new feature. 2001-02-10 19:10:36 +00:00			`or the status is checked via RAND_status() for the first time, if the socket`
			`is located at /var/run/egd-pool, /dev/egd-pool or /etc/egd-pool.`
Note that EGD is used automatically. 2001-02-08 17:16:44 +00:00
EGD info, as requested. 2000-02-24 03:36:01 +00:00			`=head1 RETURN VALUE`
Support EGD. 2000-02-24 02:51:47 +00:00
Update documentation to match the state at 0.9.6 _and_ the recent changes. 2001-02-08 10:42:01 +00:00			`RAND_egd() and RAND_egd_bytes() return the number of bytes read from the`
			`daemon on success, and -1 if the connection failed or the daemon did not`
			`return enough data to fully seed the PRNG.`

			`RAND_query_egd_bytes() returns the number of bytes read from the daemon on`
			`success, and -1 if the connection failed. The PRNG state is not considered.`
Support EGD. 2000-02-24 02:51:47 +00:00
			`=head1 SEE ALSO`

Fix referenses in section 3 manuals Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1900) 2016-11-11 08:33:09 +00:00			`L<RAND_bytes(3)>, L<RAND_add(3)>,`
Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-17 19:21:33 +00:00			`L<RAND_cleanup(3)>`
Support EGD. 2000-02-24 02:51:47 +00:00
Add copyright to manpages Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 15:44:05 +00:00			`=head1 COPYRIGHT`

			`Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.`

			`Licensed under the OpenSSL license (the "License"). You may not use`
			`this file except in compliance with the License. You can obtain a copy`
			`in the file LICENSE in the source distribution or at`
			`L<https://www.openssl.org/source/license.html>.`

			`=cut`