Server IP : 66.29.132.122 / Your IP : 18.119.129.77 Web Server : LiteSpeed System : Linux business142.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64 User : admazpex ( 531) PHP Version : 7.2.34 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /proc/self/root/opt/alt/openssl/share/man/man3/ |
Upload File : |
.\" Automatically generated by Pod::Man 4.11 (Pod::Simple 3.35) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] \fP .\} .if t \{\ . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff .if n \{\ . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} .if t \{\ . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' .ds 8 \h'\*(#H'\(*b\h'-\*(#H' .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] .ds ae a\h'-(\w'a'u*4/10)'e .ds Ae A\h'-(\w'A'u*4/10)'E . \" corrections for vroff .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' . \" for low resolution devices (crt and lpr) .if \n(.H>23 .if \n(.V>19 \ \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} .rm #[ #] #H #V #F C .\" ======================================================================== .\" .IX Title "RAND_egd 3" .TH RAND_egd 3 "2019-12-20" "1.0.2u" "OpenSSL" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" RAND_egd, RAND_egd_bytes, RAND_query_egd_bytes \- query entropy gathering daemon .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 1 \& #include <openssl/rand.h> \& \& int RAND_egd(const char *path); \& int RAND_egd_bytes(const char *path, int bytes); \& \& int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes); .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" \&\fBRAND_egd()\fR queries the entropy gathering daemon \s-1EGD\s0 on socket \fBpath\fR. It queries 255 bytes and uses \fBRAND_add\fR\|(3) to seed the OpenSSL built-in \s-1PRNG.\s0 RAND_egd(path) is a wrapper for RAND_egd_bytes(path, 255); .PP \&\fBRAND_egd_bytes()\fR queries the entropy gathering daemon \s-1EGD\s0 on socket \fBpath\fR. It queries \fBbytes\fR bytes and uses \fBRAND_add\fR\|(3) to seed the OpenSSL built-in \s-1PRNG.\s0 This function is more flexible than \fBRAND_egd()\fR. When only one secret key must be generated, it is not necessary to request the full amount 255 bytes from the \s-1EGD\s0 socket. This can be advantageous, since the amount of entropy that can be retrieved from \s-1EGD\s0 over time is limited. .PP \&\fBRAND_query_egd_bytes()\fR performs the actual query of the \s-1EGD\s0 daemon on socket \&\fBpath\fR. If \fBbuf\fR is given, \fBbytes\fR bytes are queried and written into \&\fBbuf\fR. If \fBbuf\fR is \s-1NULL,\s0 \fBbytes\fR bytes are queried and used to seed the OpenSSL built-in \s-1PRNG\s0 using \fBRAND_add\fR\|(3). .SH "NOTES" .IX Header "NOTES" On systems without /dev/*random devices providing entropy from the kernel, the \s-1EGD\s0 entropy gathering daemon can be used to collect entropy. It provides a socket interface through which entropy can be gathered in chunks up to 255 bytes. Several chunks can be queried during one connection. .PP \&\s-1EGD\s0 is available from http://www.lothar.com/tech/crypto/ (\f(CW\*(C`perl Makefile.PL; make; make install\*(C'\fR to install). It is run as \fBegd\fR \&\fIpath\fR, where \fIpath\fR is an absolute path designating a socket. When \&\fBRAND_egd()\fR is called with that path as an argument, it tries to read random bytes that \s-1EGD\s0 has collected. \fBRAND_egd()\fR retrieves entropy from the daemon using the daemon's \*(L"non-blocking read\*(R" command which shall be answered immediately by the daemon without waiting for additional entropy to be collected. The write and read socket operations in the communication are blocking. .PP Alternatively, the EGD-interface compatible daemon \s-1PRNGD\s0 can be used. It is available from http://prngd.sourceforge.net/ . \&\s-1PRNGD\s0 does employ an internal \s-1PRNG\s0 itself and can therefore never run out of entropy. .PP OpenSSL automatically queries \s-1EGD\s0 when entropy is requested via \fBRAND_bytes()\fR or the status is checked via \fBRAND_status()\fR for the first time, if the socket is located at /var/run/egd\-pool, /dev/egd\-pool or /etc/egd\-pool. .SH "RETURN VALUE" .IX Header "RETURN VALUE" \&\fBRAND_egd()\fR and \fBRAND_egd_bytes()\fR return the number of bytes read from the daemon on success, and \-1 if the connection failed or the daemon did not return enough data to fully seed the \s-1PRNG.\s0 .PP \&\fBRAND_query_egd_bytes()\fR returns the number of bytes read from the daemon on success, and \-1 if the connection failed. The \s-1PRNG\s0 state is not considered. .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fBrand\fR\|(3), \fBRAND_add\fR\|(3), \&\fBRAND_cleanup\fR\|(3) .SH "HISTORY" .IX Header "HISTORY" \&\fBRAND_egd()\fR is available since OpenSSL 0.9.5. .PP \&\fBRAND_egd_bytes()\fR is available since OpenSSL 0.9.6. .PP \&\fBRAND_query_egd_bytes()\fR is available since OpenSSL 0.9.7. .PP The automatic query of /var/run/egd\-pool et al was added in OpenSSL 0.9.7.