projects / thirdparty / rng-tools.git / blame
| Commit | Line | Data |
|---|---|---|
| 61af3de3 JG |
1 | .\" Copyright (c) 2004 Henrique de Moraes Holschuh -- hmh@debian.org |
| 2 | .\" | |
| 3 | .TH RNGTEST 1 "March 2004" "@PACKAGE@ @VERSION@" | |
| 4 | ||
| 5 | .SH NAME | |
| 6 | rngtest \- Check the randomness of data using FIPS 140-2 tests | |
| 7 | ||
| 8 | .SH SYNOPSIS | |
| 9 | .B rngtest | |
| 10 | [\fB\-c\fR \fIn\fR | \fB\-\-blockcount=\fIn\fR] | |
| 11 | [\fB\-b\fR \fIn\fR | \fB\-\-blockstats=\fIn\fR] | |
| 12 | [\fB\-t\fR \fIn\fR | \fB\-\-timedstats=\fIn\fR] | |
| 13 | [\fB\-p\fR | \fB\-\-pipe\fR] | |
| 14 | [\fB\-?\fR] [\fB\-\-help\fR] | |
| 15 | [\fB\-V\fR] [\fB\-\-version\fR] | |
| 16 | .RI | |
| 17 | ||
| 18 | .SH DESCRIPTION | |
| 19 | \fIrngtest\fR works on blocks of 20000 bits at a time, using the FIPS 140-2 | |
| 20 | (errata of 2001-10-10) tests to verify the randomness of the block of data. | |
| 21 | .PP | |
| 22 | It takes input from \fIstdin\fR, and outputs statistics to \fIstderr\fR, | |
| 23 | optionally echoing blocks that passed the FIPS tests to \fIstdout\fR | |
| 24 | (when operating in \fIpipe mode\fR). Errors are sent to \fIstderr\fR. | |
| 25 | .PP | |
| 26 | At startup, \fIrngtest\fR will trow away the first 32 bits of data when | |
| 27 | operating in \fIpipe mode\fR. It will use the next 32 bits of data to | |
| 28 | bootstrap the FIPS tests (even when not operating in \fIpipe mode\fR). | |
| 29 | These bits are not tested for randomness. | |
| 30 | .PP | |
| 31 | Statistics are dumped to \fIstderr\fR when the program exits. | |
| 32 | ||
| 33 | .SH OPTIONS | |
| 34 | .TP | |
| 35 | \fB\-p\fR, \fB\-\-pipe\fR | |
| 36 | Enable \fIpipe mode\fR. All data blocks that pass the FIPS tests are | |
| 37 | echoed to \fIstdout\fR, and \fIrngtest\fR operates in silent mode. | |
| 38 | .TP | |
| 39 | \fB\-c\fR \fIn\fR, \fB\-\-blockcount=\fIn\fR (default: 0) | |
| 40 | Exit after processing n input blocks, if n is not zero. | |
| 41 | .TP | |
| 42 | \fB\-b\fR \fIn\fR, \fB\-\-blockstats=\fIn\fR (default: 0) | |
| 43 | Dump statistics every n blocks, if n is not zero. | |
| 44 | .TP | |
| 45 | \fB\-t\fR \fIn\fR, \fB\-\-timedstats=\fIn\fR (default: 0) | |
| 1696181f | 46 | Dump statistics every n seconds, if n is not zero. |
| 61af3de3 JG |
47 | .TP |
| 48 | \fB\-?\fR, \fB\-\-help\fR | |
| 49 | Give a short summary of all program options. | |
| 50 | .TP | |
| 51 | \fB\-V\fR, \fB\-\-version\fR | |
| 52 | Print program version | |
| 53 | ||
| 54 | .SH STATISTICS | |
| 55 | \fIrngtest\fR will dump statistics to \fIstderr\fR when it exits, and | |
| 56 | when told to by \fIblockstats\fR or \fItimedstats\fR. | |
| 57 | .PP | |
| 58 | \fBFIPS 140-2 successes\fR and \fBFIPS 140-2 failures\fR counts the number of | |
| 59 | 20000-bit blocks either accepted or rejected by the FIPS 140-2 tests. The | |
| 60 | other statistics show a breakdown of the FIPS 140-2 failures by FIPS | |
| 61 | 140-2 test. See the FIPS 140-2 document for more information (note that these | |
| 62 | tests are defined on FIPS 140-1 and FIPS 140-2 errata of 2001-10-10. They | |
| 63 | were removed in FIPS 140-2 errata of 2002-12-03). | |
| 64 | .PP | |
| 1696181f | 65 | The speed statistics are taken for every 20000-bit block transferred or |
| 61af3de3 JG |
66 | processed. |
| 67 | ||
| 68 | .SH EXIT STATUS | |
| 69 | .TP | |
| 70 | \fB0\fR if no errors happen, and no blocks fail the FIPS tests. | |
| 71 | .TP | |
| 72 | \fB1\fR if no errors happen, but at least one block fails the FIPS tests. | |
| 73 | .TP | |
| 74 | \fB10\fR if there are problems with the parameters. | |
| 75 | .TP | |
| 76 | \fB11\fR if an input/output error happens. | |
| 77 | .TP | |
| 78 | \fB12\fR if an operating system or resource starvation error happens. | |
| 79 | ||
| 80 | .SH SEE ALSO | |
| 81 | random(4), rngd(8) | |
| 82 | .TP | |
| 83 | FIPS PUB 140-2 Security Requirements for Cryptographic Modules, NIST, | |
| 84 | http://csrc.nist.gov/cryptval/140-2.htm | |
| 85 | ||
| 86 | .SH AUTHORS | |
| 87 | Henrique de Moraes Holschuh <hmh@debian.org> | |
| 88 |