Provided by: kcapi-tools_1.0.3-2_amd64 
NAME
kcapi-rng - Kernel Crypto API Random Number Gatherer
SYNOPSIS
kcapi-rng [OPTION]
DESCRIPTION
The kcapi-rng application provides tool to obtain random numbers from the Linux kernel crypto API via the
command line. The tool is similar to reading /dev/hwrand with the difference that the used random number
generators are fully deterministic - i.e. they are DRNGs.
Any potential seed data can be provided via STDIN. Some of the DRNGs require seeding as they do not seed
themselves. The kcapi-rng tool ensures that the DRNGs are seeded by pulling the seed data from the
getrandom system call (or /dev/urandom if getrandom is not available). The amount of seed data is defined
by the DRNG itself and can be reviewed by assessing /proc/crypto. The seed provided via STDIN will be
added to the internally-generated seed. The generated random numbers are written to STDOUT.
The following options are supported when invoking kcapi-rng:
-b, --bytes BYTES
Generate BYTES number of random bytes.
-n, --name NAME
The NAME argument specifies the random number generator implementation to be used. The allowed
random number generators are defined by the Linux kernel. Currently registered ciphers can be
reviewed at /proc/crypto. The content of this file, however, can change when new ciphers are
registered. The NAME argument is given directly to the Linux kernel crypto API. The chosen cipher
must be of type rng as marked in /proc/crypto. If this option is not used, the cipher stdrng is
used as default.
--hex The generated random numbers are print out in hexadecimal notation instead of as binary string.
-v, --verbose
Enable a verbose operation of kcapi-rng. Using this option multiple times increases the
verbosity.
-q, --quiet
Prevent the generation of any log output.
-h, --help
Display the help text.
--version
Display the version number of the kcapi-rng application.
SEE ALSO
kcapi-enc(1) kcapi-dgst(1)
2017-08-14 KCAPI-RNG(1)