xref: /freebsd/crypto/openssl/doc/man3/RAND_egd.pod (revision 7fdf597e96a02165cfe22ff357b857d5fa15ed8a)
1=pod
2
3=head1 NAME
4
5RAND_egd, RAND_egd_bytes, RAND_query_egd_bytes - query entropy gathering daemon
6
7=head1 SYNOPSIS
8
9 #include <openssl/rand.h>
10
11 int RAND_egd_bytes(const char *path, int num);
12 int RAND_egd(const char *path);
13
14 int RAND_query_egd_bytes(const char *path, unsigned char *buf, int num);
15
16=head1 DESCRIPTION
17
18On older platforms without a good source of randomness such as C</dev/urandom>,
19it is possible to query an Entropy Gathering Daemon (EGD) over a local
20socket to obtain randomness and seed the OpenSSL RNG.
21The protocol used is defined by the EGDs available at
22L<http://egd.sourceforge.net/> or L<http://prngd.sourceforge.net>.
23
24RAND_egd_bytes() requests B<num> bytes of randomness from an EGD at the
25specified socket B<path>, and passes the data it receives into RAND_add().
26RAND_egd() is equivalent to RAND_egd_bytes() with B<num> set to 255.
27
28RAND_query_egd_bytes() requests B<num> bytes of randomness from an EGD at
29the specified socket B<path>, where B<num> must be less than 256.
30If B<buf> is B<NULL>, it is equivalent to RAND_egd_bytes().
31If B<buf> is not B<NULL>, then the data is copied to the buffer and
32RAND_add() is not called.
33
34OpenSSL can be configured at build time to try to use the EGD for seeding
35automatically.
36
37=head1 RETURN VALUES
38
39RAND_egd() and RAND_egd_bytes() return the number of bytes read from the
40daemon on success, or -1 if the connection failed or the daemon did not
41return enough data to fully seed the PRNG.
42
43RAND_query_egd_bytes() returns the number of bytes read from the daemon on
44success, or -1 if the connection failed.
45
46=head1 SEE ALSO
47
48L<RAND_add(3)>,
49L<RAND_bytes(3)>,
50L<RAND(7)>
51
52=head1 COPYRIGHT
53
54Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
55
56Licensed under the Apache License 2.0 (the "License").  You may not use
57this file except in compliance with the License.  You can obtain a copy
58in the file LICENSE in the source distribution or at
59L<https://www.openssl.org/source/license.html>.
60
61=cut
62