blob: 3e57e8430dce2534fde549ab4dbd7c8553a3b6b1 [file] [log] [blame]
=pod
=head1 NAME
RAND_egd, RAND_egd_bytes, RAND_query_egd_bytes - query entropy gathering daemon
=head1 SYNOPSIS
#include <openssl/rand.h>
int RAND_egd_bytes(const char *path, int num);
int RAND_egd(const char *path);
int RAND_query_egd_bytes(const char *path, unsigned char *buf, int num);
=head1 DESCRIPTION
On older platforms without a good source of randomness such as C</dev/urandom>,
it is possible to query an Entropy Gathering Daemon (EGD) over a local
socket to obtain randomness and seed the OpenSSL RNG.
The protocol used is defined by the EGDs available at
L<http://egd.sourceforge.net/> or L<http://prngd.sourceforge.net>.
RAND_egd_bytes() requests B<num> bytes of randomness from an EGD at the
specified socket B<path>, and passes the data it receives into RAND_add().
RAND_egd() is equivalent to RAND_egd_bytes() with B<num> set to 255.
RAND_query_egd_bytes() requests B<num> bytes of randomness from an EGD at
the specified socket B<path>, where B<num> must be less than 256.
If B<buf> is B<NULL>, it is equivalent to RAND_egd_bytes().
If B<buf> is not B<NULL>, then the data is copied to the buffer and
RAND_add() is not called.
OpenSSL can be configured at build time to try to use the EGD for seeding
automatically.
=head1 RETURN VALUES
RAND_egd() and RAND_egd_bytes() return the number of bytes read from the
daemon on success, or -1 if the connection failed or the daemon did not
return enough data to fully seed the PRNG.
RAND_query_egd_bytes() returns the number of bytes read from the daemon on
success, or -1 if the connection failed.
=head1 SEE ALSO
L<RAND_add(3)>,
L<RAND_bytes(3)>,
L<RAND(7)>
=head1 COPYRIGHT
Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut