On Wed, Oct 10, 2012 at 1:34 PM,
<[email protected]> wrote:
> I want to find common improper usages of OpenSSL library for SSL/TLS.
>
> Can be reverse-engineered from a "how to properly use OpenSSL" FAQ,
> probably, but would prefer information to the first point rather than
> its complement.
> --
> http://www.subspacefield.org/~travis/
Calling RAND_pseudo_bytes instead of RAND_bytes. To make matters
worst, they return slightly different values - 0 means failure for
RAND_bytes; while 0 means "non-cryptographic bytes have been returned"
for RAND_pseudo_bytes.
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
