This commit is contained in:
Ulf Möller 2001-02-08 17:14:07 +00:00
parent 792e2ce7f4
commit 9fbc45b159

View File

@ -23,6 +23,11 @@ RAND_egd_bytes(path, 255);
RAND_egd_bytes() queries the entropy gathering daemon EGD on socket B<path>. RAND_egd_bytes() queries the entropy gathering daemon EGD on socket B<path>.
It queries B<bytes> bytes and uses L<RAND_add(3)|RAND_add(3)> to seed the It queries B<bytes> bytes and uses L<RAND_add(3)|RAND_add(3)> to seed the
OpenSSL built-in PRNG. OpenSSL built-in PRNG.
This function is more flexible than RAND_egd().
When only one secret key must
be generated, it is not necessary to request the full amount 255 bytes from
the EGD socket. This can be advantageous, since the amount of entropy
that can be retrieved from EGD over time is limited.
RAND_query_egd_bytes() performs the actual query of the EGD daemon on socket RAND_query_egd_bytes() performs the actual query of the EGD daemon on socket
B<path>. If B<buf> is given, B<bytes> bytes are queried and written into B<path>. If B<buf> is given, B<bytes> bytes are queried and written into
@ -36,12 +41,6 @@ the EGD entropy gathering daemon can be used to collect entropy. It provides
a socket interface through which entropy can be gathered in chunks up to a socket interface through which entropy can be gathered in chunks up to
255 bytes. Several chunks can be queried during one connection. 255 bytes. Several chunks can be queried during one connection.
While RAND_egd() is longer available (see HISTORY section), the
RAND_egd_bytes() function is more flexible. When only one secret key must
be generated, it is not needed to request the full amount 255 bytes from
the EGD socket. This can be advantageous, since the amount of entropy
that can be retrieved from EGD over time is limited.
EGD is available from http://www.lothar.com/tech/crypto/ (C<perl EGD is available from http://www.lothar.com/tech/crypto/ (C<perl
Makefile.PL; make; make install> to install). It is run as B<egd> Makefile.PL; make; make install> to install). It is run as B<egd>
I<path>, where I<path> is an absolute path designating a socket. When I<path>, where I<path> is an absolute path designating a socket. When