1KCAPI-RNG(1)                General Commands Manual               KCAPI-RNG(1)
2
3
4

NAME

6       kcapi-rng - Kernel Crypto API Random Number Gatherer
7

SYNOPSIS

9       kcapi-rng [OPTION]
10

DESCRIPTION

12       The  kcapi-rng  application provides tool to obtain random numbers from
13       the Linux kernel crypto API via the command line. The tool  is  similar
14       to  reading /dev/hwrand with the difference that the used random number
15       generators are fully deterministic - i.e. they are DRNGs.
16
17       Any potential seed data can be provided via STDIN. Some  of  the  DRNGs
18       require  seeding as they do not seed themselves. The kcapi-rng tool en‐
19       sures that the DRNGs are seeded by pulling the seed data from  the  ge‐
20       trandom  system  call  (or /dev/urandom if getrandom is not available).
21       The amount of seed data is defined by the DRNG itself and  can  be  re‐
22       viewed  by assessing /proc/crypto.  The seed provided via STDIN will be
23       added to the internally-generated seed.  The generated  random  numbers
24       are written to STDOUT.
25
26       The following options are supported when invoking kcapi-rng:
27
28       -b, --bytes BYTES
29              Generate BYTES number of random bytes.
30
31       -n, --name NAME
32              The  NAME  argument specifies the random number generator imple‐
33              mentation to be used. The allowed random number  generators  are
34              defined by the Linux kernel. Currently registered ciphers can be
35              reviewed at /proc/crypto.  The content of  this  file,  however,
36              can change when new ciphers are registered. The NAME argument is
37              given directly to the Linux kernel crypto API. The chosen cipher
38              must  be  of type rng as marked in /proc/crypto.  If this option
39              is not used, the cipher stdrng is used as default.
40
41       --hex  The generated random numbers are print out in hexadecimal  nota‐
42              tion instead of as binary string.
43
44       -v, --verbose
45              Enable a verbose operation of kcapi-rng.  Using this option mul‐
46              tiple times increases the verbosity.
47
48       -q, --quiet
49              Prevent the generation of any log output.
50
51       -h, --help
52              Display the help text.
53
54       --version
55              Display the version number of the kcapi-rng application.
56

SEE ALSO

58       kcapi-enc(1) kcapi-dgst(1)
59
60
61
62                                  2017-08-14                      KCAPI-RNG(1)
Impressum