kcapi-rng

KCAPI-RNG(1)                General Commands Manual               KCAPI-RNG(1)



NAME
       kcapi-rng - Kernel Crypto API Random Number Gatherer

SYNOPSIS
       kcapi-rng [OPTION]

DESCRIPTION
       The kcapi-rng application provides tool to obtain random numbers from
       the Linux kernel crypto API via the command line. The tool is similar
       to reading /dev/hwrand with the difference that the used random number
       generators are fully deterministic - i.e. they are DRNGs.

       Any potential seed data can be provided via STDIN. Some of the DRNGs
       require seeding as they do not seed themselves. The kcapi-rng tool
       ensures that the DRNGs are seeded by pulling the seed data from the
       getrandom system call (or /dev/urandom if getrandom is not available).
       The amount of seed data is defined by the DRNG itself and can be
       reviewed by assessing /proc/crypto.  The seed provided via STDIN will
       be added to the internally-generated seed.  The generated random
       numbers are written to STDOUT.

       The following options are supported when invoking kcapi-rng:

       -b, --bytes BYTES
              Generate BYTES number of random bytes.

       -n, --name NAME
              The NAME argument specifies the random number generator
              implementation to be used. The allowed random number generators
              are defined by the Linux kernel. Currently registered ciphers
              can be reviewed at /proc/crypto.  The content of this file,
              however, can change when new ciphers are registered. The NAME
              argument is given directly to the Linux kernel crypto API. The
              chosen cipher must be of type rng as marked in /proc/crypto.  If
              this option is not used, the cipher stdrng is used as default.

       --hex  The generated random numbers are print out in hexadecimal
              notation instead of as binary string.

       -v, --verbose
              Enable a verbose operation of kcapi-rng.  Using this option
              multiple times increases the verbosity.

       -q, --quiet
              Prevent the generation of any log output.

       -h, --help
              Display the help text.

       --version
              Display the version number of the kcapi-rng application.

SEE ALSO
       kcapi-enc(1) kcapi-dgst(1)



                                  2017-08-14                      KCAPI-RNG(1)