1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimRAND_egd, RAND_egd_bytes, RAND_query_egd_bytes - query entropy gathering daemon 6e71b7053SJung-uk Kim 7e71b7053SJung-uk Kim=head1 SYNOPSIS 8e71b7053SJung-uk Kim 9e71b7053SJung-uk Kim #include <openssl/rand.h> 10e71b7053SJung-uk Kim 11e71b7053SJung-uk Kim int RAND_egd_bytes(const char *path, int num); 12e71b7053SJung-uk Kim int RAND_egd(const char *path); 13e71b7053SJung-uk Kim 14e71b7053SJung-uk Kim int RAND_query_egd_bytes(const char *path, unsigned char *buf, int num); 15e71b7053SJung-uk Kim 16e71b7053SJung-uk Kim=head1 DESCRIPTION 17e71b7053SJung-uk Kim 18e71b7053SJung-uk KimOn older platforms without a good source of randomness such as C</dev/urandom>, 19e71b7053SJung-uk Kimit is possible to query an Entropy Gathering Daemon (EGD) over a local 20e71b7053SJung-uk Kimsocket to obtain randomness and seed the OpenSSL RNG. 21e71b7053SJung-uk KimThe protocol used is defined by the EGDs available at 22e71b7053SJung-uk KimL<http://egd.sourceforge.net/> or L<http://prngd.sourceforge.net>. 23e71b7053SJung-uk Kim 24e71b7053SJung-uk KimRAND_egd_bytes() requests B<num> bytes of randomness from an EGD at the 25e71b7053SJung-uk Kimspecified socket B<path>, and passes the data it receives into RAND_add(). 26e71b7053SJung-uk KimRAND_egd() is equivalent to RAND_egd_bytes() with B<num> set to 255. 27e71b7053SJung-uk Kim 28e71b7053SJung-uk KimRAND_query_egd_bytes() requests B<num> bytes of randomness from an EGD at 29e71b7053SJung-uk Kimthe specified socket B<path>, where B<num> must be less than 256. 30e71b7053SJung-uk KimIf B<buf> is B<NULL>, it is equivalent to RAND_egd_bytes(). 31e71b7053SJung-uk KimIf B<buf> is not B<NULL>, then the data is copied to the buffer and 32e71b7053SJung-uk KimRAND_add() is not called. 33e71b7053SJung-uk Kim 34e71b7053SJung-uk KimOpenSSL can be configured at build time to try to use the EGD for seeding 35e71b7053SJung-uk Kimautomatically. 36e71b7053SJung-uk Kim 37e71b7053SJung-uk Kim=head1 RETURN VALUES 38e71b7053SJung-uk Kim 39e71b7053SJung-uk KimRAND_egd() and RAND_egd_bytes() return the number of bytes read from the 40e71b7053SJung-uk Kimdaemon on success, or -1 if the connection failed or the daemon did not 41e71b7053SJung-uk Kimreturn enough data to fully seed the PRNG. 42e71b7053SJung-uk Kim 43e71b7053SJung-uk KimRAND_query_egd_bytes() returns the number of bytes read from the daemon on 44e71b7053SJung-uk Kimsuccess, or -1 if the connection failed. 45e71b7053SJung-uk Kim 46e71b7053SJung-uk Kim=head1 SEE ALSO 47e71b7053SJung-uk Kim 48e71b7053SJung-uk KimL<RAND_add(3)>, 49e71b7053SJung-uk KimL<RAND_bytes(3)>, 50e71b7053SJung-uk KimL<RAND(7)> 51e71b7053SJung-uk Kim 52e71b7053SJung-uk Kim=head1 COPYRIGHT 53e71b7053SJung-uk Kim 54e71b7053SJung-uk KimCopyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. 55e71b7053SJung-uk Kim 56*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 57e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 58e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 59e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 60e71b7053SJung-uk Kim 61e71b7053SJung-uk Kim=cut 62