This software is Copyright 1999,2001 Enhanced Software Techologies Inc. It is released for public use under a BSD-style Open Source license. See the file "LICENSE" for the complete license.
This software is intended only for use on Unix platforms such as Solaris, SCO, or HP/UX that do not have a cryptographically strong PRNG available (normal pseudo-random number generators such as rand() produce a random distribution, but they produce a small number of PREDICTABLE random distributions, which is not what we need for cryptographic purposes -- what use is a "random" key that you can easily guess?).
The tarball contains complete source, a design document, a README, and this index.html file.
'make ocrandom' creates an executable 'ocrandom' which in turn creates a named pipe /dev/urandom. Your application then can simply read random bytes as needed by opening /dev/urandom and using normal Unix read() calls.
Simply put 'ocrandom' in your system startup somewhere. It will make the named pipe /dev/urandom automatically. As of ocrandom version 0.3, it will also clean up its named pipe upon recieving an exit signal.
*WARNING* If you are on Linux or *BSD, this should be merely an instructional tool, the /dev/random and /dev/urandom available on those operating systems is far more secure because, by having access to OS innards, it has much larger sources of true randomness ("entropy").
If you are on Windows, you should use Bruce Schneier's "Yarrow" (http://www.counterpane.com) for similar reasons.
Please read the file "README" and examine the file "ocotillo-design.ps" prior to use of Ocotillo. Ocotillo was written for one specific application ( as the source for cryptographically strong keys and challenges for BRU Professional backup agents ) and has limits that originate with the needs of that application.
There is an odd interaction with OpenSSH. Upon a system crash, the named pipe /dev/urandom may not be cleaned up by ocrandom. If OpenSSH can open a file named '/dev/urandom', it opens it and tries to read a challenge string. Well, if OpenSSH starts up before Ocotillo does, OpenSSH hangs. On Solaris, at least, this can result in the entire system hanging upon boot. Moral of the story: Either use the "-f" option to move the named pipe somewhere else, or start up Ocotillo before you start up OpenSSH.