1KCAPI-RNG(1)                General Commands Manual               KCAPI-RNG(1)
2
3
4

NAME

6       kcapi-rng - Kernel Crypto API Random Number Gatherer
7

SYNOPSIS

9       kcapi-rng [OPTION]
10

DESCRIPTION

12       The  kcapi-rng  application provides tool to obtain random numbers from
13       the Linux kernel crypto API via the command line. The tool  is  similar
14       to  reading /dev/hwrand with the difference that the used random number
15       generators are fully deterministic - i.e. they are DRNGs.
16
17       Any potential seed data can be provided via STDIN. Some  of  the  DRNGs
18       require  seeding  as  they  do  not seed themselves. The kcapi-rng tool
19       ensures that the DRNGs are seeded by pulling the  seed  data  from  the
20       getrandom  system call (or /dev/urandom if getrandom is not available).
21       The amount of seed data is defined  by  the  DRNG  itself  and  can  be
22       reviewed  by  assessing /proc/crypto.  The seed provided via STDIN will
23       be added to the internally-generated seed.  The generated  random  num‐
24       bers are written to STDOUT.
25
26       The following options are supported when invoking kcapi-rng:
27
28       -b, --bytes BYTES
29              Generate BYTES number of random bytes.
30
31       -n, --name NAME
32              The  NAME  argument specifies the random number generator imple‐
33              mentation to be used. The allowed random number  generators  are
34              defined by the Linux kernel. Currently registered ciphers can be
35              reviewed at /proc/crypto.  The content of  this  file,  however,
36              can change when new ciphers are registered. The NAME argument is
37              given directly to the Linux kernel crypto API. The chosen cipher
38              must  be  of type rng as marked in /proc/crypto.  If this option
39              is not used, the cipher stdrng is used as default.
40
41       --hex  The generated random numbers are print out in hexadecimal  nota‐
42              tion instead of as binary string.
43
44       -v, --verbose
45              Enable a verbose operation of kcapi-rng.  Using this option mul‐
46              tiple times increases the verbosity.
47
48       -q, --quiet
49              Prevent the generation of any log output.
50
51       -h, --help
52              Display the help text.
53
54       --version
55              Display the version number of the kcapi-rng application.
56

SEE ALSO

58       kcapi-enc(1) kcapi-dgst(1)
59
60
61
62                                  2017-08-14                      KCAPI-RNG(1)
Impressum