2 * rngd.c -- Random Number Generator daemon
4 * rngd reads data from a hardware random number generator, verifies it
5 * looks like random data, and adds it to /dev/random's entropy store.
7 * In theory, this should allow you to read very quickly from
8 * /dev/random; rngd also adds bytes to the entropy store periodically
9 * when it's full, which makes predicting the entropy store's contents
12 * Copyright (C) 2001 Philipp Rumpf
14 * This program is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2 of the License, or
17 * (at your option) any later version.
19 * This program is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with this program; if not, write to the Free Software
26 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
32 #error Invalid or missing autoconf build environment
35 #include "rng-tools-config.h"
41 #include <sys/types.h>
52 #include "rngd_entsource.h"
53 #include "rngd_linux.h"
59 /* Background/daemon mode */
60 int am_daemon
; /* Nonzero if we went daemon */
62 /* Command line arguments and processing */
63 const char *argp_program_version
=
65 "Copyright 2001-2004 Jeff Garzik\n"
66 "Copyright (c) 2001 by Philipp Rumpf\n"
67 "This is free software; see the source for copying conditions. There is NO "
68 "warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.";
70 const char *argp_program_bug_address
= PACKAGE_BUGREPORT
;
73 "Check and feed random data from hardware device to kernel entropy pool.\n";
75 static struct argp_option options
[] = {
76 { "foreground", 'f', 0, 0, "Do not fork and become a daemon" },
78 { "background", 'b', 0, 0, "Become a daemon (default)" },
80 { "random-device", 'o', "file", 0,
81 "Kernel device used for random number output (default: /dev/random)" },
83 { "rng-device", 'r', "file", 0,
84 "Kernel device used for random number input (default: /dev/hwrandom)" },
86 { "random-step", 's', "nnn", 0,
87 "Number of bytes written to random-device at a time (default: 64)" },
89 { "fill-watermark", 'W', "n", 0,
90 "Do not stop feeding entropy to random-device until at least n bits of entropy are available in the pool (default: 2048), 0 <= n <= 4096" },
92 { "timeout", 't', "nnn", 0,
93 "Interval written to random-device when the entropy pool is full, in seconds (default: 60)" },
98 static struct arguments default_arguments
= {
99 .rng_name
= "/dev/hwrandom",
100 .random_name
= "/dev/random",
103 .fill_watermark
= 2048,
106 struct arguments
*arguments
= &default_arguments
;
110 * command line processing
112 static error_t
parse_opt (int key
, char *arg
, struct argp_state
*state
)
116 arguments
->random_name
= arg
;
119 arguments
->rng_name
= arg
;
123 if (sscanf(arg
, "%f", &f
) == 0)
126 arguments
->poll_timeout
= f
;
131 arguments
->daemon
= 0;
134 arguments
->daemon
= 1;
137 if (sscanf(arg
, "%i", &arguments
->random_step
) == 0)
142 if ((sscanf(arg
, "%i", &n
) == 0) || (n
< 0) || (n
> 4096))
145 arguments
->fill_watermark
= n
;
150 return ARGP_ERR_UNKNOWN
;
156 static struct argp argp
= { options
, parse_opt
, NULL
, doc
};
159 static void do_loop(int random_step
,
162 unsigned char buf
[FIPS_RNG_BUFFER_SIZE
];
167 xread(buf
, sizeof buf
);
169 fips
= fips_run_rng_test(&fipsctx
, buf
);
172 message(LOG_DAEMON
|LOG_ERR
, "failed fips test\n");
177 for (p
= buf
; p
+ random_step
<= &buf
[sizeof buf
];
179 random_add_entropy(p
, random_step
);
180 random_sleep(poll_timeout
);
186 int main(int argc
, char **argv
)
188 argp_parse(&argp
, argc
, argv
, 0, 0, arguments
);
190 /* Init entropy source, and open TRNG device */
191 init_entropy_source(arguments
->rng_name
);
193 /* Init entropy sink and open random device */
194 init_kernel_rng(arguments
->random_name
);
196 if (arguments
->daemon
) {
199 if (daemon(0, 0) < 0) {
200 fprintf(stderr
, "can't daemonize: %s\n",
205 openlog("rngd", 0, LOG_DAEMON
);
208 do_loop(arguments
->random_step
,
209 arguments
->poll_timeout
? : -1.0);